semodule/dbus
Daniel J Walsh
dwalsh at redhat.com
Mon Jul 13 15:20:42 UTC 2009
On 07/11/2009 12:12 PM, Dominick Grift wrote:
> On Sat, 2009-07-11 at 05:20 -0700, Vadym Chepkov wrote:
>> Everytime I install or update a local selinux module I get a log entry, like this.
>>
>> Jul 11 08:10:36 hut dbus: Can't send to audit system: USER_AVC avc: received policyload notice (seqno=5)#012: exe="?" (sauid=81, hostname=?, addr=?, terminal=?)
>>
>> I wonder what is it about? It doesn't seem to affect anything, but still.
>
> dbus complains that it can not send a "receive policyload notice" to the
> audit system. I guess this should be considered a bug. Dbus also has
> some other issues where it sends avc denials to /var/log/messages
> instead of audit (/var/log/audit/audit.log).
>
> You could consider reporting a bugzilla for this. I would probably try
> the dbus component and cc. both sgrubb and dwalsh.
>
>> Sincerely yours,
>> Vadym Chepkov
>>
>> --
>> fedora-selinux-list mailing list
>> fedora-selinux-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>>
>> ------------------------------------------------------------------------
>>
>> --
>> fedora-selinux-list mailing list
>> fedora-selinux-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
This bug comes back all the time. It is a bug in dbus trying to send audit message system when running as non-root.
Every time a policy gets reloaded, dbus gets a messages telling it about the reload. It then sends an audit message, but the code is not smart enough to know whether to send it to the audit subsystem if it is the system bus or the syslog if it is the user bus. I have sent patches and this has been fixed, but it seems to come back every few releases.
More information about the fedora-selinux-list
mailing list