himainuの日記

■[Ubuntu][SEEdit] Ubuntu 8.10に種ITを入れる（３） 21:59

カーネルは2.6.27になっている。種ITは2.6.25までしか試しておらず、

その後大量にパーミッションが追加されたようでそれをサポートせねばならない。

dmesgを確認すると

[    5.804103] SELinux:  class memprotect not defined in policy
[    5.804120] SELinux:  class peer not defined in policy
[    5.804126] SELinux:  class capability2 not defined in policy
[    5.804197] SELinux:  permission open in class dir not defined in policy
[    5.804231] SELinux:  permission open in class file not defined in policy
[    5.804241] SELinux:  permission open in class chr_file not defined in policy
[    5.804247] SELinux:  permission open in class blk_file not defined in policy
[    5.804254] SELinux:  permission open in class fifo_file not defined in policy
[    5.804273] SELinux:  permission recvfrom in class node not defined in policy
[    5.804279] SELinux:  permission sendto in class node not defined in policy
[    5.804291] SELinux:  permission ingress in class netif not defined in policy
[    5.804297] SELinux:  permission egress in class netif not defined in policy
[    5.804367] SELinux:  permission setfcap in class capability not defined in policy
[    5.804391] SELinux:  permission flow_in in class packet not defined in polic
[    5.804397] SELinux:  permission flow_out in class packet not defined in policy
[    5.804404] SELinux:  permission forward_in in class packet not defined in policy
[    5.804410] SELinux:  permission forward_out in class packet not defined in policy
[    5.804596] SELinux: the above unknown classes and permissions will be denied

うわー色々あるな。

/selinux以下にも、知らない間にファイルが増えているみたい。うひゃー

$ ls /selinux/
access                compat_net    initial_contexts     policyvers
avc                   context       load                 reject_unknown
booleans              create        member               relabel
checkreqprot          deny_unknown  mls                  user
class                 disable       null
commit_pending_bools  enforce       policy_capabilities

今日はもう時間切れ orz

マターリとつぶしていくか。。。