* some problem SE Linux
@ 2005-07-09 7:36 Preeti Malakar
2005-07-09 22:11 ` ANN: SLAT 2.0 John D. Ramsdell
0 siblings, 1 reply; 2+ messages in thread
From: Preeti Malakar @ 2005-07-09 7:36 UTC (permalink / raw)
To: SELinux, sds
Sir
I am using Fedora Core 2 with SE Linux enabled .. When I was
working in the text mode (with context as root;sysadm_r:sysadm_t), I
encountered some problems
i) I found that after every few minutes the tty which is opened is
showing the following message
audit(1120886700.973:0):avc : denied { transition } for pid=3429
exe=/usr/sbin/crond path=/bin/bash dev=sda12 ino=355528
scontext=system_u:system_r:crond_t tcontext=user_u:sysadm_r;sysadm_t
tclass=process
Please tell me why is this message being shown
ii) While adding a user using #useradd foo , I got the following message...
audit(1120890662.162:0);avc:denied { read write } for pid=11204
exe=/usr/sbin/useradd name=group.lock dev=sda12 ino=604951
scontext=root_sysadm_r:useradd_t
tcontext=system_u:object_r:firstboot_rw_t tclass=file
useradd;error locking group file
I could not add user, please help me
iii) While logging in as user preeti it shows audit(1120887420.309:0)
:avc:denied { read } for pid=3563 exe=/bin/bash name=.bash_profile
dev=sda12 ino=664419 scontext= user_u:user_r:user_t
tcontext=system_u:object_r:home_root_t tclass=file
-bash: /home/preeti/.bash_profile Permission denied
-bash-2.05b$
Sir, please tell me what is going on, I cannot understand
--
PREETI MALAKAR
M.TECH CSE 2nd YR
IIT GUWAHTI
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
* ANN: SLAT 2.0
2005-07-09 7:36 some problem SE Linux Preeti Malakar
@ 2005-07-09 22:11 ` John D. Ramsdell
0 siblings, 0 replies; 2+ messages in thread
From: John D. Ramsdell @ 2005-07-09 22:11 UTC (permalink / raw)
To: SELinux; +Cc: ramsdell, sds
SLAT is used to analyze SE Linux policy, and see if it meets policy
goals. It does so by transforming policy and the goals into input for
a model checker. The model checker reports the policy goal the
failures it finds.
SLAT version 2.0 is available at <http://www.mitre.org/tech/selinux>.
The current MLS format is not accepted by SLAT 1.x.x, so this version
uses APOL's permission mappings to specify the direction in which
information flows for each class-permission pair. It also analyzes
binary policies instead of the source version of the policy. If you
download the source version of SLAT 2.0, be sure to install
libsepol-devel.
Sorry if this is a repeat. I thought I sent out the same message
yesterday.
John
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-07-11 13:08 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-09 7:36 some problem SE Linux Preeti Malakar
2005-07-09 22:11 ` ANN: SLAT 2.0 John D. Ramsdell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.