PDA

View Full Version : semodule problem



bart3005
8th May 2006, 02:51 PM
Hi

I have a FC5 64bit setup. Selinux won't let me run semodule for some reason.

I'm getting the below when every I try and run this command. I want to insert some of my own policys.

Any help appreciated.

Regards
Daniel

[root@bajor ~]# semodule
audit(1147095794.147:290): avc: denied { use } for pid=12490 comm="semodule" name="tty1" dev=tmpfs ino=1262
scontext=root:system_r:semanage_t:s0-s0:c0.c255 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c255 tclass=fd
audit(1147095794.147:291): avc: denied { use } for pid=12490 comm="semodule" name="tty1" dev=tmpfs ino=1262
scontext=root:system_r:semanage_t:s0-s0:c0.c255 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c255 tclass=fd
audit(1147095794.151:292): avc: denied { use } for pid=12490 comm="semodule" name="tty1" dev=tmpfs ino=1262
scontext=root:system_r:semanage_t:s0-s0:c0.c255 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c255 tclass=fd

RahulSundaram
8th May 2006, 05:54 PM
Hi

I have a FC5 64bit setup. Selinux won't let me run semodule for some reason.

I'm getting the below when every I try and run this command. I want to insert some of my own policys.

Any help appreciated.

Regards
Daniel

[root@bajor ~]# semodule
audit(1147095794.147:290): avc: denied { use } for pid=12490 comm="semodule" name="tty1" dev=tmpfs ino=1262
scontext=root:system_r:semanage_t:s0-s0:c0.c255 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c255 tclass=fd
audit(1147095794.147:291): avc: denied { use } for pid=12490 comm="semodule" name="tty1" dev=tmpfs ino=1262
scontext=root:system_r:semanage_t:s0-s0:c0.c255 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c255 tclass=fd
audit(1147095794.151:292): avc: denied { use } for pid=12490 comm="semodule" name="tty1" dev=tmpfs ino=1262
scontext=root:system_r:semanage_t:s0-s0:c0.c255 tcontext=system_u:system_r:local_login_t:s0-s0:c0.c255 tclass=fd


Try posting in fedora-selinux list

http://www.redhat.com/mailman/listinfo/fedora-selinux-list

Firewing1
8th May 2006, 06:07 PM
I noticed that, too. Run
setenforce 0as root, do your semodule work, and then type
setenforce 0as root when you're done.
Firewing1