bugs of the day

Bill Nottingham notting at redhat.com
Thu Apr 15 20:23:11 UTC 2004


I can bugzilla if it's preferred.

policy-1.11.2-6

1) contexts aren't set correctly on install. Jeremy is looking at this.
2) lvm_t can't read sysfs_t. It needs to
3) udev spews all sorts of stuff
  a) it can't run things in /etc/dev.d  (etc_t, shell_exec_t ATM)
  b) can't look in /bin
  c) read symlinks in /bin
  d) various other things because of this
4) init can't write to wtmp (var_log_t)
5) other bits

bootup log and audit2allow attached.

Bill
-------------- next part --------------
Apr 15 15:50:40 apone kernel: audit(1082058571.990:0): avc:  denied  { search } for  pid=34 exe=/bin/hostname dev=hda3 ino=2 scontext=system_u:system_r:hostname_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058572.266:0): avc:  denied  { search } for  pid=46 exe=/sbin/consoletype dev=hda3 ino=2 scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058572.825:0): avc:  denied  { search } for  pid=57 exe=/sbin/minilogd dev=hda3 ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058572.860:0): avc:  denied  { search } for  pid=60 exe=/bin/dmesg dev=hda3 ino=2 scontext=system_u:system_r:dmesg_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058572.926:0): avc:  denied  { search } for  pid=63 exe=/usr/bin/rhgb dev=hda3 ino=2 scontext=system_u:system_r:rhgb_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058574.244:0): avc:  denied  { search } for  pid=74 exe=/sbin/hwclock dev=hda3 ino=2 scontext=system_u:system_r:hwclock_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058575.407:0): avc:  denied  { read } for  pid=105 exe=/sbin/fsck name=fstab dev=hda3 ino=374631 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:file_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058575.407:0): avc:  denied  { getattr } for  pid=105 exe=/sbin/fsck path=/etc/fstab dev=hda3 ino=374631 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:file_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058576.129:0): avc:  denied  { search } for  pid=131 exe=/sbin/udevsend dev=hda3 ino=2 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058583.177:0): avc:  denied  { search } for  pid=560 exe=/sbin/pam_console_apply dev=hda3 ino=2 scontext=system_u:system_r:pam_console_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058583.254:0): avc:  denied  { read } for  pid=560 exe=/sbin/pam_console_apply name=fstab dev=hda3 ino=374631 scontext=system_u:system_r:pam_console_t tcontext=system_u:object_r:file_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058583.255:0): avc:  denied  { getattr } for  pid=560 exe=/sbin/pam_console_apply path=/etc/fstab dev=hda3 ino=374631 scontext=system_u:system_r:pam_console_t tcontext=system_u:object_r:file_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058583.596:0): avc:  denied  { search } for  pid=577 exe=/bin/dmesg dev=hda3 ino=2 scontext=system_u:system_r:dmesg_t tcontext=system_u:object_r:file_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058583.636:0): avc:  denied  { append } for  pid=1 exe=/sbin/init name=wtmp dev=hda3 ino=16339 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_log_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058583.636:0): avc:  denied  { write } for  pid=1 exe=/sbin/init name=wtmp dev=hda3 ino=16339 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_log_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058583.636:0): avc:  denied  { lock } for  pid=1 exe=/sbin/init path=/var/log/wtmp dev=hda3 ino=16339 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_log_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.429:0): avc:  denied  { execute } for  pid=585 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.429:0): avc:  denied  { execute_no_trans } for  pid=585 exe=/sbin/udev path=/etc/dev.d/default/dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.429:0): avc:  denied  { search } for  pid=585 exe=/sbin/udev name=bin dev=hda3 ino=1237889 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:bin_t tclass=dir
Apr 15 15:50:40 apone kernel: audit(1082058586.429:0): avc:  denied  { read } for  pid=585 exe=/sbin/udev name=sh dev=hda3 ino=1237899 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:bin_t tclass=lnk_file
Apr 15 15:50:40 apone kernel: audit(1082058586.429:0): avc:  denied  { execute } for  pid=585 exe=/sbin/udev name=bash dev=hda3 ino=1237897 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:shell_exec_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.429:0): avc:  denied  { read } for  pid=585 exe=/sbin/udev path=/bin/bash dev=hda3 ino=1237897 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:shell_exec_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.430:0): avc:  denied  { read } for  pid=585 exe=/bin/bash name=mtab dev=hda3 ino=377480 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_runtime_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.430:0): avc:  denied  { getattr } for  pid=585 exe=/bin/bash path=/etc/mtab dev=hda3 ino=377480 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_runtime_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.430:0): avc:  denied  { getattr } for  pid=585 exe=/bin/bash path=/proc/meminfo dev= ino=4098 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:proc_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.431:0): avc:  denied  { ioctl } for  pid=585 exe=/bin/bash path=/etc/dev.d/default/dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 15:50:40 apone kernel: audit(1082058586.435:0): avc:  denied  { getattr } for  pid=586 exe=/bin/bash path=/usr/bin/logger dev=hda3 ino=640141 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:bin_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059345.849:0): avc:  denied  { getattr } for  pid=135 exe=/sbin/lvm.static path=/var/run/ptal-printd dev=hda3 ino=35011 scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:var_run_t tclass=dir
Apr 15 16:04:14 apone kernel: audit(1082059345.859:0): avc:  denied  { read } for  pid=135 exe=/sbin/lvm.static dev= ino=1 scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:devpts_t tclass=dir
Apr 15 16:04:14 apone kernel: audit(1082059346.398:0): avc:  denied  { read } for  pid=135 exe=/sbin/lvm.static name=block dev= ino=385 scontext=system_u:system_r:lvm_t tcontext=system_u:object_r:sysfs_t tclass=dir
Apr 15 16:04:14 apone kernel: audit(1082059355.383:0): avc:  denied  { execute } for  pid=159 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.383:0): avc:  denied  { execute } for  pid=161 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.383:0): avc:  denied  { execute } for  pid=160 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.383:0): avc:  denied  { execute } for  pid=158 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.384:0): avc:  denied  { execute } for  pid=163 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.384:0): avc:  denied  { execute } for  pid=164 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.384:0): avc:  denied  { execute } for  pid=162 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.384:0): avc:  denied  { execute } for  pid=165 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.384:0): avc:  denied  { execute } for  pid=166 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.384:0): avc:  denied  { execute } for  pid=168 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.384:0): avc:  denied  { execute } for  pid=169 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059355.384:0): avc:  denied  { execute } for  pid=167 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059356.815:0): avc:  denied  { execute } for  pid=177 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059356.816:0): avc:  denied  { execute } for  pid=178 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059356.816:0): avc:  denied  { execute } for  pid=179 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059359.389:0): avc:  denied  { execute } for  pid=187 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059359.389:0): avc:  denied  { execute } for  pid=188 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059359.389:0): avc:  denied  { execute } for  pid=189 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059361.992:0): avc:  denied  { execute } for  pid=197 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059361.993:0): avc:  denied  { execute } for  pid=198 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059361.993:0): avc:  denied  { execute } for  pid=199 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059364.556:0): avc:  denied  { execute } for  pid=207 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059364.557:0): avc:  denied  { execute } for  pid=208 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059364.557:0): avc:  denied  { execute } for  pid=209 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059367.117:0): avc:  denied  { execute } for  pid=217 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059367.118:0): avc:  denied  { execute } for  pid=218 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059367.118:0): avc:  denied  { execute } for  pid=219 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059369.697:0): avc:  denied  { execute } for  pid=227 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059369.697:0): avc:  denied  { execute } for  pid=228 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059369.698:0): avc:  denied  { execute } for  pid=229 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059372.280:0): avc:  denied  { execute } for  pid=237 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059372.280:0): avc:  denied  { execute } for  pid=238 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:14 apone kernel: audit(1082059372.281:0): avc:  denied  { execute } for  pid=239 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059374.839:0): avc:  denied  { execute } for  pid=247 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059374.840:0): avc:  denied  { execute } for  pid=248 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059374.840:0): avc:  denied  { execute } for  pid=249 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059377.400:0): avc:  denied  { execute } for  pid=257 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059377.401:0): avc:  denied  { execute } for  pid=258 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059377.401:0): avc:  denied  { execute } for  pid=259 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059379.961:0): avc:  denied  { execute } for  pid=267 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059379.962:0): avc:  denied  { execute } for  pid=268 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059379.962:0): avc:  denied  { execute } for  pid=269 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059382.541:0): avc:  denied  { execute } for  pid=277 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059382.541:0): avc:  denied  { execute } for  pid=278 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059382.542:0): avc:  denied  { execute } for  pid=279 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059385.102:0): avc:  denied  { execute } for  pid=287 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059385.102:0): avc:  denied  { execute } for  pid=288 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059385.103:0): avc:  denied  { execute } for  pid=289 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059387.662:0): avc:  denied  { execute } for  pid=297 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059387.662:0): avc:  denied  { execute } for  pid=298 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059387.663:0): avc:  denied  { execute } for  pid=299 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059390.237:0): avc:  denied  { execute } for  pid=307 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059390.237:0): avc:  denied  { execute } for  pid=308 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059390.237:0): avc:  denied  { execute } for  pid=309 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059392.765:0): avc:  denied  { execute } for  pid=317 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059392.766:0): avc:  denied  { execute } for  pid=318 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059392.766:0): avc:  denied  { execute } for  pid=319 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059395.346:0): avc:  denied  { execute } for  pid=327 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059395.347:0): avc:  denied  { execute } for  pid=328 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059395.347:0): avc:  denied  { execute } for  pid=329 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059397.926:0): avc:  denied  { execute } for  pid=337 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059397.926:0): avc:  denied  { execute } for  pid=338 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059397.927:0): avc:  denied  { execute } for  pid=339 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059400.486:0): avc:  denied  { execute } for  pid=347 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059400.486:0): avc:  denied  { execute } for  pid=348 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059400.487:0): avc:  denied  { execute } for  pid=349 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059403.067:0): avc:  denied  { execute } for  pid=357 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059403.067:0): avc:  denied  { execute } for  pid=358 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059403.067:0): avc:  denied  { execute } for  pid=359 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059405.648:0): avc:  denied  { execute } for  pid=367 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059405.648:0): avc:  denied  { execute } for  pid=368 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059405.648:0): avc:  denied  { execute } for  pid=369 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:15 apone kernel: audit(1082059408.210:0): avc:  denied  { execute } for  pid=377 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059408.211:0): avc:  denied  { execute } for  pid=378 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059408.211:0): avc:  denied  { execute } for  pid=379 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059410.790:0): avc:  denied  { execute } for  pid=387 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059410.791:0): avc:  denied  { execute } for  pid=388 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059410.791:0): avc:  denied  { execute } for  pid=389 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059413.370:0): avc:  denied  { execute } for  pid=397 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059413.370:0): avc:  denied  { execute } for  pid=398 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059413.371:0): avc:  denied  { execute } for  pid=399 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059415.931:0): avc:  denied  { execute } for  pid=407 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059415.931:0): avc:  denied  { execute } for  pid=408 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059415.932:0): avc:  denied  { execute } for  pid=409 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059418.492:0): avc:  denied  { execute } for  pid=417 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059418.492:0): avc:  denied  { execute } for  pid=418 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059418.492:0): avc:  denied  { execute } for  pid=419 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059421.072:0): avc:  denied  { execute } for  pid=427 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059421.072:0): avc:  denied  { execute } for  pid=428 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059421.072:0): avc:  denied  { execute } for  pid=429 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059423.634:0): avc:  denied  { execute } for  pid=437 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059423.635:0): avc:  denied  { execute } for  pid=438 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059423.635:0): avc:  denied  { execute } for  pid=439 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059426.196:0): avc:  denied  { execute } for  pid=447 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059426.197:0): avc:  denied  { execute } for  pid=448 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:16 apone kernel: audit(1082059426.197:0): avc:  denied  { execute } for  pid=449 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:17 apone kernel: audit(1082059447.285:0): avc:  denied  { execute } for  pid=1185 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:17 apone kernel: audit(1082059447.286:0): avc:  denied  { execute } for  pid=1186 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:17 apone kernel: audit(1082059447.286:0): avc:  denied  { execute } for  pid=1187 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:17 apone kernel: audit(1082059456.313:0): avc:  denied  { getattr } for  pid=1652 exe=/usr/sbin/automount path=/mnt dev=hda3 ino=1531073 scontext=system_u:system_r:automount_t tcontext=system_u:object_r:mnt_t tclass=dir
Apr 15 16:04:17 apone kernel: audit(1082059456.362:0): avc:  denied  { getattr } for  pid=1708 exe=/usr/sbin/automount path=/home dev=hda3 ino=325761 scontext=system_u:system_r:automount_t tcontext=system_u:object_r:home_root_t tclass=dir
Apr 15 16:04:22 apone kernel: audit(1082059462.513:0): avc:  denied  { getattr } for  pid=2021 exe=/bin/su path=/etc/krb5.conf dev=hda3 ino=374773 scontext=system_u:system_r:initrc_su_t tcontext=system_u:object_r:krb5_conf_t tclass=file
Apr 15 16:04:22 apone kernel: audit(1082059462.513:0): avc:  denied  { getattr } for  pid=2021 exe=/bin/su path=/etc/krb5.conf dev=hda3 ino=374773 scontext=system_u:system_r:initrc_su_t tcontext=system_u:object_r:krb5_conf_t tclass=file
Apr 15 16:04:22 apone kernel: audit(1082059462.513:0): avc:  denied  { getattr } for  pid=2021 exe=/bin/su path=/dev/urandom dev=hda3 ino=174526 scontext=system_u:system_r:initrc_su_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file
Apr 15 16:04:26 apone kernel: audit(1082059466.070:0): avc:  denied  { getattr } for  pid=2087 exe=/bin/su path=/etc/krb5.conf dev=hda3 ino=374773 scontext=system_u:system_r:initrc_su_t tcontext=system_u:object_r:krb5_conf_t tclass=file
Apr 15 16:04:26 apone kernel: audit(1082059466.070:0): avc:  denied  { getattr } for  pid=2087 exe=/bin/su path=/etc/krb5.conf dev=hda3 ino=374773 scontext=system_u:system_r:initrc_su_t tcontext=system_u:object_r:krb5_conf_t tclass=file
Apr 15 16:04:26 apone kernel: audit(1082059466.071:0): avc:  denied  { getattr } for  pid=2087 exe=/bin/su path=/dev/urandom dev=hda3 ino=174526 scontext=system_u:system_r:initrc_su_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file
Apr 15 16:04:26 apone kernel: audit(1082059466.180:0): avc:  denied  { read } for  pid=2099 exe=/usr/sbin/cannaserver name=resolv.conf dev=hda3 ino=378631 scontext=system_u:system_r:canna_t tcontext=system_u:object_r:net_conf_t tclass=file
Apr 15 16:04:26 apone kernel: audit(1082059466.180:0): avc:  denied  { create } for  pid=2099 exe=/usr/sbin/cannaserver scontext=system_u:system_r:canna_t tcontext=system_u:system_r:canna_t tclass=udp_socket
Apr 15 16:04:26 apone kernel: audit(1082059466.181:0): avc:  denied  { create } for  pid=2099 exe=/usr/sbin/cannaserver scontext=system_u:system_r:canna_t tcontext=system_u:system_r:canna_t tclass=udp_socket
Apr 15 16:04:29 apone kernel: audit(1082059469.659:0): avc:  denied  { execute } for  pid=2232 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:29 apone kernel: audit(1082059469.659:0): avc:  denied  { execute } for  pid=2233 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:29 apone kernel: audit(1082059469.660:0): avc:  denied  { execute } for  pid=2234 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:29 apone kernel: audit(1082059469.669:0): avc:  denied  { execute } for  pid=2235 exe=/sbin/udev name=hotplug.dev dev=hda3 ino=380314 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:29 apone kernel: audit(1082059469.670:0): avc:  denied  { execute } for  pid=2236 exe=/sbin/udev name=dbus.dev dev=hda3 ino=380311 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:29 apone kernel: audit(1082059469.670:0): avc:  denied  { execute } for  pid=2237 exe=/sbin/udev name=pam_console.dev dev=hda3 ino=380312 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file
Apr 15 16:04:29 apone kernel: audit(1082059469.671:0): avc:  denied  { execute } for  pid=2238 exe=/sbin/udev name=selinux.dev dev=hda3 ino=380313 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:etc_t tclass=file


-------------- next part --------------
allow automount_t home_root_t:dir { getattr };
allow automount_t mnt_t:dir { getattr };
allow canna_t canna_t:udp_socket { create };
allow canna_t net_conf_t:file { read };
allow consoletype_t file_t:dir { search };
allow dmesg_t file_t:dir { search };
allow fsadm_t file_t:file { getattr read };
allow hostname_t file_t:dir { search };
allow hwclock_t file_t:dir { search };
allow init_t var_log_t:file { append lock write };
allow initrc_su_t krb5_conf_t:file { getattr };
allow initrc_su_t urandom_device_t:chr_file { getattr };
allow lvm_t devpts_t:dir { read };
allow lvm_t sysfs_t:dir { read };
allow lvm_t var_run_t:dir { getattr };
allow pam_console_t file_t:dir { search };
allow pam_console_t file_t:file { getattr read };
allow rhgb_t file_t:dir { search };
allow syslogd_t file_t:dir { search };
allow udev_t bin_t:dir { search };
allow udev_t bin_t:file { getattr };
allow udev_t bin_t:lnk_file { read };
allow udev_t etc_runtime_t:file { getattr read };
allow udev_t etc_t:file { execute execute_no_trans ioctl };
allow udev_t file_t:dir { search };
allow udev_t proc_t:file { getattr };
allow udev_t shell_exec_t:file { execute read };




More information about the fedora-selinux-list mailing list