enforcing mode update errors
Richard Hally
rhally at mindspring.com
Wed Jun 9 03:28:44 UTC 2004
Russell Coker wrote:
> On Wed, 9 Jun 2004 07:37, Richard Hally <rhally at mindspring.com> wrote:
>
>>Below are the error messages from running 'yum update' today while in
>>enforcing mode.
>>Perhaps this will be helpful to someone.
>
>
> What AVC messages did you get?
>
Here are the avc messages that I think were from the update:
Jun 8 14:49:07 new2 kernel: audit(1086720547.359:0): avc: denied {
read } for pid=5967 exe=/usr/sbin/load_policy name=policy.17 dev=hda2
ino=913086 scontext=root:sysadm_r:load_policy_t
tcontext=root:object_r:etc_t tclass=file
Jun 8 14:49:43 new2 kernel: audit(1086720583.805:0): avc: denied {
read } for pid=6032 exe=/usr/sbin/load_policy name=policy.17 dev=hda2
ino=913086 scontext=root:sysadm_r:load_policy_t
tcontext=root:object_r:etc_t tclass=file
Jun 8 14:50:42 new2 kernel: audit(1086720642.556:0): avc: denied {
read } for pid=6040 exe=/usr/sbin/groupadd name=config dev=hda2
ino=914871 scontext=root:sysadm_r:groupadd_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Jun 8 14:50:42 new2 kernel: audit(1086720642.857:0): avc: denied {
read } for pid=6041 exe=/usr/sbin/groupadd name=config dev=hda2
ino=914871 scontext=root:sysadm_r:groupadd_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Jun 8 14:50:42 new2 kernel: audit(1086720642.860:0): avc: denied {
read } for pid=6042 exe=/usr/sbin/groupadd name=config dev=hda2
ino=914871 scontext=root:sysadm_r:groupadd_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Jun 8 14:50:43 new2 kernel: audit(1086720643.071:0): avc: denied {
read } for pid=6043 exe=/usr/sbin/useradd name=config dev=hda2
ino=914871 scontext=root:sysadm_r:useradd_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Jun 8 14:53:13 new2 kernel: audit(1086720793.835:0): avc: denied {
read } for pid=6446 exe=/usr/sbin/userdel name=config dev=hda2
ino=914871 scontext=root:sysadm_r:useradd_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Jun 8 14:53:14 new2 kernel: audit(1086720794.145:0): avc: denied {
read } for pid=6447 exe=/usr/sbin/useradd name=config dev=hda2
ino=914871 scontext=root:sysadm_r:useradd_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Jun 8 14:54:22 new2 kernel: audit(1086720862.714:0): avc: denied {
read } for pid=6504 exe=/usr/sbin/useradd name=config dev=hda2
ino=914871 scontext=root:sysadm_r:useradd_t
tcontext=system_u:object_r:selinux_config_t tclass=file
-----------------------------------------------------------------------------
And a ton of these(that are probably not related to the policy update:)
Jun 8 14:58:49 new2 kernel: audit(1086721129.020:0): avc: denied {
read } for pid=6718 exe=/sbin/ldconfig name=libgaim-remote.so.0.0.0
dev=hda2 ino=52056 scontext=root:sysadm_r:ldconfig_t
tcontext=root:object_r:lib_t tclass=file
Jun 8 14:59:17 new2 kernel: audit(1086721157.931:0): avc: denied {
getattr }
for pid=6722 exe=/sbin/ldconfig path=/usr/lib/libgaim-remote.so.0.0.0
dev=hda2
ino=52056 scontext=root:sysadm_r:ldconfig_t tcontext=root:object_r:lib_t
tclass=file
Jun 8 14:59:30 new2 kernel: audit(1086721170.335:0): avc: denied {
read } for pid=6722 exe=/sbin/ldconfig name=libgaim-remote.so.0.0.0
dev=hda2 ino=52056 scontext=root:sysadm_r:ldconfig_t
tcontext=root:object_r:lib_t tclass=file
Jun 8 15:00:13 new2 kernel: audit(1086721213.603:0): avc: denied {
getattr }
for pid=6760 exe=/sbin/ldconfig path=/usr/lib/libgaim-remote.so.0.0.0
dev=hda2
ino=52056 scontext=root:sysadm_r:ldconfig_t tcontext=root:object_r:lib_t
tclass=file
Jun 8 15:00:28 new2 kernel: audit(1086721228.071:0): avc: denied {
read } for pid=6760 exe=/sbin/ldconfig name=libgaim-remote.so.0.0.0
dev=hda2 ino=52056 scontext=root:sysadm_r:ldconfig_t
tcontext=root:object_r:lib_t tclass=file
Jun 8 15:02:05 new2 kernel: audit(1086721325.781:0): avc: denied {
getattr }
for pid=6762 exe=/sbin/ldconfig path=/usr/lib/libgaim-remote.so.0.0.0
dev=hda2
ino=52056 scontext=root:sysadm_r:ldconfig_t tcontext=root:object_r:lib_t
tclass=file
:
THT
Richard Hally
More information about the fedora-selinux-list
mailing list