search for: init_t

How to resolve this SElinux problem? type=USER_AVC msg=audit(1513478641.700:1920): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { reload } for auid=0 uid=0 gid=0 cmdline="/usr/bin/systemctl reload named-chroot.service" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:init_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=...

...r/www/html/index.html of type httpd_sys_content_t." however the doc doesn't define what "similar types" means. I assumed it just meant "beginning with the same prefix". However that can't be right because on my system with SELinux turned on, httpd runs as type init_t: [root at peacefire04 - /root # ps awuxZ | grep httpd | head -n 3 system_u:system_r:init_t:s0 root 2521 0.1 0.4 21680 8820 ? Ss 05:05 0:00 /usr/sbin/httpd system_u:system_r:init_t:s0 apache 2550 0.0 0.4 23364 8920 ? S 05:05 0:00 /usr/sbin/httpd syst...

...:33 - 15:27 (01:54) reboot system boot 4.18.0-193.6.3.e Fri Jul 24 01:20 - 13:33 (12:13) # ausearch -m avc --start today ---- time->Fri Jul 24 01:20:08 2020 type=AVC msg=audit(1595546408.754:28): avc: denied { remount } for pid=952 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:httpd_var_run_t:s0 tclass=filesystem permissive=0 ---- time->Fri Jul 24 13:34:04 2020 type=AVC msg=audit(1595590444.080:29): avc: denied { remount } for pid=1020 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:httpd_v...

...24 01:20 - 13:33 >> (12:13) >> >> >> # ausearch -m avc --start today >> ---- >> time->Fri Jul 24 01:20:08 2020 >> type=AVC msg=audit(1595546408.754:28): avc: denied { remount } for >> pid=952 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 >> tcontext=system_u:object_r:httpd_var_run_t:s0 tclass=filesystem >> permissive=0 >> ---- >> time->Fri Jul 24 13:34:04 2020 >> type=AVC msg=audit(1595590444.080:29): avc: denied { remount } for >> pid=1020 comm="(ostnamed)" scontext=system_u:sy...

...stem boot 4.18.0-193.6.3.e Fri Jul 24 01:20 - 13:33 >(12:13) > > ># ausearch -m avc --start today >---- >time->Fri Jul 24 01:20:08 2020 >type=AVC msg=audit(1595546408.754:28): avc: denied { remount } for >pid=952 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 >tcontext=system_u:object_r:httpd_var_run_t:s0 tclass=filesystem >permissive=0 >---- >time->Fri Jul 24 13:34:04 2020 >type=AVC msg=audit(1595590444.080:29): avc: denied { remount } for >pid=1020 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 >tconte...

Hi folks, I've been googling for an hour on this which seems to be awfully basic. But I cannot find anything definitive. [root at centos-gig ~]# systemctl enable smb.service Failed to execute operation: Access denied [root at centos-gig ~]# setenforce 0 [root at centos-gig ~]# systemctl enable smb.service Failed to execute operation: No such file or directory Have tried things like : chcon

...:5 'down' [ens3]: start running ordered scripts... > Oct 26 14:25:56 son-of-builder nm-dispatcher[8018]: req:6 'hostname': start running ordered scripts... > Oct 26 14:26:06 son-of-builder audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' > Oct 26 14:26:21 son-of-builder NetworkManager[824]: <info> [1509049581.0808] connectivity: (ens3) timed out > Oct 26 14:26:21 son...

Hi folks, I've been googling for an hour on this which seems to be awfully basic. But I cannot find anything definitive. [root at centos-gig ~]# systemctl enable smb.service Failed to execute operation: Access denied [root at centos-gig ~]# setenforce 0 [root at centos-gig ~]# systemctl enable smb.service Failed to execute operation: No such file or directory Have tried things like : chcon

...the supplying side and rsync running as a client in a timer unit on the client side. My backup script on the backup system runs fine from the command line. When run from a systemd timer unit, rsync sends nothing to the systemd log and I see a denial in the audit log for a Unix domain socket in init_t context. I'm guessing it's trying to write to stdout which is getting redirected to systemd's log. The service unit file has StandardOutput=syslog in order to capture the list of files backed up. The following selinux rule seems to fix this: allow rsync_t init_t:unix_stream_socket {...

...list.c read_arch.c place.c route.c draw.c graphics.c stats.c segment_stats.c rr_graph.c rr_graph2.c rr_graph_sbox.c rr_graph_util.c rr_graph_timing_params.c rr_graph_area.c check_rr_graph.c check_route.c hash.c read_place.c -lm 2) ./spec_vpr net.in arch.in place.out dum.out -nodisp -place_only -init_t 5 -exit_t 0.005 -alpha_t 0.9412 -inner_num 2 I am particularly interested in the following CINT95 benchmarks: 099.go, 129.compress, 130.li, 132.ijpeg can anyone tell me the "standard" commandline to compile and run these benchmarks with the default ref configurations ? thanks, --Long

..._t is working so unsure why it doesn't work in my policy. The policy from audit2allow generates this when using "grep -e 'httpd\|passenger'" but it seems like too much allowance module passenger 1.0; require { type unconfined_t; type semanage_t; type init_t; type system_cronjob_t; type mysqld_t; type syslogd_t; type apmd_t; type initrc_t; type postfix_local_t; type puppet_etc_t; type setfiles_t; type rpm_t; type unlabeled_t; type var_run_t; type kernel_t;...

...phics.c stats.c >> segment_stats.c rr_graph.c rr_graph2.c rr_graph_sbox.c >> rr_graph_util.c rr_graph_timing_params.c rr_graph_area.c >> check_rr_graph.c check_route.c hash.c read_place.c -lm >> 2) ./spec_vpr net.in arch.in place.out dum.out -nodisp -place_only >> -init_t 5 -exit_t 0.005 -alpha_t 0.9412 -inner_num 2 >> >> I am particularly interested in the following CINT95 benchmarks: >> 099.go, 129.compress, 130.li, 132.ijpeg >> >> can anyone tell me the "standard" commandline to compile and run >> these benchmarks wi...

...place.c route.c draw.c graphics.c stats.c segment_stats.c > rr_graph.c rr_graph2.c rr_graph_sbox.c rr_graph_util.c > rr_graph_timing_params.c rr_graph_area.c check_rr_graph.c check_route.c > hash.c read_place.c -lm > 2) ./spec_vpr net.in arch.in place.out dum.out -nodisp -place_only -init_t 5 > -exit_t 0.005 -alpha_t 0.9412 -inner_num 2 > > I am particularly interested in the following CINT95 benchmarks: > 099.go, 129.compress, 130.li, 132.ijpeg > > can anyone tell me the "standard" commandline to compile and run these > benchmarks with the default ref...

...c stats.c segment_stats.c >>> rr_graph.c rr_graph2.c rr_graph_sbox.c rr_graph_util.c >>> rr_graph_timing_params.c rr_graph_area.c check_rr_graph.c check_route.c >>> hash.c read_place.c -lm >>> 2) ./spec_vpr net.in arch.in place.out dum.out -nodisp -place_only -init_t >>> 5 -exit_t 0.005 -alpha_t 0.9412 -inner_num 2 >>> >>> I am particularly interested in the following CINT95 benchmarks: >>> 099.go, 129.compress, 130.li, 132.ijpeg >>> >>> can anyone tell me the "standard" commandline to compile a...

On 04/26/2017 04:22 AM, Gordon Messmer wrote: > On 04/25/2017 03:25 PM, Robert Moskowitz wrote: >> This made the same content as before that caused problems: > > I still don't understand, exactly. Are you seeing *new* problems > after installing a policy? What are the problems? > >> #!!!! The file '/var/lib/mysql/mysql.sock' is mislabeled on your system.

...vecot_deliver_t; type postfix_smtp_t; type nfs_t; type var_run_t; type usr_t; type httpd_t; type audisp_t; type postfix_cleanup_t; type inetd_t; type portmap_t; type postfix_pickup_t; type hald_t; type getty_t; type avahi_t; type etc_t; type sysctl_kernel_t; type unconfined_t; type init_t; type auditd_t; type lib_t; type dovecot_auth_t; type syslogd_t; type hostname_exec_t; type postfix_smtpd_t; type var_spool_t; type system_dbusd_t; type mysqld_etc_t; type initrc_t; type proc_t; type restorecond_t; type etc_runtime_t; type postfix_bounce_t; type ntpd_t; type kernel_...

orig_ist is bound to presence of a TSS, hence is meaningless on Xen kernels. Signed-off-by: Jan Beulich <jbeulich@novell.com> Index: head-2007-02-27/arch/x86_64/kernel/init_task.c =================================================================== --- head-2007-02-27.orig/arch/x86_64/kernel/init_task.c 2007-03-05 10:00:18.000000000 +0100 +++ head-2007-02-27/arch/x86_64/kernel/init_task.c 2007-02-27 16:27:37.000000000 +0100 @@ -47,11 +47,11 @@ EXPORT_SYMBOL(init_task);...

...ltime, applying delta of 600 minutes to system time. [ 6.649745] systemd[1]: Relabelled /dev and /run in 28.905ms. [ 6.830386] audit_printk_skb: 102 callbacks suppressed [ 6.830815] audit: type=1130 audit(1449296811.039:45): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 6.831775] audit: type=1131 audit(1449296811.041:46): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=syste...

.../drm/via/via_verifier.c +++ b/drivers/gpu/drm/via/via_verifier.c @@ -34,6 +34,7 @@ #include <drm/drm_legacy.h> #include "via_verifier.h" #include "via_drv.h" +#include <linux/kernel.h> typedef enum { state_command, @@ -1102,10 +1103,7 @@ setup_hazard_table(hz_init_t init_table[], hazard_t table[], int size) void via_init_command_verifier(void) { - setup_hazard_table(init_table1, table1, - sizeof(init_table1) / sizeof(hz_init_t)); - setup_hazard_table(init_table2, table2, - sizeof(init_table2) / sizeof(hz_init_t)); - setup_hazard_table(init_table3...

...kernel link: /usr/bin/kgcc -D__KERNEL__ -I/home/brian/src/kernel-2.2.19-pre6mvd/linux-2.2.19pre6-kdb-ext3/include -c -o dummy_sym.o dummy_sym.c ld -m elf_i386 -T /home/brian/src/kernel-2.2.19-pre6mvd/linux-2.2.19pre6-kdb-ext3/arch/i386/vmlinux.lds -e stext arch/i386/kernel/head.o arch/i386/kernel/init_t ask.o -Map map init/main.o init/version.o \ --start-group \ arch/i386/kernel/kernel.o arch/i386/mm/mm.o kernel/kernel.o mm/mm.o fs/fs.o ipc/ipc.o arch/i386/kdb/kdb.o \ fs/filesystems.a \ net/network.a \ drivers/block/block.a drivers/char/char.o drivers/misc/m...