rawhide 20060213 -- SELinux "denied" audit messages
Miles Lane
miles.lane at gmail.com
Tue Feb 14 18:39:30 UTC 2006
On 2/14/06, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Miles Lane wrote:
[...]
> If you see file_t it is a good indicator that you need to relabel.
>
> touch /.autorelabel
> reboot
Okay, I tried that and now don't get file_t messages, but get many
more "denied" messages:
audit(1139912465.276:2): avc: denied { use } for pid=358
comm="hostname" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:hostname_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139912465.376:3): avc: denied { use } for pid=361
comm="mount" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139912466.360:4): avc: denied { use } for pid=376
comm="hwclock" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:hwclock_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139912466.360:5): avc: denied { read write } for pid=376
comm="hwclock" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:hwclock_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139930476.329:6): avc: denied { read write } for pid=1102
comm="mount" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139930476.737:7): avc: denied { read write } for pid=1107
comm="hostname" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:hostname_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139930477.293:8): avc: denied { read write } for pid=1137
comm="restorecon" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139930478.173:9): avc: denied { use } for pid=1149
comm="fsck" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:fsadm_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139930478.173:10): avc: denied { read write } for pid=1149
comm="fsck" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:fsadm_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139930480.246:11): avc: denied { use } for pid=1190
comm="setfiles" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:setfiles_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139930480.246:12): avc: denied { read write } for pid=1190
comm="setfiles" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:setfiles_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139930714.492:13): avc: denied { relabelto } for pid=1190
comm="setfiles" name="hprof_ioname.h" dev=hda7 ino=1165495
scontext=system_u:system_r:setfiles_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=chr_file
audit(1139930748.482:14): avc: denied { relabelto } for pid=1190
comm="setfiles" name="ram0" dev=hda7 ino=2518213
scontext=system_u:system_r:setfiles_t:s0
tcontext=system_u:object_r:default_t:s0 tclass=blk_file
audit(1139931063.090:15): avc: denied { read write } for pid=1198
comm="ifconfig" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931071.343:20): avc: denied { read write } for pid=1260
comm="pam_console_app" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:pam_console_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931071.451:21): avc: denied { read write } for pid=1266
comm="restorecon" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931071.719:22): avc: denied { use } for pid=1273
comm="swapon" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:fsadm_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931071.719:23): avc: denied { read write } for pid=1273
comm="swapon" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:fsadm_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931071.727:24): avc: denied { use } for pid=1274
comm="mount" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931071.727:25): avc: denied { read write } for pid=1274
comm="mount" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931072.607:26): avc: denied { use } for pid=1308
comm="cpuspeed" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:cpuspeed_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931072.607:27): avc: denied { read write } for pid=1308
comm="cpuspeed" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:cpuspeed_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931072.839:28): avc: denied { read write } for pid=1344
comm="ip" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931072.999:29): avc: denied { use } for pid=1356
comm="arping" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:netutils_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931072.999:30): avc: denied { read write } for pid=1356
comm="arping" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:netutils_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931080.071:31): avc: denied { use } for pid=1613
comm="syslogd" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931080.075:32): avc: denied { read write } for pid=1613
comm="syslogd" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931080.191:33): avc: denied { use } for pid=1616
comm="klogd" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:klogd_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931080.191:34): avc: denied { read write } for pid=1616
comm="klogd" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:klogd_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931080.371:35): avc: denied { use } for pid=1626
comm="named-checkconf" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:named_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931080.371:36): avc: denied { read write } for pid=1626
comm="named-checkconf" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:named_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931081.483:37): avc: denied { use } for pid=1645
comm="portmap" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:portmap_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931081.483:38): avc: denied { read write } for pid=1645
comm="portmap" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:portmap_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931081.643:39): avc: denied { use } for pid=1664
comm="rpc.statd" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:rpcd_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931081.643:40): avc: denied { read write } for pid=1664
comm="rpc.statd" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:rpcd_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
audit(1139931082.243:41): avc: denied { use } for pid=1674
comm="auditd" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:auditd_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd
audit(1139931082.243:42): avc: denied { read write } for pid=1674
comm="auditd" name="ptmx" dev=tmpfs ino=769
scontext=system_u:system_r:auditd_t:s0
tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file
More information about the fedora-test-list
mailing list