many avcs at startup, readahead and several others
Antonio Olivares
olivares14031 at yahoo.com
Wed Sep 3 04:05:27 UTC 2008
--- On Tue, 9/2/08, Tom London <selinux at gmail.com> wrote:
> From: Tom London <selinux at gmail.com>
> Subject: Re: many avcs at startup, readahead and several others
> To: olivares14031 at yahoo.com
> Cc: fedora-test-list at redhat.com, fedora-selinux-list at redhat.com
> Date: Tuesday, September 2, 2008, 7:57 PM
> On Tue, Sep 2, 2008 at 6:19 PM, Antonio Olivares
> <olivares14031 at yahoo.com> wrote:
> > --- On Tue, 9/2/08, Tom London
> <selinux at gmail.com> wrote:
> >
> >> From: Tom London <selinux at gmail.com>
> >> Subject: Re: many avcs at startup, readahead and
> several others
> >> To: olivares14031 at yahoo.com, "For testers of
> Fedora Core development releases"
> <fedora-test-list at redhat.com>
> >> Cc: fedora-selinux-list at redhat.com
> >> Date: Tuesday, September 2, 2008, 4:28 PM
> >> On Tue, Sep 2, 2008 at 4:12 PM, Antonio Olivares
> >> <olivares14031 at yahoo.com> wrote:
> >> > Dear fellow selinux troubleshooters and
> testers,
> >> >
> >> > Using rawhide, I have seen several avcs at
> startup
> >> namely readahead and others, while I found out
> that the
> >> sound problem is due to selinux getting in the way
> of pulse.
> >> Here's a few avcs. Advise and/or workarounds
> >> appreciated, setroubleshoot has not kicked in,
> these are
> >> from dmesg | grep 'avcs'
> >> >
> >> > [root at localhost ~]# dmesg | grep
> 'avc'
> >> > type=1400 audit(1220390408.063:4): avc:
> denied {
> >> read write } for pid=611
> comm="readahead"
> >> path="/dev/console" dev=tmpfs ino=408
> >> scontext=system_u:system_r:readahead_t:s0
> > .... removed to save BANDWITH ........
> >> >
> >> >
> >> > Thanks,
> >> >
> >> > Antonio
> >> >
> >> Try "restorecon -v -R ~"
> >>
> >> --
> >> Tom London
> >
> > It did not work. STILL I see the AVCS at startup :(
> >
> >
> > Regards,
> >
> > Antonio
> >
> I'm running selinux-policy-targeted-3.5.5-3.fc10.noarch
> and
> selinux-policy-3.5.5-3.fc10.noarch.
>
> and on my system ~/.pulse is:
> [tbl at tlondon ~]$ ls -ld .pulse
> drwx------ 2 tbl tbl 4096 2008-09-02 19:48 .pulse
> [tbl at tlondon ~]$ ls -ldZ .pulse
> drwx------ tbl tbl system_u:object_r:gnome_home_t:s0
> .pulse
> [tbl at tlondon ~]$
>
> On yours, it seems to be user_home_t.
>
> type=1400 audit(1220391480.206:24): avc: denied { setattr
> } for
> pid=3267 comm="npviewer.bin"
> name=".pulse" dev=dm-0 ino=7176200
> scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023
> tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir
>
> You running the same policy? Did you update from F9?
Should be, I'll check tommorrow in the morning.
I did a touch /. autorelabel; reboot
and avc's appear to be gone :), however when I try to play an audio file, I get error(s) with pulse, so maybe pulse or the permissions are wrong :(.
> tom
> --
> Tom London
Thanks for helping out.
Regards,
Antonio
More information about the fedora-selinux-list
mailing list