-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/13/2013 08:40 PM, Gordon Messmer wrote:
> On 01/13/2013 04:11 AM, Ilyas -- wrote:
>> Where my mistake?
>
> Good question. I don't see "{ read }" in your early AVC list, so it's
> possible that you hadn't yet run through all of the standard operations for
> smartd when you generated the policy. However, "{ getattr }" appears both
> before and after, and that's odd.
>
> What ended up in the file smartd_my.te?
>
> _______________________________________________ CentOS mailing list
> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos
>
You are seeing a constraint violation.
Add mcs_file_read_all(fsdaemon_t) to your te file, recompile and install.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlD0QOUACgkQrlYvE4MpobPKZACfUMvSBewF9Cyf4pqtwKmP8+Ef
S6oAn2feMQfKKTwPUMNzGBTBF/lhBFB9
=kd/b
-----END PGP SIGNATURE-----