SElinux issues with vanilla 2.6.9 kernel on FC3

Tue Dec 14 18:47:46 UTC 2004

I've installed a kernel.org 2.6.9 kernel updated to acpi 20041203.  I'm 
seeing lots of SElinux audit messages that I don't see with the Fedora 
kernels.  Is there something I can do short of disabling SElinux?

audit(1103024554.837:0): avc:  denied  { read write } for  pid=656 
exe=/sbin/minilogd name=console dev=tmpfs ino=1138 
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t 
tclass=chr_file
audit(1103024554.838:0): avc:  denied  { write } for  pid=656 
exe=/sbin/minilogd dev=tmpfs ino=1137 scontext=user_u:system_r:syslogd_t 
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103024554.838:0): avc:  denied  { add_name } for  pid=656 
exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t 
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103024554.838:0): avc:  denied  { create } for  pid=656 
exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t 
tcontext=user_u:object_r:tmpfs_t tclass=sock_file
audit(1103024554.839:0): avc:  denied  { getattr } for  pid=662 
exe=/sbin/minilogd path=/dev/log dev=tmpfs ino=2056 
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t 
tclass=sock_file
audit(1103024559.699:0): avc:  denied  { write } for  pid=662 
exe=/sbin/minilogd name=log dev=tmpfs ino=2056 
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t 
tclass=sock_file
audit(1103024569.926:0): avc:  denied  { remove_name } for  pid=1547 
exe=/sbin/minilogd name=log dev=tmpfs ino=2056 
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t 
tclass=dir
audit(1103024569.926:0): avc:  denied  { unlink } for  pid=1547 
exe=/sbin/minilogd name=log dev=tmpfs ino=2056 
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t 
tclass=sock_file
audit(1103049789.825:0): avc:  denied  { write } for  pid=2254 
exe=/sbin/syslogd dev=tmpfs ino=1137 scontext=user_u:system_r:syslogd_t 
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049789.826:0): avc:  denied  { remove_name } for  pid=2254 
exe=/sbin/syslogd name=log dev=tmpfs ino=5419 
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t 
tclass=dir
audit(1103049789.826:0): avc:  denied  { add_name } for  pid=2254 
exe=/sbin/syslogd name=log scontext=user_u:system_r:syslogd_t 
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049789.826:0): avc:  denied  { setattr } for  pid=2254 
exe=/sbin/syslogd name=log dev=tmpfs ino=5849 
scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t 
tclass=sock_file
audit(1103049790.187:0): avc:  denied  { search } for  pid=2277 
exe=/sbin/portmap dev=tmpfs ino=1137 scontext=user_u:system_r:portmap_t 
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049791.885:0): avc:  denied  { search } for  pid=2381 
exe=/sbin/ypbind dev=tmpfs ino=1137 scontext=user_u:system_r:ypbind_t 
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049797.552:0): avc:  denied  { search } for  pid=2808 
exe=/usr/sbin/ntpdate dev=tmpfs ino=1137 scontext=user_u:system_r:ntpd_t 
tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049797.552:0): avc:  denied  { write } for  pid=2808 
exe=/usr/sbin/ntpdate name=log dev=tmpfs ino=5849 
scontext=user_u:system_r:ntpd_t 
tcontext=user_u:object_r:tmpfs_ttclass=sock_file

# mount
/dev/hda3 on / type ext3 (rw)
none on /proc type proc (rw)
none on /sys type sysfs (rw)
none on /dev/pts type devpts (rw,gid=5,mode=620)
usbfs on /proc/bus/usb type usbfs (rw)
/dev/hda2 on /boot type ext3 (rw)
none on /dev/shm type tmpfs (rw)
/dev/hda7 on /export type ext3 (rw)
/dev/hda6 on /var type ext3 (rw)
tmpfs on /tmp type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
automount(pid2496) on /opt type autofs 
(rw,fd=5,pgrp=2496,minproto=2,maxproto=4)
automount(pid2483) on /fs type autofs 
(rw,fd=5,pgrp=2483,minproto=2,maxproto=4)
automount(pid2543) on /data type autofs 
(rw,fd=5,pgrp=2543,minproto=2,maxproto=4)
automount(pid2587) on /home type autofs 
(rw,fd=5,pgrp=2587,minproto=2,maxproto=4)
nfsd on /proc/fs/nfsd type nfsd (rw)

-- 
Orion Poplawski
System Administrator                   303-415-9701 x222
Colorado Research Associates/NWRA      FAX: 303-415-9702
3380 Mitchell Lane, Boulder CO 80301   http://www.co-ra.com