dmesg errors
Daniel J Walsh
dwalsh at redhat.com
Wed Mar 17 04:53:01 UTC 2004
Penny Cornette wrote:
> Attached is the dmesg errors grepped to output avc errors.
>
> Also, I am having trouble with logging out of gnome. Instead of
> poweroff command, I get an unkmown user error dialog message. Poweroff
> does nothing. I have to run this from root to get it to poweroff.
>
> Sorry for the alias.
>
> Jim
>
>
>
You should turn off sgi_fam
chkconfig sgi_fam off
This is generating most of the errors and will be turned off by default
in Test2.
I have added fixes for a few of your other problems.
policy-1.8-19
Thanks for the messages.
Dan
>------------------------------------------------------------------------
>
>audit(1079481254.697:0): avc: denied { search } for pid=3307 exe=/usr/X11R6/bin/XFree86 name=console dev=hdb2 ino=752210 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:xdm_var_run_t tclass=dir
>audit(1079481256.567:0): avc: denied { read } for pid=3310 exe=/bin/bash name=mtab dev=hdb2 ino=294773 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079481256.567:0): avc: denied { getattr } for pid=3310 exe=/bin/bash path=/etc/mtab dev=hdb2 ino=294773 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079481260.180:0): avc: denied { search } for pid=3312 exe=/usr/bin/ssh-agent name=home dev=hdb2 ino=1030177 scontext=user_u:user_r:user_ssh_agent_t tcontext=system_u:object_r:home_root_t tclass=dir
>audit(1079481273.536:0): avc: denied { search } for pid=3307 exe=/usr/X11R6/bin/XFree86 name=.gnome2 dev=hdb2 ino=33285 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:user_home_t tclass=dir
>audit(1079481273.536:0): avc: denied { read } for pid=3307 exe=/usr/X11R6/bin/XFree86 name=fonts.dir dev=hdb2 ino=801265 scontext=user_u:user_r:user_xserver_t tcontext=user_u:object_r:user_home_t tclass=file
>audit(1079481273.536:0): avc: denied { getattr } for pid=3307 exe=/usr/X11R6/bin/XFree86 path=/home/jim/.gnome2/share/cursor-fonts/fonts.dir dev=hdb2 ino=801265 scontext=user_u:user_r:user_xserver_t tcontext=user_u:object_r:user_home_t tclass=file
>audit(1079481275.105:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=sys dev= ino=4120 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:sysctl_t tclass=dir
>audit(1079481275.109:0): avc: denied { listen } for pid=3342 exe=/usr/bin/fam path=/tmp/.fam_socket scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
>audit(1079481275.173:0): avc: denied { chown } for pid=3342 exe=/usr/bin/fam capability=0 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=capability
>audit(1079481275.175:0): avc: denied { write } for pid=3335 exe=/usr/libexec/gnome-settings-daemon name=.famjOWPcN dev=hdb2 ino=278074 scontext=user_u:user_r:user_t tcontext=system_u:object_r:inetd_child_tmp_t tclass=sock_file
>audit(1079481275.175:0): avc: denied { connectto } for pid=3335 exe=/usr/libexec/gnome-settings-daemon path=/tmp/.famjOWPcN scontext=user_u:user_r:user_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
>audit(1079481275.178:0): avc: denied { accept } for pid=3342 exe=/usr/bin/fam path=/tmp/.famjOWPcN scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
>audit(1079481275.180:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=mtab dev=hdb2 ino=294773 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079481275.180:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/etc/mtab dev=hdb2 ino=294773 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079481275.181:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=mounts dev= ino=4105 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:proc_t tclass=lnk_file
>audit(1079481275.181:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=3342 dev= ino=219021314 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=dir
>audit(1079481275.181:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=mounts dev= ino=219021328 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=file
>audit(1079481275.181:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/proc/3342/mounts dev= ino=219021328 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=file
>audit(1079481275.276:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/usr/share/mime-info/gnome-vfs.keys dev=hdb2 ino=229748 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:usr_t tclass=file
>audit(1079481275.727:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=home dev=hdb2 ino=1030177 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:home_root_t tclass=dir
>audit(1079481275.727:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=jim dev=hdb2 ino=1848978 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_dir_t tclass=dir
>audit(1079481275.727:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=.gnome dev=hdb2 ino=2224863 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_t tclass=dir
>audit(1079481275.729:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/home/jim/.gnome/mime-info dev=hdb2 ino=1112366 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_t tclass=dir
>audit(1079481275.730:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=mime-info dev=hdb2 ino=1112366 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_t tclass=dir
>audit(1079481275.766:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/home/jim/.gnome/mime-info/user.mime dev=hdb2 ino=1111959 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_t tclass=file
>audit(1079481279.834:0): avc: denied { write } for pid=3366 exe=/usr/bin/magicdev name=fd0 dev=hdb2 ino=65586 scontext=user_u:user_r:user_t tcontext=system_u:object_r:removable_device_t tclass=blk_file
>audit(1079481279.835:0): avc: denied { ioctl } for pid=3366 exe=/usr/bin/magicdev path=/dev/fd0 dev=hdb2 ino=65586 scontext=user_u:user_r:user_t tcontext=system_u:object_r:removable_device_t tclass=blk_file
>audit(1079481282.526:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=mounts dev= ino=4105 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:proc_t tclass=lnk_file
>audit(1079481282.526:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=mounts dev= ino=219021328 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=file
>audit(1079481282.526:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/proc/3342/mounts dev= ino=219021328 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=file
>audit(1079481286.686:0): avc: denied { use } for pid=3416 exe=/sbin/pam_timestamp_check path=/dev/tty2 dev=hdb2 ino=71750 scontext=user_u:user_r:pam_t tcontext=system_u:system_r:local_login_t tclass=fd
>audit(1079481286.688:0): avc: denied { sys_tty_config } for pid=3416 exe=/sbin/pam_timestamp_check capability=26 scontext=user_u:user_r:pam_t tcontext=user_u:user_r:pam_t tclass=capability
>audit(1079481292.262:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/home/jim dev=hdb2 ino=1848978 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_dir_t tclass=dir
>audit(1079481300.966:0): avc: denied { read } for pid=3425 exe=/bin/bash name=mtab dev=hdb2 ino=294773 scontext=system_u:system_r:system_crond_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079481305.741:0): avc: denied { setattr } for pid=3433 exe=/usr/libexec/mixer_applet2 name=registry.xml dev=hdb2 ino=2175537 scontext=user_u:user_r:user_t tcontext=system_u:object_r:var_t tclass=file
>audit(1079481306.919:0): avc: denied { chown } for pid=3342 exe=/usr/bin/fam capability=0 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=capability
>audit(1079481306.930:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=jim dev=hdb2 ino=1848978 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_dir_t tclass=dir
>audit(1079481318.752:0): avc: denied { read } for pid=3439 exe=/bin/bash name=mtab dev=hdb2 ino=294773 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079481318.753:0): avc: denied { getattr } for pid=3439 exe=/bin/bash path=/etc/mtab dev=hdb2 ino=294773 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079481321.152:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=home dev=hdb2 ino=1030177 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:home_root_t tclass=dir
>audit(1079481321.152:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=jim dev=hdb2 ino=1848978 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_dir_t tclass=dir
>audit(1079482042.883:0): avc: denied { search } for pid=3501 exe=/bin/su name=root dev=hdb2 ino=359745 scontext=user_u:user_r:user_su_t tcontext=root:object_r:staff_home_dir_t tclass=dir
>audit(1079482042.898:0): avc: denied { write } for pid=3501 exe=/bin/su name=root dev=hdb2 ino=359745 scontext=user_u:user_r:user_su_t tcontext=root:object_r:staff_home_dir_t tclass=dir
>audit(1079482042.898:0): avc: denied { add_name } for pid=3501 exe=/bin/su name=.xauthtZDJwx scontext=user_u:user_r:user_su_t tcontext=root:object_r:staff_home_dir_t tclass=dir
>audit(1079482042.898:0): avc: denied { create } for pid=3501 exe=/bin/su name=.xauthtZDJwx scontext=user_u:user_r:user_su_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
>audit(1079482042.923:0): avc: denied { setattr } for pid=3501 exe=/bin/su name=.xauthtZDJwx dev=hdb2 ino=360078 scontext=user_u:user_r:user_su_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
>audit(1079482500.573:0): avc: denied { read } for pid=3539 exe=/bin/bash name=mtab dev=hdb2 ino=294773 scontext=system_u:system_r:system_crond_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079482629.580:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=mounts dev= ino=4105 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:proc_t tclass=lnk_file
>audit(1079482629.580:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=3342 dev= ino=219021314 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=dir
>audit(1079482629.580:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=mounts dev= ino=219021328 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=file
>audit(1079482629.581:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/proc/3342/mounts dev= ino=219021328 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=file
>audit(1079482629.581:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/home/jim dev=hdb2 ino=1848978 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_dir_t tclass=dir
>audit(1079482650.058:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=sys dev= ino=4120 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:sysctl_t tclass=dir
>audit(1079482650.109:0): avc: denied { chown } for pid=3342 exe=/usr/bin/fam capability=0 scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=capability
>audit(1079482650.109:0): avc: denied { listen } for pid=3342 exe=/usr/bin/fam path=/tmp/.famrrGRJP scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
>audit(1079482650.115:0): avc: denied { write } for pid=3554 exe=/usr/bin/kdeinit name=.famrrGRJP dev=hdb2 ino=278715 scontext=user_u:user_r:user_t tcontext=system_u:object_r:inetd_child_tmp_t tclass=sock_file
>audit(1079482650.115:0): avc: denied { connectto } for pid=3554 exe=/usr/bin/kdeinit path=/tmp/.famrrGRJP scontext=user_u:user_r:user_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
>audit(1079482650.116:0): avc: denied { accept } for pid=3342 exe=/usr/bin/fam path=/tmp/.famrrGRJP scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
>audit(1079482650.287:0): avc: denied { getattr } for pid=3555 exe=/usr/bin/kdeinit path=/var/tmp/kdecache-jim dev=hdb2 ino=376975 scontext=user_u:user_r:user_t tcontext=system_u:object_r:file_t tclass=dir
>audit(1079482650.288:0): avc: denied { search } for pid=3555 exe=/usr/bin/kdeinit name=kdecache-jim dev=hdb2 ino=376975 scontext=user_u:user_r:user_t tcontext=system_u:object_r:file_t tclass=dir
>audit(1079482650.334:0): avc: denied { read } for pid=3555 exe=/usr/bin/kdeinit name=ksycoca dev=hdb2 ino=376415 scontext=user_u:user_r:user_t tcontext=user_u:object_r:file_t tclass=file
>audit(1079482650.335:0): avc: denied { getattr } for pid=3555 exe=/usr/bin/kdeinit path=/var/tmp/kdecache-jim/ksycoca dev=hdb2 ino=376415 scontext=user_u:user_r:user_t tcontext=user_u:object_r:file_t tclass=file
>audit(1079482651.439:0): avc: denied { write } for pid=3555 exe=/usr/bin/kdeinit name=ksycoca dev=hdb2 ino=376415 scontext=user_u:user_r:user_t tcontext=user_u:object_r:file_t tclass=file
>audit(1079482651.441:0): avc: denied { write } for pid=3555 exe=/usr/bin/kdeinit name=kdecache-jim dev=hdb2 ino=376975 scontext=user_u:user_r:user_t tcontext=system_u:object_r:file_t tclass=dir
>audit(1079482651.441:0): avc: denied { add_name } for pid=3555 exe=/usr/bin/kdeinit name=ksycocaO5zZ9b.new scontext=user_u:user_r:user_t tcontext=system_u:object_r:file_t tclass=dir
>audit(1079482651.441:0): avc: denied { create } for pid=3555 exe=/usr/bin/kdeinit name=ksycocaO5zZ9b.new scontext=user_u:user_r:user_t tcontext=user_u:object_r:file_t tclass=file
>audit(1079482651.442:0): avc: denied { setattr } for pid=3555 exe=/usr/bin/kdeinit name=ksycocaO5zZ9b.new dev=hdb2 ino=376480 scontext=user_u:user_r:user_t tcontext=user_u:object_r:file_t tclass=file
>audit(1079482660.017:0): avc: denied { remove_name } for pid=3555 exe=/usr/bin/kdeinit name=ksycocaO5zZ9b.new dev=hdb2 ino=376480 scontext=user_u:user_r:user_t tcontext=system_u:object_r:file_t tclass=dir
>audit(1079482660.017:0): avc: denied { rename } for pid=3555 exe=/usr/bin/kdeinit name=ksycocaO5zZ9b.new dev=hdb2 ino=376480 scontext=user_u:user_r:user_t tcontext=user_u:object_r:file_t tclass=file
>audit(1079482660.017:0): avc: denied { unlink } for pid=3555 exe=/usr/bin/kdeinit name=ksycoca dev=hdb2 ino=376415 scontext=user_u:user_r:user_t tcontext=user_u:object_r:file_t tclass=file
>audit(1079482660.024:0): avc: denied { write } for pid=3555 exe=/usr/bin/kdeinit name=ksycocastamp dev=hdb2 ino=376977 scontext=user_u:user_r:user_t tcontext=system_u:object_r:file_t tclass=file
>audit(1079482660.175:0): avc: denied { search } for pid=3342 exe=/usr/bin/fam name=.kde dev=hdb2 ino=737042 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_t tclass=dir
>audit(1079482660.176:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/home/jim/.kde/share/servicetypes dev=hdb2 ino=801647 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_t tclass=dir
>audit(1079482660.177:0): avc: denied { read } for pid=3342 exe=/usr/bin/fam name=servicetypes dev=hdb2 ino=801647 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:user_home_t tclass=dir
>audit(1079482660.179:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/usr/share/servicetypes/kcomprfilter.desktop dev=hdb2 ino=196659 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:usr_t tclass=file
>audit(1079482660.787:0): avc: denied { getattr } for pid=3342 exe=/usr/bin/fam path=/usr/share/applications/redhat-web.desktop dev=hdb2 ino=1717246 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:usr_t tclass=lnk_file
>audit(1079482810.277:0): avc: denied { setattr } for pid=3567 exe=/usr/bin/gnome-volume-control name=registry.xml dev=hdb2 ino=2175537 scontext=user_u:user_r:user_t tcontext=system_u:object_r:var_t tclass=file
>
>
>------------------------------------------------------------------------
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
More information about the fedora-selinux-list
mailing list