loadkey avc denied
Laurent Jacquot
jk at lutty.net
Thu Apr 10 17:58:32 UTC 2008
Hello,
Every time I reboot, I have those 9 AVCs in /var/log/messages:
Apr 3 19:18:35 jack kernel: audit(1207243095.907:4): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr 3 19:18:35 jack kernel: audit(1207243095.907:5): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr 3 19:18:35 jack kernel: audit(1207243095.907:6): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr 3 19:18:35 jack kernel: audit(1207243095.907:7): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr 3 19:18:35 jack kernel: audit(1207243095.907:8): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr 3 19:18:35 jack kernel: audit(1207243095.907:9): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr 3 19:18:35 jack kernel: audit(1207243095.907:10): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr 3 19:18:35 jack kernel: audit(1207243095.907:11): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr 3 19:18:35 jack kernel: audit(1207243095.907:12): avc: denied
{ sys_admin } for pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
They are generated before audit runs.
What are they trying to tell me? Should I relabel something or bug it?
TIA
Laurent
More information about the fedora-selinux-list
mailing list