From mboxrd@z Thu Jan  1 00:00:00 1970
From: James Antill <jantill@redhat.com>
Subject: Re: audit 1.2.2 released
Date: Wed, 24 May 2006 16:58:31 -0400
Message-ID: <1148504311.8828.6.camel@code.and.org>
References: <200605121726.32952.sgrubb@redhat.com>	<4469F585.6030108@hp.com>
	<200605161323.32162.sgrubb@redhat.com>
	<200605221331.54945.sgrubb@redhat.com>	<4473374C.8030902@us.ibm.com>
	<44738AA0.50006@us.ibm.com> <44739521.7080602@hp.com>
	<4474B7B2.6030601@us.ibm.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0786265050=="
Return-path: <linux-audit-bounces@redhat.com>
Received: from mail.and.org (vpn83-122.boston.redhat.com [172.16.83.122])
	by pobox.corp.redhat.com (8.12.8/8.12.8) with ESMTP id k4OKwW6Z020298
	for <linux-audit@redhat.com>; Wed, 24 May 2006 16:58:32 -0400
In-Reply-To: <4474B7B2.6030601@us.ibm.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com


--===============0786265050==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
	boundary="=-7HfO7x9yKBPQGbqdQNCY"


--=-7HfO7x9yKBPQGbqdQNCY
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2006-05-24 at 14:44 -0500, Michael C Thompson wrote:
> Linda Knippers wrote:
> > I'm running the .27 kernel and the 1.2.2 tools on an x86_64
> > (Xeon/EM64T) SMP box with the targeted policy in enforcing mode.
> > I tried to reproduce the problem discussed yesterday (the very fist
> > rule doesn't take and the rest do) but it seems to work fine on my
> > system.
>=20
> I've been running mostly on an i686 (Intel) with the .27 kernel and=20
> 1.2.2 tools with the MLS policy. I've tested this on an x86_64 (AMD=20
> opteron) and see this problem too. However, this problem does NOT exist=20
> when using targeted policy, so it is most likely an MLS SELinux issue.
> My MLS policy is 2.2.42

 I've recently hit the same issue (or one that looks just like it[1]) on
current FC-5 with targeted policy in permissive mode.

[1] Program calls audit_log_user_message() at boot time, and gets -1
(EPERM) ... if you put a "for (int i =3D 1; i < 1; ++i)" in front of it,
it returns 0.

--=20
James Antill <jantill@redhat.com>

--=-7HfO7x9yKBPQGbqdQNCY
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQBEdMj311eXTEMrxtQRAr7EAKCGyUEjlH65G5oxMutQkWaj9BOPiACgjUc9
zuyDkxYubsAgsGKd+ZI3hF4=
=FFwl
-----END PGP SIGNATURE-----

--=-7HfO7x9yKBPQGbqdQNCY--


--===============0786265050==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


--===============0786265050==--