avc: denied { something }
Andrew Farris
fedora at andrewfarris.com
Fri Apr 9 17:36:13 UTC 2004
On Fri, 2004-04-09 at 14:02 +0200, Christian Schlaefcke wrote:
> Hi Folks,
>
> after the last update I have a lot of messages like this, when start or
> stop my machine:
>
> Apr 9 13:59:06 my_server kernel: audit(1081511946.904:0): avc: denied
> { search } for pid=3178 exe=/sbin/ifconfig name=net dev= ino=4198
> scontext=system_u:system_r:kernel_t
> tcontext=system_u:object_r:sysctl_net_t tclass=dir
>
> Where are they comming from? What can I do to prevent them?
These are SELinux audit messages telling you that a process the system
attempted to run was denied by the current policy. SELinux tightens
security by choosing what the kernel will allow to happen based on many
factors (defined in the policy) :)
What you need to know is here:
http://people.redhat.com/kwade/fedora-docs/selinux-faq-en/
--
Andrew Farris, CPE senior (California Polytechnic University, SLO)
fedora at andrewfarris.com :: lmorgul on freenode
"The only thing neccessary for the triumph of evil is for good men
to do nothing." (Edmond Burke)
More information about the fedora-test-list
mailing list