Firestarter startup and FC4 SE Linux Errors - LONG
David Niemi
drn_temp2 at rogers.com
Fri Jul 1 11:26:21 UTC 2005
(Sorry for the length, I included all error messages)
With the version of Firestarter from FC4 Extras myself and other users
are experiencing starter up error messages with SE Linux though
firestarter appears to start.
There messages during bootup that permission is denied to:
touch - touch /var/lock/firestarter
remove - rm /var/lock/firestarter
and that there is a "fatal error, your kernel does not support
iptables". At the end of this message is the errors from messages and I
couldn't locate any corresponding entries in audit. There could be
audit entries but I couldn't tell from my VERY LIMITED SE Linux and
audit knowledge.
The latest policies update does not appear to have made a difference.
The quick fix of coarse is to set enforcing=0 or using SELINUX=disabled
in /etc/selinux/config, but this sort of defeats the purpose. As a test
I set enforcing=0 during a reboot and didn't get the boot errors though
there was still many messages (appended) about permission denied
in /var/log/messages.
Messages during regular boot
Jul 1 06:17:50 localhost kernel: audit(1120213067.173:2): avc: denied
{ execute } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.173:3): avc: denied
{ getattr } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.173:4): avc: denied
{ getattr } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.174:5): avc: denied
{ execute } for pid=1833 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.174:6): avc: denied
{ getattr } for pid=1833 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.174:7): avc: denied
{ getattr } for pid=1833 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.174:8): avc: denied
{ execute } for pid=1834 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.174:9): avc: denied
{ getattr } for pid=1834 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.174:10): avc: denied
{ getattr } for pid=1834 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.175:11): avc: denied
{ execute } for pid=1835 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.175:12): avc: denied
{ getattr } for pid=1835 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.175:13): avc: denied
{ getattr } for pid=1835 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.176:14): avc: denied
{ execute } for pid=1836 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.176:15): avc: denied
{ getattr } for pid=1836 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.176:16): avc: denied
{ getattr } for pid=1836 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.176:17): avc: denied
{ execute } for pid=1837 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.176:18): avc: denied
{ getattr } for pid=1837 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.176:19): avc: denied
{ getattr } for pid=1837 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.177:20): avc: denied
{ execute } for pid=1838 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.177:21): avc: denied
{ getattr } for pid=1838 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.177:22): avc: denied
{ getattr } for pid=1838 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.177:23): avc: denied
{ execute } for pid=1839 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.177:24): avc: denied
{ getattr } for pid=1839 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.177:25): avc: denied
{ getattr } for pid=1839 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.178:26): avc: denied
{ execute } for pid=1840 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.178:27): avc: denied
{ getattr } for pid=1840 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.178:28): avc: denied
{ getattr } for pid=1840 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.179:29): avc: denied
{ execute } for pid=1841 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.179:30): avc: denied
{ getattr } for pid=1841 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.179:31): avc: denied
{ getattr } for pid=1841 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.179:32): avc: denied
{ execute } for pid=1842 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.179:33): avc: denied
{ getattr } for pid=1842 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.179:34): avc: denied
{ getattr } for pid=1842 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.180:35): avc: denied
{ execute } for pid=1843 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.180:36): avc: denied
{ getattr } for pid=1843 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.180:37): avc: denied
{ getattr } for pid=1843 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.180:38): avc: denied
{ execute } for pid=1844 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.180:39): avc: denied
{ getattr } for pid=1844 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.180:40): avc: denied
{ getattr } for pid=1844 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.181:41): avc: denied
{ execute } for pid=1845 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.181:42): avc: denied
{ getattr } for pid=1845 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.181:43): avc: denied
{ getattr } for pid=1845 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.181:44): avc: denied
{ execute } for pid=1846 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.182:45): avc: denied
{ getattr } for pid=1846 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.182:46): avc: denied
{ getattr } for pid=1846 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.192:47): avc: denied
{ create } for pid=1847 comm="iptables"
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=rawip_socket
Jul 1 06:17:50 localhost kernel: audit(1120213067.192:48): avc: denied
{ read } for pid=1847 comm="iptables" name=modprobe dev=proc
ino=-268435402 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_modprobe_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.193:49): avc: denied
{ create } for pid=1848 comm="iptables"
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=rawip_socket
Jul 1 06:17:50 localhost kernel: audit(1120213067.193:50): avc: denied
{ read } for pid=1848 comm="iptables" name=modprobe dev=proc
ino=-268435402 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_modprobe_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.194:51): avc: denied
{ create } for pid=1849 comm="iptables"
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=rawip_socket
Jul 1 06:17:50 localhost kernel: audit(1120213067.194:52): avc: denied
{ read } for pid=1849 comm="iptables" name=modprobe dev=proc
ino=-268435402 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_modprobe_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.195:53): avc: denied
{ create } for pid=1850 comm="iptables"
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=rawip_socket
Jul 1 06:17:50 localhost kernel: audit(1120213067.195:54): avc: denied
{ read } for pid=1850 comm="iptables" name=modprobe dev=proc
ino=-268435402 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_modprobe_t tclass=file
Jul 1 06:17:50 localhost kernel: audit(1120213067.202:55): avc: denied
{ create } for pid=1852 comm="iptables"
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=rawip_socket
Jul 1 06:17:50 localhost kernel: audit(1120213067.202:56): avc: denied
{ read } for pid=1852 comm="iptables" name=modprobe dev=proc
ino=-268435402 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_modprobe_t tclass=file
*******************************************************************
Messages with enforcing=0
Jul 1 07:05:38 localhost kernel: audit(1120215935.141:2): avc: denied
{ read } for pid=1792 comm="cp" name=config dev=hda3 ino=681198
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.141:3): avc: denied
{ getattr } for pid=1792 comm="cp" name=config dev=hda3 ino=681198
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:selinux_config_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.223:4): avc: denied
{ getattr } for pid=1800 comm="sh" name=subsys dev=hda3 ino=940095
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215935.224:5): avc: denied
{ write } for pid=1829 comm="touch" name=subsys dev=hda3 ino=940095
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215935.224:6): avc: denied
{ add_name } for pid=1829 comm="touch" name=firestarter
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215935.224:7): avc: denied
{ create } for pid=1829 comm="touch" name=firestarter
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_lock_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.224:8): avc: denied
{ write } for pid=1829 comm="touch" name=firestarter dev=hda3
ino=940966 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:var_lock_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.233:9): avc: denied
{ execute } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.233:10): avc: denied
{ execute_no_trans } for pid=1832 comm="sh" name=modprobe dev=hda3
ino=129716 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.233:11): avc: denied
{ read } for pid=1832 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.234:12): avc: denied
{ read } for pid=1832 comm="modprobe" name=modprobe.conf.dist dev=hda3
ino=680929 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_conf_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.234:13): avc: denied
{ getattr } for pid=1832 comm="modprobe" name=modprobe.conf.dist
dev=hda3 ino=680929 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_conf_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.235:14): avc: denied
{ search } for pid=1832 comm="modprobe" name=modules dev=hda3
ino=453828 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_object_t tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215935.235:15): avc: denied
{ read } for pid=1832 comm="modprobe" name=modules.dep dev=hda3
ino=454981 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_object_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.235:16): avc: denied
{ getattr } for pid=1832 comm="modprobe" name=modules.dep dev=hda3
ino=454981 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_object_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.258:17): avc: denied
{ write } for pid=1832 comm="modprobe" name=ip_tables.ko dev=hda3
ino=486540 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_object_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.258:18): avc: denied
{ lock } for pid=1832 comm="modprobe" name=ip_tables.ko dev=hda3
ino=486540 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_object_t tclass=file
Jul 1 07:05:38 localhost kernel: ip_tables: (C) 2000-2002 Netfilter
core team
Jul 1 07:05:38 localhost kernel: audit(1120215935.284:19): avc: denied
{ read } for pid=1836 comm="modprobe" name=modprobe.conf.dist dev=hda3
ino=680929 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_conf_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.284:20): avc: denied
{ getattr } for pid=1836 comm="modprobe" name=modprobe.conf.dist
dev=hda3 ino=680929 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:modules_conf_t tclass=file
Jul 1 07:05:38 localhost kernel: ip_conntrack version 2.1 (7935
buckets, 63480 max) - 272 bytes per conntrack
Jul 1 07:05:38 localhost kernel: audit(1120215935.635:21): avc: denied
{ create } for pid=1889 comm="iptables"
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=rawip_socket
Jul 1 07:05:38 localhost kernel: audit(1120215935.635:22): avc: denied
{ getopt } for pid=1889 comm="iptables" lport=255
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=rawip_socket
Jul 1 07:05:38 localhost kernel: audit(1120215935.645:23): avc: denied
{ setopt } for pid=1894 comm="iptables" lport=255
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t
tclass=rawip_socket
Jul 1 07:05:38 localhost kernel: audit(1120215935.747:24): avc: denied
{ search } for pid=1800 comm="sh" name=net dev=proc ino=-268435350
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215935.747:25): avc: denied
{ getattr } for pid=1800 comm="sh" name=ip_forward dev=proc
ino=-268435327 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_net_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.747:26): avc: denied
{ write } for pid=1800 comm="sh" name=ip_forward dev=proc
ino=-268435327 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_net_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215935.749:27): avc: denied
{ read } for pid=1800 comm="sh" name=conf dev=proc ino=-268435027
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215935.749:28): avc: denied
{ getattr } for pid=1800 comm="sh" name=conf dev=proc ino=-268435027
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.012:29): avc: denied
{ write } for pid=2094 comm="mv" name=dhcpd.conf dev=hda3 ino=684556
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.012:30): avc: denied
{ unlink } for pid=2094 comm="mv" name=dhcpd.conf dev=hda3 ino=684556
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.045:31): avc: denied
{ getattr } for pid=2095 comm="dhcpd" name=dhcpd dev=hda3 ino=2473744
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_exec_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.057:32): avc: denied
{ getattr } for pid=2095 comm="dhcpd" name=dhcpd.leases dev=hda3
ino=940974 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_state_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.058:33): avc: denied
{ execute } for pid=2098 comm="dhcpd" name=dhcpd dev=hda3 ino=2473744
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_exec_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.058:34): avc: denied
{ execute_no_trans } for pid=2098 comm="dhcpd" name=dhcpd dev=hda3
ino=2473744 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_exec_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.058:35): avc: denied
{ read } for pid=2098 comm="dhcpd" name=dhcpd dev=hda3 ino=2473744
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_exec_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.098:36): avc: denied
{ read } for pid=2099 comm="dhcpd" name=pidof dev=hda3 ino=129747
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:sbin_t
tclass=lnk_file
Jul 1 07:05:38 localhost kernel: audit(1120215936.099:37): avc: denied
{ search } for pid=2100 comm="pidof" name=1 dev=proc ino=65538
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:init_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.099:38): avc: denied
{ read } for pid=2100 comm="pidof" name=stat dev=proc ino=65550
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:init_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.099:39): avc: denied
{ getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=65550
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:init_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.099:40): avc: denied
{ read } for pid=2100 comm="pidof" name=exe dev=proc ino=65545
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:init_t
tclass=lnk_file
Jul 1 07:05:38 localhost kernel: audit(1120215936.099:41): avc: denied
{ search } for pid=2100 comm="pidof" name=2 dev=proc ino=131074
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:kernel_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.099:42): avc: denied
{ read } for pid=2100 comm="pidof" name=stat dev=proc ino=131086
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:kernel_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.100:43): avc: denied
{ getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=131086
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:kernel_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.100:44): avc: denied
{ read } for pid=2100 comm="pidof" name=exe dev=proc ino=131081
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:kernel_t
tclass=lnk_file
Jul 1 07:05:38 localhost kernel: audit(1120215936.100:45): avc: denied
{ search } for pid=2100 comm="pidof" name=901 dev=proc ino=59047938
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:udev_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.100:46): avc: denied
{ read } for pid=2100 comm="pidof" name=stat dev=proc ino=59047950
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:udev_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.100:47): avc: denied
{ getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=59047950
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:udev_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.100:48): avc: denied
{ read } for pid=2100 comm="pidof" name=exe dev=proc ino=59047945
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:udev_t
tclass=lnk_file
Jul 1 07:05:38 localhost kernel: audit(1120215936.101:49): avc: denied
{ search } for pid=2100 comm="pidof" name=1013 dev=proc ino=66387970
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.101:50): avc: denied
{ read } for pid=2100 comm="pidof" name=stat dev=proc ino=66387982
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.101:51): avc: denied
{ getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=66387982
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.101:52): avc: denied
{ read } for pid=2100 comm="pidof" name=exe dev=proc ino=66387977
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t
tclass=lnk_file
Jul 1 07:05:38 localhost kernel: audit(1120215936.102:53): avc: denied
{ search } for pid=2100 comm="pidof" name=1833 dev=proc ino=120127490
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:hotplug_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.102:54): avc: denied
{ read } for pid=2100 comm="pidof" name=stat dev=proc ino=120127502
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:hotplug_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.102:55): avc: denied
{ getattr } for pid=2100 comm="pidof" name=stat dev=proc ino=120127502
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:hotplug_t
tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.102:56): avc: denied
{ read } for pid=2100 comm="pidof" name=cwd dev=proc ino=120127495
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:hotplug_t
tclass=lnk_file
Jul 1 07:05:38 localhost kernel: audit(1120215936.114:57): avc: denied
{ search } for pid=2102 comm="rhgb-client" name=rhgb dev=hda3
ino=682523 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:mnt_t tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.114:58): avc: denied
{ search } for pid=2102 comm="rhgb-client" name=/ dev=ramfs ino=4327
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:ramfs_t
tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.114:59): avc: denied
{ write } for pid=2102 comm="rhgb-client" name=rhgb-socket dev=ramfs
ino=4335 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:ramfs_t tclass=sock_file
Jul 1 07:05:38 localhost kernel: audit(1120215936.114:60): avc: denied
{ connectto } for pid=2102 comm="rhgb-client" name=rhgb-socket
scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:initrc_t
tclass=unix_stream_socket
Jul 1 07:05:38 localhost kernel: audit(1120215936.177:61): avc: denied
{ search } for pid=2103 comm="dhcpd" name=gdm dev=hda3 ino=940237
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:xserver_log_t tclass=dir
Jul 1 07:05:38 localhost kernel: audit(1120215936.205:62): avc: denied
{ read } for pid=2107 comm="dhcpd" name=dhcpd.leases dev=hda3
ino=940974 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_state_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.212:63): avc: denied
{ append } for pid=2107 comm="dhcpd" name=dhcpd.leases dev=hda3
ino=940974 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_state_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.224:64): avc: denied
{ unlink } for pid=2107 comm="dhcpd" name=dhcpd.leases~ dev=hda3
ino=940970 scontext=system_u:system_r:dhcpc_t
tcontext=root:object_r:dhcpd_state_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.224:65): avc: denied
{ link } for pid=2107 comm="dhcpd" name=dhcpd.leases dev=hda3
ino=940974 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_state_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.224:66): avc: denied
{ unlink } for pid=2107 comm="dhcpd" name=dhcpd.leases dev=hda3
ino=940974 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:dhcpd_state_t tclass=file
Jul 1 07:05:38 localhost kernel: audit(1120215936.229:67): avc: denied
{ name_bind } for pid=2107 comm="dhcpd" s
More information about the fedora-selinux-list
mailing list