Fixed
Created: Mar 27, 2014
Updated: Feb 11, 2019
Resolved Date: Apr 4, 2014
Found In Version: 6.0
Fix Version: 6.0.0.4
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace
I followed the following WRL CGL user guide to use the SEEdit tool but failed:
http://internal.wrs.com/engineering/engops/techpubs/docDrafts/WRLinux/Wind_River_Linux_6_docs/wr_linux_cgp_users_guide/chapter-security-features.html
I like to include this tool into the SELinux training labs. Thus I wish someone could fix it asap.
1. Launch qemu target
2. Login to the target serial console as root
# id
uid=0(root) gid=0(root) groups=0(root) context=root:sysadm_r:sysadm_t:s0-s15:c0.c1023
# run_init seedit-init
# reboot
3. After reboot, login to the serial console as root
Wind River Linux 6.0.0.0 localhost console
localhost login: root
Password:
Would you like to enter a security context? [N] – press Enter
I got AVC messages and back to the login prompt:
localhost login: type=1400 audit(1395937822.109:30): avc: denied { block_suspend } for pid=582 comm="syslog-ng" capability=36 scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=capability2
type=1400 audit(1395937822.114:31): avc: denied { block_suspend } for pid=582 comm="syslog-ng" capability=36 scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=capability2
Wind River Linux 6.0.0.0 localhost console
localhost login: