FCT2 avc messages

Daniel J Walsh dwalsh at redhat.com
Thu Apr 1 16:59:34 UTC 2004 

Dax Kelson wrote:

>I did an "everything" install of FC2T2. On the first boot I saw a few avc
>messages, but now I just see these ones on boot:
>
>audit(1080783274.603:0): avc:  denied  { append } for  pid=1281 exe=/sbin/syslogd name=news.crit dev=hda8 ino=135289 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>audit(1080783274.603:0): avc:  denied  { append } for  pid=1281 exe=/sbin/syslogd name=news.err dev=hda8 ino=135290 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>audit(1080783274.604:0): avc:  denied  { append } for  pid=1281 exe=/sbin/syslogd name=news.notice dev=hda8 ino=135288 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>  
>

Should be fixed in latest policy from rawhide.

>On shutdown this command fails because of SELINUX with an avc message 
>(which I don't have):
>
>Line 69 of /etc/init.d/halt :
> 
>/bin/aumix-minimal -f /etc/.aumixrc -S
>
>The write to /etc/.aumixrc is denied.
>
>Other avc messages:
>
>Note that the ones at 4:03 AM are from the /etc/cron.daily/ being 
>processed.
>
>Mar 31 00:21:27 mentor kernel: audit(1080717667.113:0): avc:  denied  { append } for  pid=1182 exe=/sbin/syslogd name=news.crit dev=hda8 ino=135289 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>Mar 31 00:21:27 mentor kernel: audit(1080717667.113:0): avc:  denied  { append } for  pid=1182 exe=/sbin/syslogd name=news.err dev=hda8 ino=135290 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>Mar 31 00:21:27 mentor kernel: audit(1080717667.113:0): avc:  denied  { append } for  pid=1182 exe=/sbin/syslogd name=news.notice dev=hda8 ino=135288 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>Mar 31 00:21:52 mentor kernel: audit(1080717712.300:0): avc:  denied  { unix_read unix_write } for  pid=50 exe=/usr/X11R6/bin/XFree86 key=0 scontext=system_u:system_r:xdm_xserver_t tcontext=system_u:system_r:initrc_t tclass=shm
>Mar 31 00:24:41 mentor kernel: audit(1080717881.247:0): avc:  denied  { unix_read unix_write } for  pid=50 exe=/usr/X11R6/bin/XFree86 key=0 scontext=system_u:system_r:xdm_xserver_t tcontext=system_u:system_r:initrc_t tclass=shm
>Mar 31 00:26:41 mentor kernel: audit(1080718001.819:0): avc:  denied  { write } for  pid=3405 exe=/bin/rm name=fd dev= ino=223150089 scontext=system_u:system_r:initrc_t tcontext=system_u:system_r:initrc_t tclass=dir
>Mar 31 00:28:12 mentor kernel: audit(1080718084.130:0): avc:  denied  { append } for  pid=1280 exe=/sbin/syslogd name=news.crit dev=hda8 ino=135289 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>Mar 31 00:28:12 mentor kernel: audit(1080718084.131:0): avc:  denied  { append } for  pid=1280 exe=/sbin/syslogd name=news.err dev=hda8 ino=135290 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>Mar 31 00:28:13 mentor kernel: audit(1080718084.131:0): avc:  denied  { append } for  pid=1280 exe=/sbin/syslogd name=news.notice dev=hda8 ino=135288 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>Mar 31 00:59:31 mentor kernel: audit(1080719971.236:0): avc:  denied  { write } for  pid=3354 exe=/bin/aumix-minimal name=etc dev=hda8 ino=392449 scontext=root:system_r:sound_t tcontext=system_u:object_r:etc_t tclass=dir
>Mar 31 01:00:00 mentor kernel: audit(1080720000.160:0): avc:  denied  { search } for  pid=3355 exe=/bin/aumix-minimal name=tmp dev=hda8 ino=98113 scontext=root:system_r:sound_t tcontext=system_u:object_r:tmp_t tclass=dir
>Mar 31 02:09:05 mentor kernel: audit(1080724145.771:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/var/named/chroot/dev/random dev=hda8 ino=133233 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file
>Mar 31 02:09:05 mentor kernel: audit(1080724145.772:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/var/named/chroot/dev/null dev=hda8 ino=133232 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file
>Mar 31 02:09:05 mentor kernel: audit(1080724145.824:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/var/named/chroot/var/named/chroot/dev/random dev=hda8 ino=133249 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file
>Mar 31 02:09:05 mentor kernel: audit(1080724145.824:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/var/named/chroot/var/named/chroot/dev/null dev=hda8 ino=133250 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file
>Mar 31 02:09:07 mentor kernel: audit(1080724147.313:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/initrd/dev/ram dev=ram0 ino=17 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=blk_file
>Mar 31 02:09:07 mentor kernel: audit(1080724147.313:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/initrd/dev/tty3 dev=ram0 ino=18 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 02:09:07 mentor kernel: audit(1080724147.313:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/initrd/dev/tty1 dev=ram0 ino=19 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 02:09:07 mentor kernel: audit(1080724147.314:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/initrd/dev/null dev=ram0 ino=20 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 02:09:07 mentor kernel: audit(1080724147.314:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/initrd/dev/tty4 dev=ram0 ino=21 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 02:09:07 mentor kernel: audit(1080724147.314:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/initrd/dev/tty2 dev=ram0 ino=22 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 02:09:07 mentor kernel: audit(1080724147.314:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/initrd/dev/systty dev=ram0 ino=23 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 02:09:07 mentor kernel: audit(1080724147.315:0): avc:  denied  { getattr } for  pid=12497 exe=/usr/bin/slocate path=/initrd/dev/console dev=ram0 ino=24 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 04:03:58 mentor kernel: audit(1080731038.214:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/var/named/chroot/dev/random dev=hda8 ino=133233 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file
>Mar 31 04:03:58 mentor kernel: audit(1080731038.215:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/var/named/chroot/dev/null dev=hda8 ino=133232 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file
>Mar 31 04:03:58 mentor kernel: audit(1080731038.230:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/var/named/chroot/var/named/chroot/dev/random dev=hda8 ino=133249 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file
>Mar 31 04:03:58 mentor kernel: audit(1080731038.230:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/var/named/chroot/var/named/chroot/dev/null dev=hda8 ino=133250 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:named_conf_t tclass=chr_file
>Mar 31 04:03:59 mentor kernel: audit(1080731039.591:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/initrd/dev/ram dev=ram0 ino=17 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=blk_file
>Mar 31 04:03:59 mentor kernel: audit(1080731039.592:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/initrd/dev/tty3 dev=ram0 ino=18 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 04:03:59 mentor kernel: audit(1080731039.592:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/initrd/dev/tty1 dev=ram0 ino=19 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 04:03:59 mentor kernel: audit(1080731039.592:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/initrd/dev/null dev=ram0 ino=20 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 04:03:59 mentor kernel: audit(1080731039.593:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/initrd/dev/tty4 dev=ram0 ino=21 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 04:03:59 mentor kernel: audit(1080731039.593:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/initrd/dev/tty2 dev=ram0 ino=22 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 04:03:59 mentor kernel: audit(1080731039.593:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/initrd/dev/systty dev=ram0 ino=23 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 04:03:59 mentor kernel: audit(1080731039.594:0): avc:  denied  { getattr } for  pid=16683 exe=/usr/bin/slocate path=/initrd/dev/console dev=ram0 ino=24 scontext=system_u:system_r:locate_t tcontext=system_u:object_r:file_t tclass=chr_file
>Mar 31 10:25:41 mentor kernel: audit(1080753941.211:0): avc:  denied  { write } for  pid=18069 exe=/bin/rm name=fd dev= ino=1184169993 scontext=system_u:system_r:initrc_t tcontext=system_u:system_r:initrc_t tclass=dir
>Mar 31 18:34:38 mentor kernel: audit(1080783274.603:0): avc:  denied  { append } for  pid=1281 exe=/sbin/syslogd name=news.crit dev=hda8 ino=135289 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>Mar 31 18:34:38 mentor kernel: audit(1080783274.603:0): avc:  denied  { append } for  pid=1281 exe=/sbin/syslogd name=news.err dev=hda8 ino=135290 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>Mar 31 18:34:38 mentor kernel: audit(1080783274.604:0): avc:  denied  { append } for  pid=1281 exe=/sbin/syslogd name=news.notice dev=hda8 ino=135288 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:innd_log_t tclass=file
>
>  
>
/initrd is supposed to be umounted,  that looks like a bug in the 
initscripts.  When you reboot is the /initrd directory mounted?

>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>  
>

More information about the fedora-selinux-list mailing list