[DSE-Dev] refpolicy HEAD, Debian, syslogd & setrlimit
Christopher J. PeBenito
cpebenito at tresys.com
Thu Dec 6 14:28:35 UTC 2007
On Wed, 2007-12-05 at 15:13 +0100, Václav Ovsík wrote:
> audit(1196861341.205:26): avc: denied { setrlimit } for pid=2160 comm="cron" scontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=process
>
> There is a content of /etc/pam.d/cron from my Debian Etch:
[...]
> # Sets up user limits, please define limits for cron tasks
> # through /etc/security/limits.conf
> session required pam_limits.so
>
> /etc/security/limits.conf
>
> has only comment sections.
>
> Can be rlimit allowed or should be solved this in some other way?
I added this in distro_debian for now, so if someone does put limits, it
will work.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
More information about the SELinux-devel
mailing list