Long XFS filesystem avc errors on boot

Dennis Gilmore dennis at ausil.us
Wed Apr 21 10:59:44 UTC 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Once upon a time Thursday 15 April 2004 7:16 pm, Russell Coker wrote:
> On Thu, 15 Apr 2004 18:33, Dennis Gilmore <dennis at ausil.us> wrote:
> > Apr 15 11:26:06 asgard kernel: audit(1081992347.449:0): avc:  denied
> > { getattr } for  pid=774 exe=/sbin/pam_console_apply path=/dev/input/js2
> > dev=hde2 ino=234962788 scontext=system_u:system_r:pam_console_t
> > tcontext=system_u:object_r:unlabeled_t tclass=chr_file
>
> /dev/input/js* should have the type mouse_device_t.  Please do a "ls -Z" on
> them and tell me what it says.  NB It is not going to say unlabeled_t, it
> will say whatever is on disk, the kernel uses unlabeled_t if what's on disk
> makes no sense with the currently loaded policy.
>
system_u:object_r:mouse_device_t

> > Apr 15 11:26:06 asgard kernel: audit(1081992347.464:0): avc:  denied
> > { dac_override } for  pid=774 exe=/sbin/pam_console_apply capability=1
> > scontext=system_u:system_r:pam_console_t
> > tcontext=system_u:system_r:pam_console_t tclass=capability
>
> What is it trying to do here?
that im not sure of  there is lots of them logged but they dont seem to be 
affecting things too much just thought i would bring it up


> > Apr 15 11:26:06 asgard kernel: inode_doinit_with_dentry:  getxattr
> > returned 13 for dev=hde2 ino=234962799
>
> 13 == EACCES?  That can't be right.  Steve, what do you think about this?
>
> > Apr 15 11:27:19 asgard /sbin/mingetty[1796]: tty1: Operation not
> > permitted Apr 15 11:27:19 asgard /sbin/mingetty[1797]: tty2: Operation
> > not permitted Apr 15 11:27:19 asgard /sbin/mingetty[1798]: tty3:
> > Operation not permitted Apr 15 11:27:19 asgard kernel:
> > audit(1081992439.217:0): avc:  denied { fowner } for  pid=1796
> > exe=/sbin/mingetty capability=3
> > scontext=system_u:system_r:getty_t tcontext=system_u:system_r:getty_t
> > tclass=capability
>
> Interesting.  Who owns your tty devices?
root:root
> Granting this capability should not cause a problem so please test allowing
> this and see if it does some good.  We don't want to grant capabilities
> wildly, but this will be OK if there are cases that need it.
>
<snip>
> > Apr 15 11:27:19 asgard kernel: audit(1081992439.921:0): avc:  denied
> > { getattr } for  pid=1818 exe=/usr/X11R6/bin/Xorg
> > path=/var/log/Xorg.0.log dev=hde2 ino=302135865
> > scontext=system_u:system_r:xdm_t
> > tcontext=system_u:object_r:var_log_t tclass=file
>
> Put the following in file_contexts/program/xserver.fc
> /var/log/XOrg.*         --      system_u:object_r:xserver_log_t
>
> I have attached a suitable xserver.fc file.
>
> Then you have to relabel /var/log after rebuilding the file_contexts file.
>
> Regarding the long message, all the messages after 11:27:19 appeared to be
> repeats.  The X server and getty will continue restarting forever so will
> produce an unlimited amount of messages if they can't startup correctly.


Sorry i should have picked up the repeats and sorry it took me so long to get 
back i had a hdd failure in my server.  

With latest updates all seems ok except when i log in x dies and restarts  so 
i efectivly cant log in i treid starting at  run level 3  and x would start 
but hang

Dennis













-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAhlQmkSxm47BaWfcRAtXNAJ4kPPoegHGsxryF/3M93JkHXrmphQCgi1gI
dJUnl1YZW4FCntUzkyfFBIs=
=kDiD
-----END PGP SIGNATURE-----

More information about the fedora-selinux-list mailing list