-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 12/28/2012 01:10 AM, Kristen R wrote:
I am finding after a reboot of my server these AVC denials:
type=AVC msg=audit(1356666298.031:40): avc: denied { read } for pid=2837 comm="iptables" path="inotify" dev=inotifyfs ino=337 scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir
Installed is: selinux-policy-2.4.6-327.el5
on a CentOS 5.5 build with kernel 2.6.18-308.24.1.el5
Should this be allowed?
Kristen
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Most likely a leak, and you could dontaudit it.
http://danwalsh.livejournal.com/53603.html