From: Paul Krumviede <pwk@acm.org>
To: Timothy Wood <timothy@hallcomp.com>, Stephen Smalley <sds@tislabs.com>
Cc: SELinux <SELinux@tycho.nsa.gov>
Subject: Re: network and module problems
Date: Fri, 25 Jan 2002 07:03:05 -0800 [thread overview]
Message-ID: <78301711.1011942185@localhost> (raw)
In-Reply-To: <1011969383.1945.1.camel@phobos>
--On Friday, 25 January, 2002 09:36 -0500 Timothy Wood
<timothy@hallcomp.com> wrote:
> On Thu, 2002-01-24 at 13:58, Stephen Smalley wrote:
>>
>> > module and by building it straight into the kernel. Which brings me to
>> > the module problem. Dmesg shows that it finds the nic but I never see
>> > the module as being loaded when I run lsmod and when I try to insmod it
>> > I get an error saying that it can't locate the card on the console and
>> > avc errors in the system log.
>>
>> If you build the module into the kernel, it won't show up in lsmod.
>> What AVC errors are being logged? Did you run insmod after logging
>> into the sysadm_r role? Also, is your kernel in permissive mode or
>> enforcing mode?
>
> I realise that. I merely brought it up in regards to the time when the
> network was built as a module.
>
> kernel: avc: denied { read } for pid=268 exe=/sbin/insmod
> path=/etc/modules.conf.vm dev=08:01 ino=213709
> scontext=system-U:system_r:kmod_t
> tcontext=system_u:object_r:etc_runtime_t tclass=lnk_file
are you running this inside a VMware virtual machine? i had to create
a policy file for that environment (which is yet to be tested with the
latest release; i'll send it to the list once that happens). the VMware
dualconf script instantiates /etc/modules.conf (and some other
files for X11) as a symlink to the appropriate "real" file depending
on whether one boots the guest OS as a virtual machine or on the
real hardware.
-paul
--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2002-01-25 15:03 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-01-24 17:15 network and module problems Timothy Wood
2002-01-24 18:58 ` Stephen Smalley
2002-01-25 14:36 ` Timothy Wood
2002-01-25 14:56 ` Stephen Smalley
2002-01-25 15:03 ` Paul Krumviede [this message]
2002-01-25 16:35 ` Timothy Wood
2002-01-25 17:22 ` Paul Krumviede
2002-01-25 17:47 ` Stephen Smalley
2002-01-25 17:56 ` Stephen Smalley
2002-01-25 18:22 ` Paul Krumviede
2002-01-25 18:54 ` Stephen Smalley
2002-01-25 18:49 ` Timothy Wood
2002-01-25 19:04 ` Stephen Smalley
2002-01-25 23:22 ` Timothy Wood
2002-01-28 13:57 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=78301711.1011942185@localhost \
--to=pwk@acm.org \
--cc=SELinux@tycho.nsa.gov \
--cc=sds@tislabs.com \
--cc=timothy@hallcomp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.