[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: avc: denied { ioctl }?

From: "Hongwei Li" <hongwei wustl edu>
To: "Stephen Smalley" <sds tycho nsa gov>
Cc: fedora-selinux-list redhat com
Subject: Re: avc: denied { ioctl }?
Date: Wed, 8 Jun 2005 08:53:29 -0500 (CDT)

> On Tue, 2005-06-07 at 08:17 -0500, Hongwei Li wrote:
>> After I updated the policy to this version (1.17.30-2.96), from time to time
>> the system log shows a lot of error messages like this:
>>
>> Jun  6 17:51:04 morpheus kernel: audit(1118098264.336:0): avc:  denied  {
>> ioctl } for  pid=17395 exe=/usr/bin/perl path=/proc/loadavg dev=proc
>> ino=-268435456 scontext=user_u:system_r:httpd_sys_script_t
>> tcontext=system_u:object_r:proc_t tclass=file
>
> Likely should just be dontaudit'd, e.g.
> yum install selinux-policy-targeted-sources
> cd /etc/selinux/targeted/src/policy
> echo "dontaudit httpd_sys_script_t proc_t:file ioctl;" >>
> domains/misc/local.te
> make load
>
> --
> Stephen Smalley
> National Security Agency

Thanks for the help.  The strnage thing is that after June 6, 18:00, this
message avc:  denied  { ioctl }... suddenly does not show up any more (up to
now, June 8, 9am).  If it shows up again, I will do the above.  Now, I am just
curious what happened.  I did not change the policy in these two days, did not
change any system setting either.  What does the error message mean?  What is
loadavg?

Thanks!

Hongwei Li

Follow-Ups:
- Re: avc: denied { ioctl }?
  - From: Stephen Smalley

References:
- avc: denied { ioctl }?
  - From: Hongwei Li
- Re: avc: denied { ioctl }?
  - From: Stephen Smalley

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]