Xen AVC's FC5

Bob Kashani bobk at ocf.berkeley.edu
Fri Apr 7 22:46:11 UTC 2006


Xen doesn't seem to work with selinux enabled in FC5. :( Is the
recommended solution to turn selinux off when using xen in FC5?

selinux-policy-2.2.29-3.fc5
selinux-policy-targeted-2.2.29-3.fc5
kernel-xen0-2.6.16-1.2080_FC5

[root at chaucer ~]# audit2allow -l -i /var/log/audit/audit.log
allow cupsd_t var_run_t:dir setattr;
allow ifconfig_t xend_t:unix_stream_socket { read write };
allow smbd_t user_home_dir_t:file getattr;
allow xenconsoled_t console_device_t:chr_file { read write };
allow xend_t netutils_exec_t:file getattr;
allow xenstored_t console_device_t:chr_file { read write };
allow xenstored_t xen_device_t:chr_file { getattr read unlink write };

These are the AVC's that I get when I boot into the xen kernel:

type=AVC msg=audit(1144449050.119:5): avc:  denied  { setattr } for
pid=1887 comm="cupsd" name="cups" dev=hda2 ino=230397
scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=user_u:object_r:var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1144449050.119:5): arch=40000003 syscall=212
success=no exit=-13 a0=8abfcb0 a1=0 a2=7 a3=0 items=1 pid=1887
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="cupsd" exe="/usr/sbin/cupsd"
type=CWD msg=audit(1144449050.119:5):  cwd="/"
type=PATH msg=audit(1144449050.119:5): item=0 name="/var/run/cups"
flags=1  inode=230397 dev=03:02 mode=040755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.516:6): avc:  denied  { read write } for
pid=2063 comm="xenstored" name="console" dev=tmpfs ino=841
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:console_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1144449056.516:6): arch=40000003 syscall=11
success=yes exit=0 a0=9d76c48 a1=9d76f60 a2=9d76e38 a3=9d769f0 items=2
pid=2063 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="xenstored" exe="/usr/sbin/xenstored"
type=AVC_PATH msg=audit(1144449056.516:6):  path="/dev/console"
type=CWD msg=audit(1144449056.516:6):  cwd="/"
type=PATH msg=audit(1144449056.516:6): item=0 name="/usr/sbin/xenstored"
flags=101  inode=2481479 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449056.516:6): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.572:7): avc:  denied  { getattr } for
pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1144449056.572:7): arch=40000003 syscall=196
success=no exit=-13 a0=805716a a1=bf88064c a2=b45ff4 a3=bf88064c items=1
pid=2065 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="xenstored" exe="/usr/sbin/xenstored"
type=AVC_PATH msg=audit(1144449056.572:7):  path="/dev/xen/evtchn"
type=CWD msg=audit(1144449056.572:7):  cwd="/"
type=PATH msg=audit(1144449056.572:7): item=0 name="/dev/xen/evtchn"
flags=0  inode=3308 dev=00:0f mode=020600 ouid=0 ogid=0 rdev=0a:c9
type=AVC msg=audit(1144449056.572:8): avc:  denied  { unlink } for
pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1144449056.572:8): arch=40000003 syscall=10
success=no exit=-13 a0=805716a a1=d a2=a a3=0 items=1 pid=2065
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="xenstored" exe="/usr/sbin/xenstored"
type=CWD msg=audit(1144449056.572:8):  cwd="/"
type=PATH msg=audit(1144449056.572:8): item=0 name="/dev/xen/evtchn"
flags=10  inode=3307 dev=00:0f mode=040755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.572:9): avc:  denied  { read write } for
pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1144449056.572:9): arch=40000003 syscall=5
success=no exit=-13 a0=805716a a1=802 a2=bf8806e0 a3=0 items=1 pid=2065
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="xenstored" exe="/usr/sbin/xenstored"
type=CWD msg=audit(1144449056.572:9):  cwd="/"
type=PATH msg=audit(1144449056.572:9): item=0 name="/dev/xen/evtchn"
flags=101 inode=3308 dev=00:0f mode=020600 ouid=0 ogid=0 rdev=0a:c9
type=AVC msg=audit(1144449056.580:10): avc:  denied  { read write } for
pid=2066 comm="xenconsoled" name="console" dev=tmpfs ino=841
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:console_device_t:s0 tclass=chr_filetype=AVC
msg=audit(1144449056.580:10): avc:  denied  { read write } for  pid=2066
comm="xenconsoled" name="console" dev=tmpfs ino=841
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:console_device_t:s0 tclass=chr_filetype=AVC
msg=audit(1144449056.580:10): avc:  denied  { read write } for  pid=2066
comm="xenconsoled" name="console" dev=tmpfs ino=841
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:console_device_t:s0
tclass=chr_filetype=SYSCALL msg=audit(1144449056.580:10): arch=40000003
syscall=11 success=yes exit=0 a0=99a0068 a1=99f4120 a2=bfefdfb4
a3=9991f98 items=2 pid=2066 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 comm="xenconsoled"
exe="/usr/sbin/xenconsoled"
type=AVC_PATH msg=audit(1144449056.580:10):  path="/dev/console"
type=AVC_PATH msg=audit(1144449056.580:10):  path="/dev/console"
type=AVC_PATH msg=audit(1144449056.580:10):  path="/dev/console"
type=CWD msg=audit(1144449056.580:10):  cwd="/"
type=PATH msg=audit(1144449056.580:10): item=0
name="/usr/sbin/xenconsoled" flags=101  inode=2481318 dev=03:02
mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449056.580:10): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.928:11): avc:  denied  { read write } for
pid=2083 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449056.928:11): arch=40000003 syscall=11
success=yes exit=0 a0=8a53890 a1=8a55ca0 a2=8a55b90 a3=8a545b8 items=2
pid=2083 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449056.928:11):  path="socket:[7118]"
type=CWD msg=audit(1144449056.928:11):  cwd="/"
type=PATH msg=audit(1144449056.928:11): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449056.928:11): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.952:12): avc:  denied  { read write } for
pid=2085 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449056.952:12): arch=40000003 syscall=11
success=yes exit=0 a0=8a60ee8 a1=8a610c0 a2=8a55b90 a3=8a60de0 items=2
pid=2085 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449056.952:12):  path="socket:[7118]"
type=CWD msg=audit(1144449056.952:12):  cwd="/"
type=PATH msg=audit(1144449056.952:12): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449056.952:12): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.248:13): avc:  denied  { read write } for
pid=2099 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.248:13): arch=40000003 syscall=11
success=yes exit=0 a0=8a61040 a1=8a61c78 a2=8a55b90 a3=8a60680 items=2
pid=2099 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.248:13):  path="socket:[7118]"
type=CWD msg=audit(1144449057.248:13):  cwd="/"
type=PATH msg=audit(1144449057.248:13): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.248:13): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.260:14): avc:  denied  { read write } for
pid=2100 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.260:14): arch=40000003 syscall=11
success=yes exit=0 a0=8a61788 a1=8a60b88 a2=8a55b90 a3=8a61108 items=2
pid=2100 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.260:14):  path="socket:[7118]"
type=CWD msg=audit(1144449057.260:14):  cwd="/"
type=PATH msg=audit(1144449057.260:14): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.260:14): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.268:15): avc:  denied  { read write } for
pid=2102 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.268:15): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a61580 a2=8a55b90 a3=8a60ee8 items=2
pid=2102 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.268:15):  path="socket:[7118]"
type=CWD msg=audit(1144449057.268:15):  cwd="/"
type=PATH msg=audit(1144449057.268:15): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.268:15): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.340:16): avc:  denied  { read write } for
pid=2111 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.340:16): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a50510 a2=8a55b90 a3=8a62178 items=2
pid=2111 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.340:16):  path="socket:[7118]"
type=CWD msg=audit(1144449057.340:16):  cwd="/"
type=PATH msg=audit(1144449057.340:16): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.340:16): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.348:17): avc:  denied  { read write } for
pid=2113 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.348:17): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a50510 a2=8a55b90 a3=8a62018 items=2
pid=2113 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.348:17):  path="socket:[7118]"
type=CWD msg=audit(1144449057.348:17):  cwd="/"
type=PATH msg=audit(1144449057.348:17): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.348:17): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.368:18): avc:  denied  { read write } for
pid=2118 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.368:18): arch=40000003 syscall=11
success=yes exit=0 a0=91b5b68 a1=91b6040 a2=91b5f28 a3=91b5890 items=2
pid=2118 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.368:18):  path="socket:[7118]"
type=CWD msg=audit(1144449057.368:18):  cwd="/"
type=PATH msg=audit(1144449057.368:18): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.368:18): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.380:19): avc:  denied  { read write } for
pid=2119 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.380:19): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a50400 a2=8a55b90 a3=8a61fb0 items=2
pid=2119 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.380:19):  path="socket:[7118]"
type=CWD msg=audit(1144449057.380:19):  cwd="/"
type=PATH msg=audit(1144449057.380:19): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.380:19): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.592:20): avc:  denied  { read write } for
pid=2162 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.592:20): arch=40000003 syscall=11
success=yes exit=0 a0=8927090 a1=89255a0 a2=89026c8 a3=8921b30 items=2
pid=2162 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.592:20):  path="socket:[7118]"
type=CWD msg=audit(1144449057.592:20):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.592:20): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.592:20): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.632:21): avc:  denied  { read write } for
pid=2169 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.632:21): arch=40000003 syscall=11
success=yes exit=0 a0=8925ab0 a1=88ff1a0 a2=8901910 a3=89013e8 items=2
pid=2169 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.632:21):  path="socket:[7118]"
type=CWD msg=audit(1144449057.632:21):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.632:21): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.632:21): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.640:22): avc:  denied  { read write } for
pid=2170 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.640:22): arch=40000003 syscall=11
success=yes exit=0 a0=8927110 a1=88ff1a0 a2=8901910 a3=8900bb0 items=2
pid=2170 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.640:22):  path="socket:[7118]"
type=CWD msg=audit(1144449057.640:22):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.640:22): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.640:22): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.660:23): avc:  denied  { read write } for
pid=2173 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.660:23): arch=40000003 syscall=11
success=yes exit=0 a0=8925558 a1=8925588 a2=8902810 a3=8925720 items=2
pid=2173 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.660:23):  path="socket:[7118]"
type=CWD msg=audit(1144449057.660:23):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.660:23): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.660:23): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.720:24): avc:  denied  { read write } for
pid=2187 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.720:24): arch=40000003 syscall=11
success=yes exit=0 a0=99f1560 a1=99f1440 a2=99de528 a3=99e20e8 items=2
pid=2187 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.720:24):  path="socket:[7118]"
type=CWD msg=audit(1144449057.720:24):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.720:24): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.720:24): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.732:25): avc:  denied  { read write } for
pid=2189 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.732:25): arch=40000003 syscall=11
success=yes exit=0 a0=99de678 a1=99f1440 a2=99e1100 a3=99f2b60 items=2
pid=2189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.732:25):  path="socket:[7118]"
type=CWD msg=audit(1144449057.732:25):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.732:25): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.732:25): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.740:26): avc:  denied  { read write } for
pid=2192 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.740:26): arch=40000003 syscall=11
success=yes exit=0 a0=99e14b8 a1=99e16f0 a2=99e1a80 a3=99e1a70 items=2
pid=2192 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.740:26):  path="socket:[7118]"
type=CWD msg=audit(1144449057.740:26):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.740:26): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.740:26): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.760:27): avc:  denied  { read write } for
pid=2196 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.760:27): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a608a0 a2=8a55b90 a3=8a612e8 items=2
pid=2196 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.760:27):  path="socket:[7118]"
type=CWD msg=audit(1144449057.760:27):  cwd="/"
type=PATH msg=audit(1144449057.760:27): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.760:27): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.772:28): avc:  denied  { read write } for
pid=2197 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.772:28): arch=40000003 syscall=11
success=yes exit=0 a0=8a61fa0 a1=8a608a0 a2=8a55b90 a3=8a612b8 items=2
pid=2197 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.772:28):  path="socket:[7118]"
type=CWD msg=audit(1144449057.772:28):  cwd="/"
type=PATH msg=audit(1144449057.772:28): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.772:28): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.772:29): avc:  denied  { read write } for
pid=2198 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.772:29): arch=40000003 syscall=11
success=yes exit=0 a0=8a61f68 a1=8a50318 a2=8a55b90 a3=8a61288 items=2
pid=2198 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.772:29):  path="socket:[7118]"
type=CWD msg=audit(1144449057.772:29):  cwd="/"
type=PATH msg=audit(1144449057.772:29): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.772:29): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.772:30): avc:  denied  { read write } for
pid=2199 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.772:30): arch=40000003 syscall=11
success=yes exit=0 a0=8a621d0 a1=8a608a0 a2=8a55b90 a3=8a61228 items=2
pid=2199 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.772:30):  path="socket:[7118]"
type=CWD msg=audit(1144449057.772:30):  cwd="/"
type=PATH msg=audit(1144449057.772:30): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.772:30): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.780:31): avc:  denied  { read write } for
pid=2200 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.780:31): arch=40000003 syscall=11
success=yes exit=0 a0=8a62178 a1=8a61368 a2=8a55b90 a3=8a61600 items=2
pid=2200 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.780:31):  path="socket:[7118]"
type=CWD msg=audit(1144449057.780:31):  cwd="/"
type=PATH msg=audit(1144449057.780:31): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.780:31): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.792:32): avc:  denied  { read write } for
pid=2201 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.792:32): arch=40000003 syscall=11
success=yes exit=0 a0=8a621f0 a1=8a50318 a2=8a55b90 a3=8a61198 items=2
pid=2201 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.792:32):  path="socket:[7118]"
type=CWD msg=audit(1144449057.792:32):  cwd="/"
type=PATH msg=audit(1144449057.792:32): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.792:32): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.812:33): avc:  denied  { read write } for
pid=2205 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.812:33): arch=40000003 syscall=11
success=yes exit=0 a0=8a60f18 a1=8a61b60 a2=8a55b90 a3=8a61138 items=2
pid=2205 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.812:33):  path="socket:[7118]"
type=CWD msg=audit(1144449057.812:33):  cwd="/"
type=PATH msg=audit(1144449057.812:33): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.812:33): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.812:34): avc:  denied  { read write } for
pid=2206 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.812:34): arch=40000003 syscall=11
success=yes exit=0 a0=8a61798 a1=8a61b60 a2=8a55b90 a3=8a61788 items=2
pid=2206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.812:34):  path="socket:[7118]"
type=CWD msg=audit(1144449057.812:34):  cwd="/"
type=PATH msg=audit(1144449057.812:34): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.812:34): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.820:35): avc:  denied  { read write } for
pid=2207 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.820:35): arch=40000003 syscall=11
success=yes exit=0 a0=8a611f8 a1=8a61b60 a2=8a55b90 a3=8a61040 items=2
pid=2207 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.820:35):  path="socket:[7118]"
type=CWD msg=audit(1144449057.820:35):  cwd="/"
type=PATH msg=audit(1144449057.820:35): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.820:35): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.864:36): avc:  denied  { read write } for
pid=2209 comm="ifconfig" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.864:36): arch=40000003 syscall=11
success=yes exit=0 a0=8a61fe8 a1=8a61558 a2=8a55b90 a3=8a62398 items=2
pid=2209 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifconfig" exe="/sbin/ifconfig"
type=AVC_PATH msg=audit(1144449057.864:36):  path="socket:[7118]"
type=CWD msg=audit(1144449057.864:36):  cwd="/"
type=PATH msg=audit(1144449057.864:36): item=0 name="/sbin/ifconfig"
flags=101 inode=102062 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.864:36): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.020:37): avc:  denied  { read write } for
pid=2241 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.020:37): arch=40000003 syscall=11
success=yes exit=0 a0=98b0180 a1=988cf58 a2=988b760 a3=98b0080 items=2
pid=2241 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.020:37):  path="socket:[7118]"
type=CWD msg=audit(1144449058.020:37):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.020:37): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.020:37): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.040:38): avc:  denied  { read write } for
pid=2247 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.040:38): arch=40000003 syscall=11
success=yes exit=0 a0=98ae860 a1=988cf58 a2=988b810 a3=98ae598 items=2
pid=2247 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.040:38):  path="socket:[7118]"
type=CWD msg=audit(1144449058.040:38):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.040:38): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.040:38): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.052:39): avc:  denied  { read write } for
pid=2249 comm="iwconfig" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.052:39): arch=40000003 syscall=11
success=yes exit=0 a0=98a95d8 a1=98aca10 a2=988b760 a3=98ab010 items=2
pid=2249 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="iwconfig" exe="/sbin/iwconfig"
type=AVC_PATH msg=audit(1144449058.052:39):  path="socket:[7118]"
type=CWD msg=audit(1144449058.052:39):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.052:39): item=0 name="/sbin/iwconfig"
flags=101 inode=102068 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.052:39): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.072:40): avc:  denied  { read write } for
pid=2251 comm="ethtool" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.072:40): arch=40000003 syscall=11
success=yes exit=0 a0=988a6a0 a1=988e7c8 a2=988a9a8 a3=98ae9c8 items=2
pid=2251 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ethtool" exe="/sbin/ethtool"
type=AVC_PATH msg=audit(1144449058.072:40):  path="socket:[7118]"
type=CWD msg=audit(1144449058.072:40):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.072:40): item=0 name="/sbin/ethtool"
flags=101  inode=102186 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.072:40): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.080:41): avc:  denied  { read write } for
pid=2254 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.080:41): arch=40000003 syscall=11
success=yes exit=0 a0=98b4628 a1=98871a0 a2=988a9a8 a3=98b3a10 items=2
pid=2254 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.080:41):  path="socket:[7118]"
type=CWD msg=audit(1144449058.080:41):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.080:41): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.080:41): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.092:42): avc:  denied  { read write } for
pid=2255 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.092:42): arch=40000003 syscall=11
success=yes exit=0 a0=98b3a10 a1=98b4190 a2=9887310 a3=98b3ab0 items=2
pid=2255 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.092:42):  path="socket:[7118]"
type=CWD msg=audit(1144449058.092:42):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.092:42): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.092:42): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.100:43): avc:  denied  { getattr } for
pid=2214 comm="ifup-eth" name="arping" dev=hda2 ino=99965
scontext=system_u:system_r:xend_t:s0
tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1144449058.100:43): arch=40000003 syscall=195
success=no exit=-13 a0=988a498 a1=bf874d10 a2=5fdff4 a3=988a498 items=1
pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifup-eth" exe="/bin/bash"
type=AVC_PATH msg=audit(1144449058.100:43):  path="/sbin/arping"
type=CWD msg=audit(1144449058.100:43):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.100:43): item=0 name="/sbin/arping"
flags=1  inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.100:44): avc:  denied  { getattr } for
pid=2214 comm="ifup-eth" name="arping" dev=hda2 ino=99965
scontext=system_u:system_r:xend_t:s0
tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1144449058.100:44): arch=40000003 syscall=195
success=no exit=-13 a0=988a498 a1=bf874d10 a2=5fdff4 a3=988a498 items=1
pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifup-eth" exe="/bin/bash"
type=AVC_PATH msg=audit(1144449058.100:44):  path="/sbin/arping"
type=CWD msg=audit(1144449058.100:44):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.100:44): item=0 name="/usr/sbin/arping"
flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.120:45): avc:  denied  { read write } for
pid=2262 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.120:45): arch=40000003 syscall=11
success=yes exit=0 a0=98b4070 a1=98871a0 a2=988a9a8 a3=98b4060 items=2
pid=2262 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.120:45):  path="socket:[7118]"
type=CWD msg=audit(1144449058.120:45):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.120:45): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.120:45): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.120:46): avc:  denied  { read write } for
pid=2263 comm="ethtool" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.120:46): arch=40000003 syscall=11
success=yes exit=0 a0=9889960 a1=98b27d0 a2=988a9a8 a3=98b3398 items=2
pid=2263 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ethtool" exe="/sbin/ethtool"
type=AVC_PATH msg=audit(1144449058.120:46):  path="socket:[7118]"
type=CWD msg=audit(1144449058.120:46):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.120:46): item=0 name="/sbin/ethtool"
flags=101  inode=102186 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.120:46): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.132:47): avc:  denied  { read write } for
pid=2265 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.132:47): arch=40000003 syscall=11
success=yes exit=0 a0=98b36a8 a1=98871a0 a2=988a9a8 a3=98b3658 items=2
pid=2265 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.132:47):  path="socket:[7118]"
type=CWD msg=audit(1144449058.132:47):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.132:47): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.132:47): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.200:48): avc:  denied  { read write } for
pid=2279 comm="ifconfig" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.200:48): arch=40000003 syscall=11
success=yes exit=0 a0=9c020b8 a1=9c01618 a2=9beea80 a3=9c014f8 items=2
pid=2279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifconfig" exe="/sbin/ifconfig"
type=AVC_PATH msg=audit(1144449058.200:48):  path="socket:[7118]"
type=CWD msg=audit(1144449058.200:48):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.200:48): item=0 name="/sbin/ifconfig"
flags=101 inode=102062 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.200:48): item=1 flags=101  inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449060.120:49): avc:  denied  { getattr } for
pid=2258 comm="ifup-eth" name="arping" dev=hda2 ino=99965
scontext=system_u:system_r:xend_t:s0
tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1144449060.120:49): arch=40000003 syscall=195
success=no exit=-13 a0=988a498 a1=bf874a90 a2=5fdff4 a3=988a498 items=1
pid=2258 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifup-eth" exe="/bin/bash"
type=AVC_PATH msg=audit(1144449060.120:49):  path="/sbin/arping"
type=CWD msg=audit(1144449060.120:49):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449060.120:49): item=0 name="/sbin/arping"
flags=1  inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449060.120:50): avc:  denied  { getattr } for
pid=2258 comm="ifup-eth" name="arping" dev=hda2 ino=99965
scontext=system_u:system_r:xend_t:s0
tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1144449060.120:50): arch=40000003 syscall=195
success=no exit=-13 a0=988a498 a1=bf874a90 a2=5fdff4 a3=988a498 items=1
pid=2258 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifup-eth" exe="/bin/bash"
type=AVC_PATH msg=audit(1144449060.120:50):  path="/sbin/arping"
type=CWD msg=audit(1144449060.120:50):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449060.120:50): item=0 name="/usr/sbin/arping"
flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00

Bob

-- 
Bob Kashani
http://www.gnome.org/~bobk/




More information about the fedora-selinux-list mailing list