Need I recompile the selinux?

Support for security such as Firewalls and securing linux
Post Reply
dreamermeng
Posts: 1
Joined: 2007/07/03 04:26:41
Contact:

Need I recompile the selinux?

Post by dreamermeng » 2007/07/04 05:29:02

I recently downloaded the linux 2.6.9 source code and compiled the kernel,then when I reboot the computer,there was something wrong:

Jul 3 19:23:04 dell kernel: audit(1183489086.323:0): avc: denied { read write } for pid=704 exe=/sbin/minilogd name=consol
e dev=tmpfs ino=1140 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
Jul 3 19:23:04 dell kernel: audit(1183489086.323:0): avc: denied { write } for pid=704 exe=/sbin/minilogd dev=tmpfs ino=11
39 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Jul 3 19:23:04 dell kernel: audit(1183489086.323:0): avc: denied { add_name } for pid=704 exe=/sbin/minilogd name=log scon
text=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Jul 3 19:23:04 dell kernel: audit(1183489086.323:0): avc: denied { create } for pid=704 exe=/sbin/minilogd name=log sconte
xt=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Jul 3 19:23:04 dell kernel: audit(1183489086.323:0): avc: denied { getattr } for pid=707 exe=/sbin/minilogd path=/dev/log
dev=tmpfs ino=2168 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Jul 3 19:23:07 dell kernel: audit(1183461773.287:0): avc: denied { remove_name } for pid=2496 exe=/sbin/syslogd name=log d
ev=tmpfs ino=2168 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Jul 3 19:23:07 dell kernel: audit(1183461773.287:0): avc: denied { unlink } for pid=2496 exe=/sbin/syslogd name=log dev=tm
pfs ino=2168 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Jul 3 19:23:07 dell kernel: audit(1183461773.287:0): avc: denied { setattr } for pid=2496 exe=/sbin/syslogd name=log dev=t
mpfs ino=6335 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Jul 3 19:23:07 dell kernel: audit(1183461773.890:0): avc: denied { search } for pid=2532 exe=/sbin/portmap dev=tmpfs ino=1
139 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Jul 3 19:23:07 dell kernel: audit(1183461775.622:0): avc: denied { write } for pid=707 exe=/sbin/minilogd name=log dev=tmp
fs ino=6335 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Jul 3 19:23:07 dell kernel: audit(1183461786.800:0): avc: denied { read } for pid=2928 exe=/usr/sbin/httpd name=urandom de
v=tmpfs ino=1157 scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
Jul 3 19:23:07 dell kernel: audit(1183461786.842:0): avc: denied { getattr } for pid=2928 exe=/usr/sbin/httpd path=/dev/ur
andom dev=tmpfs ino=1157 scontext=user_u:system_r:httpd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
Jul 3 19:26:16 dell kernel: audit(1183461976.929:0): avc: denied { search } for pid=4242 exe=/sbin/portmap dev=tmpfs ino=1
139 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Jul 3 19:26:16 dell kernel: audit(1183461976.929:0): avc: denied { write } for pid=4242 exe=/sbin/portmap name=log dev=tmp
fs ino=6335 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file

but I boot from the old 2.6.9.55 kernel , It's ok again. No above.

I guess perhaps it's the selinux problem. I don't want to disable the selinux, Need I recompile the selinux from source?

User avatar
toracat
Forum Moderator
Posts: 7388
Joined: 2006/09/03 16:37:24
Location: California, US
Contact:

Need I recompile the selinux?

Post by toracat » 2007/07/14 18:41:19

May I ask why you need to compile the kernel and how you did it?

Akemi

patricia
Posts: 2
Joined: 2007/07/12 09:52:13

Re: Need I recompile the selinux?

Post by patricia » 2007/07/16 06:42:45

What is selinux ????





Patricia
http://mackgonzalves.blogster.com/subliminal_tapes.html

jtan163
Posts: 7
Joined: 2007/07/23 06:23:53
Location: Adelaide, Australia

Re: Need I recompile the selinux?

Post by jtan163 » 2007/07/23 07:35:28

Is selinux turned on i the original kernel?

Post Reply

Return to “CentOS 4 - Security Support”