selinux denies dmesg

Antonio Olivares olivares14031 at yahoo.com
Thu Oct 16 22:27:52 UTC 2008 

Dear fellow selinux experts,

After recovering from a kernel panic to check up on the filesystem, I run dmesg and I encounter some avc's

[olivares at riohigh ~]$ dmesg | grep avc
type=1400 audit(1224195506.669:4): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.669:5): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.669:6): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.669:7): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.670:8): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.670:9): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.670:10): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.670:11): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.670:12): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability
type=1400 audit(1224195506.670:13): avc:  denied  { sys_resource } for  pid=1534 comm="dmesg" capability=24 scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:system_r:dmesg_t:s0 tclass=capability


I have just updated to a newer kernel 2.6.27-13 and new selinux policy updates :)

[olivares at riohigh ~]$ rpm -qa selinux*
selinux-policy-3.5.12-2.fc10.noarch
selinux-policy-targeted-3.5.12-2.fc10.noarch
[olivares at riohigh ~]$ 


What do I do?

Thanks,

Antonio

More information about the fedora-selinux-list mailing list