todays avc messages

Jason Dravet dravet at hotmail.com
Tue Feb 14 15:23:51 UTC 2006 

Here are some avc messages from todays rawhide.  I have tried a relabel and 
I still get these and more avcs in my audit.log.  Hal does not work because 
of the last entry.

Thanks,
Jason

time->Tue Feb 14 08:05:00 2006
type=PATH msg=audit(1139925900.906:54): item=1 flags=101  inode=393231 
dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1139925900.906:54): item=0 name="/sbin/auditctl" 
flags=101  inode=655430 dev=fd:00 mode=0100750 ouid=0 ogid=0 rdev=00:00
type=CWD msg=audit(1139925900.906:54):  cwd="/"
type=AVC_PATH msg=audit(1139925900.906:54):  path="/ptmx"
type=SYSCALL msg=audit(1139925900.906:54): arch=40000003 syscall=11 
success=yes exit=0 a0=90d5f80 a1=90d5f18 a2=90dacd8 a3=90d5d88 items=2 
pid=1683 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 comm="auditctl" exe="/sbin/auditctl"
type=AVC msg=audit(1139925900.906:54): avc:  denied  { use } for  pid=1683 
comm="auditctl" name="ptmx" dev=tmpfs ino=641 
scontext=system_u:system_r:auditctl_t:s0 
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
----
time->Tue Feb 14 08:05:01 2006
type=PATH msg=audit(1139925901.154:56): item=1 flags=101  inode=393231 
dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1139925901.154:56): item=0 name="/sbin/syslogd" 
flags=101  inode=655490 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=CWD msg=audit(1139925901.154:56):  cwd="/"
type=AVC_PATH msg=audit(1139925901.154:56):  path="/ptmx"
type=SYSCALL msg=audit(1139925901.154:56): arch=40000003 syscall=11 
success=yes exit=0 a0=9e89ad0 a1=9e8a0c0 a2=9e89fc8 a3=9e89a40 items=2 
pid=1692 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 comm="syslogd" exe="/sbin/syslogd"
type=AVC msg=audit(1139925901.154:56): avc:  denied  { use } for  pid=1692 
comm="syslogd" name="ptmx" dev=tmpfs ino=641 
scontext=system_u:system_r:syslogd_t:s0 
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
----
time->Tue Feb 14 08:05:01 2006
type=PATH msg=audit(1139925901.366:57): item=1 flags=101  inode=393231 
dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1139925901.366:57): item=0 name="/sbin/klogd" flags=101  
inode=655480 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=CWD msg=audit(1139925901.366:57):  cwd="/"
type=AVC_PATH msg=audit(1139925901.366:57):  path="/ptmx"
type=SYSCALL msg=audit(1139925901.366:57): arch=40000003 syscall=11 
success=yes exit=0 a0=904bb10 a1=904c060 a2=904bf70 a3=904b9c8 items=2 
pid=1695 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 comm="klogd" exe="/sbin/klogd"
type=AVC msg=audit(1139925901.366:57): avc:  denied  { use } for  pid=1695 
comm="klogd" name="ptmx" dev=tmpfs ino=641 
scontext=system_u:system_r:klogd_t:s0 tcontext=system_u:system_r:kernel_t:s0 
tclass=fd
----
time->Tue Feb 14 09:18:05 2006
type=SYSCALL msg=audit(1139930285.404:256): arch=40000003 syscall=206 
success=no exit=-1 a0=1 a1=9ec2338 a2=351ff4 a3=1 items=0 pid=3426 auid=0 
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hald" 
exe="/usr/sbin/hald"
type=AVC msg=audit(1139930285.404:256): avc:  denied  { setgid } for  
pid=3426 comm="hald" capability=6 scontext=root:system_r:hald_t:s0 
tcontext=root:system_r:hald_t:s0 tclass=capability

More information about the fedora-selinux-list mailing list