rawhide 20060213 -- SELinux "denied" audit messages

Daniel J Walsh dwalsh at redhat.com
Tue Feb 14 17:43:02 UTC 2006


Miles Lane wrote:
> audit(1139851937.273:2): avc:  denied  { read } for  pid=1303
> comm="ifconfig" name="locale-archive" dev=hda9 ino=182666
> scontext=system_u:system_r:ifconfig_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=file
> audit(1139851937.273:3): avc:  denied  { getattr } for  pid=1303
> comm="ifconfig" name="locale-archive" dev=hda9 ino=182666
> scontext=system_u:system_r:ifconfig_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=file
> audit(1139851937.361:4): avc:  denied  { search } for  pid=1303
> comm="ifconfig" name="locale" dev=hda9 ino=313857
> scontext=system_u:system_r:ifconfig_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=dir
> audit(1139851947.254:9): avc:  denied  { read } for  pid=1381
> comm="swapon" name="locale-archive" dev=hda9 ino=182666
> scontext=system_u:system_r:fsadm_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=file
> audit(1139851947.254:10): avc:  denied  { getattr } for  pid=1381
> comm="swapon" name="locale-archive" dev=hda9 ino=182666
> scontext=system_u:system_r:fsadm_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=file
> audit(1139851956.586:13): avc:  denied  { search } for  pid=1717
> comm="named-checkconf" name="locale" dev=hda9 ino=313857
> scontext=system_u:system_r:named_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=dir
>
>   
If you see file_t it is a good indicator that you need to relabel.

touch /.autorelabel
reboot




More information about the fedora-test-list mailing list