Steve Grubb wrote:
> On Tuesday 30 May 2006 15:17, Paul Moore wrote:
>
>>Can you describe your problem a bit more and what you did before the
>>networking went away?
>
> I've tried to ping things and get a timeout. This is right after booting. I
> also see a bunch of avc's that I normally don't get:
>
> May 30 14:34:40 localhost kernel: audit(1149014040.540:5): avc: denied
> { recv_msg } for saddr=192.1.2.20 src=53 daddr=192.1.2.115 dest=32769
> netif=eth0 scontext=system_u:system_r:initrc_t:s0
> tcontext=system_u:object_r:unlabeled_t:s0
> tclass=udp_socket
>
> I'm thinking its related, but not 100% sure yet. I'm also not sure how long
> the network...worked.
>
> This is a normal rawhide machine running targeted policy 2.2.42-1 and without
> the netlabel_tools installed.
>
Are you running in enforcing mode? When NetLabel is enabled all
unlabeled packets get the unlabeled SID which may cause problems with
the policy as it is currently written, I'm not sure (but it sounds like
it from what you just said).
I do all of my testing with the MLS policy in permissive mode.
--
paul moore
linux security @ hp
--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp
