plymouthd avcs in MLS

Joe Nall joe at nall.com
Fri Jan 9 17:33:51 UTC 2009 

type=AVC msg=audit(1231458433.619:3): avc:  denied  { execute } for   
pid=1 comm="init" name="plymouth" dev=rootfs ino=73  
scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:root_t:s0 tclass=file
type=AVC msg=audit(1231458433.621:4): avc:  denied  { read } for   
pid=723 comm="init" name="plymouth" dev=rootfs ino=73  
scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:root_t:s0 tclass=file
type=AVC msg=audit(1231458433.621:4): avc:  denied   
{ execute_no_trans } for  pid=723 comm="init" path="/bin/plymouth"  
dev=rootfs ino=73 scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:root_t:s0 tclass=file
type=AVC msg=audit(1231458433.623:5): avc:  denied  { getattr } for   
pid=723 comm="plymouth" path="/etc/ld.so.cache" dev=rootfs ino=122  
scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:root_t:s0 tclass=file
type=AVC msg=audit(1231458433.625:6): avc:  denied  { search } for   
pid=695 comm="plymouthd" name="lib" dev=dm-0 ino=555970  
scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:var_lib_t:s0 tclass=dir
type=AVC msg=audit(1231458433.625:6): avc:  denied  { read } for   
pid=695 comm="plymouthd" name="boot-duration" dev=dm-0 ino=564304  
scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:var_lib_t:s0 tclass=file
type=AVC msg=audit(1231458433.632:7): avc:  denied  { getattr } for   
pid=695 comm="plymouthd" path="/var/lib/plymouth/boot-duration"  
dev=dm-0 ino=564304 scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:var_lib_t:s0 tclass=file
type=AVC msg=audit(1231458434.550:20): avc:  denied  { read } for   
pid=695 comm="plymouthd" path="/ptmx" dev=tmpfs ino=354  
scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file

type=AVC msg=audit(1231458434.550:21): avc:  denied  { write } for   
pid=695 comm="plymouthd" path="/tty1" dev=tmpfs ino=357  
scontext=system_u:system_r:kernel_t:s15:c0.c1023  
tcontext=system_u:object_r:tty_device_t:s0 tclass=chr_file

with the last avc repeated ~3000 times a second forever in enforcing.

Should plymouthd have a dedicated type or should tty1 be SystemHigh?

joe

More information about the fedora-selinux-list mailing list