>>SELinux Mailing List

Contents

Overview

What's New

Frequently Asked Questions

Background

Documentation

License

Download

Participating

Mail List

Archive Summary

Archive by Thread

Archive by Author

Archive by Date

Archive by Subject

Remaining Work

Contributors

Related Work

Press Releases

devfs_contexts

From: Russell Coker <russell_at_coker.com.au>
Date: Fri, 18 Jan 2002 17:00:57 +0100

How exactly is devfs_contexts supposed to work, when is it applied?

The default settings in the file appear to be applied, here is a sample: root@test:/etc/flask# stat /dev/null /dev/random

  File: "/dev/null"
  Size: 0               Blocks: 0          IO Block: 1024   Character Device
Device: 7h/7d   Inode: 9           Links: 1     Device type: 1,3
Access: (0666/crw-rw-rw-)  Uid: (    0/    root)   Gid: (    0/    root)
Access: Thu Jan  1 01:00:00 1970
Modify: Thu Jan  1 01:00:00 1970
Change: Thu Jan  1 01:00:00 1970

SID: 33
S_context: system_u:object_r:null_device_t

  File: "/dev/random"
  Size: 0               Blocks: 0          IO Block: 1024   Character Device
Device: 7h/7d   Inode: 13          Links: 1     Device type: 1,8
Access: (0666/crw-rw-rw-)  Uid: (    0/    root)   Gid: (    0/    root)
Access: Thu Jan  1 01:00:00 1970
Modify: Thu Jan  1 01:00:00 1970
Change: Fri Jan 18 03:38:15 2002

SID: 130
S_context: system_u:object_r:random_device_t

However I added the following line to the file:
/vc/0 system_u:object_r:devtty_t

But then after loading the new policy it's still not there! root@test:/etc/flask# make load
install -m 644 -o root -g root policy /ss_policy
/usr/bin/load_policy /ss_policy

Success
root@test:/etc/flask# stat /dev/vc/0

  File: "/dev/vc/0"
  Size: 0               Blocks: 0          IO Block: 1024   Character Device
Device: 7h/7d   Inode: 83          Links: 1     Device type: 4,0
Access: (0666/crw-rw-rw-)  Uid: (    0/    root)   Gid: (    5/     tty)
Access: Thu Jan  1 01:00:00 1970
Modify: Thu Jan  1 01:00:00 1970
Change: Fri Jan 18 03:38:15 2002

SID: 34
S_context: system_u:object_r:device_t
root@test:/etc/flask#

PS I'm running 2.4.17 with the latest patch for the utilities (thanks Stephen).

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page

--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Received on Fri 18 Jan 2002 - 11:10:49 EST

This message: [ Message body ]
Next message: Stephen Smalley: "Re: devfs_contexts"
Previous message: Stephen Smalley: "Re: ext3 file system"
Next in thread: Stephen Smalley: "Re: devfs_contexts"
Reply: Stephen Smalley: "Re: devfs_contexts"
Maybe reply: Russell Coker: "Re: devfs_contexts"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

This archive was generated by hypermail 2.2.0 on Wed 11 Jun 2008 - 08:10:26 EDT