Ubuntu 8.10に種ITを入れる(3)
カーネルは2.6.27になっている。種ITは2.6.25までしか試しておらず、
その後大量にパーミッションが追加されたようでそれをサポートせねばならない。
dmesgを確認すると
[ 5.804103] SELinux: class memprotect not defined in policy [ 5.804120] SELinux: class peer not defined in policy [ 5.804126] SELinux: class capability2 not defined in policy [ 5.804197] SELinux: permission open in class dir not defined in policy [ 5.804231] SELinux: permission open in class file not defined in policy [ 5.804241] SELinux: permission open in class chr_file not defined in policy [ 5.804247] SELinux: permission open in class blk_file not defined in policy [ 5.804254] SELinux: permission open in class fifo_file not defined in policy [ 5.804273] SELinux: permission recvfrom in class node not defined in policy [ 5.804279] SELinux: permission sendto in class node not defined in policy [ 5.804291] SELinux: permission ingress in class netif not defined in policy [ 5.804297] SELinux: permission egress in class netif not defined in policy [ 5.804367] SELinux: permission setfcap in class capability not defined in policy [ 5.804391] SELinux: permission flow_in in class packet not defined in polic [ 5.804397] SELinux: permission flow_out in class packet not defined in policy [ 5.804404] SELinux: permission forward_in in class packet not defined in policy [ 5.804410] SELinux: permission forward_out in class packet not defined in policy [ 5.804596] SELinux: the above unknown classes and permissions will be denied
うわー色々あるな。
/selinux以下にも、知らない間にファイルが増えているみたい。うひゃー
$ ls /selinux/ access compat_net initial_contexts policyvers avc context load reject_unknown booleans create member relabel checkreqprot deny_unknown mls user class disable null commit_pending_bools enforce policy_capabilities
今日はもう時間切れ orz
マターリとつぶしていくか。。。