SElinux issues with vanilla 2.6.9 kernel on FC3
Orion Poplawski
orion at cora.nwra.com
Tue Dec 14 18:47:46 UTC 2004
I've installed a kernel.org 2.6.9 kernel updated to acpi 20041203. I'm
seeing lots of SElinux audit messages that I don't see with the Fedora
kernels. Is there something I can do short of disabling SElinux?
audit(1103024554.837:0): avc: denied { read write } for pid=656
exe=/sbin/minilogd name=console dev=tmpfs ino=1138
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t
tclass=chr_file
audit(1103024554.838:0): avc: denied { write } for pid=656
exe=/sbin/minilogd dev=tmpfs ino=1137 scontext=user_u:system_r:syslogd_t
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103024554.838:0): avc: denied { add_name } for pid=656
exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103024554.838:0): avc: denied { create } for pid=656
exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t
tcontext=user_u:object_r:tmpfs_t tclass=sock_file
audit(1103024554.839:0): avc: denied { getattr } for pid=662
exe=/sbin/minilogd path=/dev/log dev=tmpfs ino=2056
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t
tclass=sock_file
audit(1103024559.699:0): avc: denied { write } for pid=662
exe=/sbin/minilogd name=log dev=tmpfs ino=2056
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t
tclass=sock_file
audit(1103024569.926:0): avc: denied { remove_name } for pid=1547
exe=/sbin/minilogd name=log dev=tmpfs ino=2056
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t
tclass=dir
audit(1103024569.926:0): avc: denied { unlink } for pid=1547
exe=/sbin/minilogd name=log dev=tmpfs ino=2056
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t
tclass=sock_file
audit(1103049789.825:0): avc: denied { write } for pid=2254
exe=/sbin/syslogd dev=tmpfs ino=1137 scontext=user_u:system_r:syslogd_t
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049789.826:0): avc: denied { remove_name } for pid=2254
exe=/sbin/syslogd name=log dev=tmpfs ino=5419
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t
tclass=dir
audit(1103049789.826:0): avc: denied { add_name } for pid=2254
exe=/sbin/syslogd name=log scontext=user_u:system_r:syslogd_t
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049789.826:0): avc: denied { setattr } for pid=2254
exe=/sbin/syslogd name=log dev=tmpfs ino=5849
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t
tclass=sock_file
audit(1103049790.187:0): avc: denied { search } for pid=2277
exe=/sbin/portmap dev=tmpfs ino=1137 scontext=user_u:system_r:portmap_t
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049791.885:0): avc: denied { search } for pid=2381
exe=/sbin/ypbind dev=tmpfs ino=1137 scontext=user_u:system_r:ypbind_t
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049797.552:0): avc: denied { search } for pid=2808
exe=/usr/sbin/ntpdate dev=tmpfs ino=1137 scontext=user_u:system_r:ntpd_t
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049797.552:0): avc: denied { write } for pid=2808
exe=/usr/sbin/ntpdate name=log dev=tmpfs ino=5849
scontext=user_u:system_r:ntpd_t
tcontext=user_u:object_r:tmpfs_ttclass=sock_file
# mount
/dev/hda3 on / type ext3 (rw)
none on /proc type proc (rw)
none on /sys type sysfs (rw)
none on /dev/pts type devpts (rw,gid=5,mode=620)
usbfs on /proc/bus/usb type usbfs (rw)
/dev/hda2 on /boot type ext3 (rw)
none on /dev/shm type tmpfs (rw)
/dev/hda7 on /export type ext3 (rw)
/dev/hda6 on /var type ext3 (rw)
tmpfs on /tmp type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
automount(pid2496) on /opt type autofs
(rw,fd=5,pgrp=2496,minproto=2,maxproto=4)
automount(pid2483) on /fs type autofs
(rw,fd=5,pgrp=2483,minproto=2,maxproto=4)
automount(pid2543) on /data type autofs
(rw,fd=5,pgrp=2543,minproto=2,maxproto=4)
automount(pid2587) on /home type autofs
(rw,fd=5,pgrp=2587,minproto=2,maxproto=4)
nfsd on /proc/fs/nfsd type nfsd (rw)
--
Orion Poplawski
System Administrator 303-415-9701 x222
Colorado Research Associates/NWRA FAX: 303-415-9702
3380 Mitchell Lane, Boulder CO 80301 http://www.co-ra.com
More information about the fedora-list
mailing list