-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 02/17/2012 11:43 AM, m.roth@5-cent.us wrote:
I'm running CentOS 6.2, all updates. selinux-policy 3.7.19-126.el6_2.6. I see /usr/share/selinux/devel/include/admin/mcelog.if: ######################################## ## <summary> ## Execute a domain transition to run mcelog. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed to transition. ## </summary> ## </param> # interface(`mcelog_domtrans',` gen_require(` type mcelog_t, mcelog_exec_t; ')
domtrans_pattern($1, mcelog_exec_t, mcelog_t) ')
Yet, I'm seeing SELinux is preventing /usr/sbin/mcelog from getattr access on the file /var/run/mcelog.pid.
Now, from some googling, it *looks* as though this was fixed already. Am I missing something, or has this bug been reintroduced?
mark
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Well i am not sure if it is was fixed in 6.2 policy or 6.3. I provide the current selinux policy prerelease in people.redhat.com/dwalsh/SELinux/RHEL6