Re: Mlogc problem after aupgrade to F13

On 08/14/2010 11:35 AM, Arthur Dent wrote:

>> There are some issues:
>>
>> 1. I would go here:
>> https://lists.sourceforge.net/lists/listinfo/mod-security-users and ask
>> if it is normal that mlogc writes to certificate databases. Its trying
>> to write to files like: cert9.db, key4.db.
>
> I am already subscribed to that list so I'll post a message now...
>>
>> 2. You have a partition mounted that is not labelled properly. It is:
>> /dev/sda6. Where is that mounted?
>
> Hmmm... That's /

Ok it looks like it might want to dump core then:

Add the following to your mymlogc.te to allow mlogc_t to dump core
(manage files in /)

files_manage_root_files(mlogc_t)

>>
>> 3. Looks like mlogc wants to maintain objects in /tmp. However your logs
>> do not display what kind of objects ( e.g. it is incomplete )
>
> Sorry I don't understand what you mean...
>
>>
>> You may have removed log entries that were no duplicates.
>
> OK here are all 12...

Ok it is still not displaying, That is because it is denied access. So i
will for now assume it wants to maintain a file in /tmp:

Add the following to your mymlogc.te file for now:

type mlogc_tmp_t;
files_tmp_file(mlogc_tmp_t)

manage_files_pattern(mlogc_t, mlogc_tmp_t, mlogc_tmp_t)
files_tmp_filetrans(mlogc_t, mlogc_tmp_t, file)

>
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux

-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux

• This message: [ Message body ]
• Next message: Mr Dash Four: "avc { module_request, relabelfrom }: openvpn->tun"
• Previous message: Arthur Dent: "Re: Mlogc problem after aupgrade to F13"
• In reply to: Arthur Dent: "Re: Mlogc problem after aupgrade to F13"
• Next in thread: Arthur Dent: "Re: Mlogc problem after aupgrade to F13"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]