[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

SElinux issues with vanilla 2.6.9 kernel on FC3



I've installed a kernel.org 2.6.9 kernel updated to acpi 20041203. I'm seeing lots of SElinux audit messages that I don't see with the Fedora kernels. Is there something I can do short of disabling SElinux?

audit(1103024554.837:0): avc: denied { read write } for pid=656 exe=/sbin/minilogd name=console dev=tmpfs ino=1138 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
audit(1103024554.838:0): avc: denied { write } for pid=656 exe=/sbin/minilogd dev=tmpfs ino=1137 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103024554.838:0): avc: denied { add_name } for pid=656 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103024554.838:0): avc: denied { create } for pid=656 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
audit(1103024554.839:0): avc: denied { getattr } for pid=662 exe=/sbin/minilogd path=/dev/log dev=tmpfs ino=2056 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
audit(1103024559.699:0): avc: denied { write } for pid=662 exe=/sbin/minilogd name=log dev=tmpfs ino=2056 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
audit(1103024569.926:0): avc: denied { remove_name } for pid=1547 exe=/sbin/minilogd name=log dev=tmpfs ino=2056 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103024569.926:0): avc: denied { unlink } for pid=1547 exe=/sbin/minilogd name=log dev=tmpfs ino=2056 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
audit(1103049789.825:0): avc: denied { write } for pid=2254 exe=/sbin/syslogd dev=tmpfs ino=1137 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049789.826:0): avc: denied { remove_name } for pid=2254 exe=/sbin/syslogd name=log dev=tmpfs ino=5419 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049789.826:0): avc: denied { add_name } for pid=2254 exe=/sbin/syslogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049789.826:0): avc: denied { setattr } for pid=2254 exe=/sbin/syslogd name=log dev=tmpfs ino=5849 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
audit(1103049790.187:0): avc: denied { search } for pid=2277 exe=/sbin/portmap dev=tmpfs ino=1137 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049791.885:0): avc: denied { search } for pid=2381 exe=/sbin/ypbind dev=tmpfs ino=1137 scontext=user_u:system_r:ypbind_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049797.552:0): avc: denied { search } for pid=2808 exe=/usr/sbin/ntpdate dev=tmpfs ino=1137 scontext=user_u:system_r:ntpd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
audit(1103049797.552:0): avc: denied { write } for pid=2808 exe=/usr/sbin/ntpdate name=log dev=tmpfs ino=5849 scontext=user_u:system_r:ntpd_t tcontext=user_u:object_r:tmpfs_ttclass=sock_file


# mount
/dev/hda3 on / type ext3 (rw)
none on /proc type proc (rw)
none on /sys type sysfs (rw)
none on /dev/pts type devpts (rw,gid=5,mode=620)
usbfs on /proc/bus/usb type usbfs (rw)
/dev/hda2 on /boot type ext3 (rw)
none on /dev/shm type tmpfs (rw)
/dev/hda7 on /export type ext3 (rw)
/dev/hda6 on /var type ext3 (rw)
tmpfs on /tmp type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
automount(pid2496) on /opt type autofs (rw,fd=5,pgrp=2496,minproto=2,maxproto=4)
automount(pid2483) on /fs type autofs (rw,fd=5,pgrp=2483,minproto=2,maxproto=4)
automount(pid2543) on /data type autofs (rw,fd=5,pgrp=2543,minproto=2,maxproto=4)
automount(pid2587) on /home type autofs (rw,fd=5,pgrp=2587,minproto=2,maxproto=4)
nfsd on /proc/fs/nfsd type nfsd (rw)



-- Orion Poplawski System Administrator 303-415-9701 x222 Colorado Research Associates/NWRA FAX: 303-415-9702 3380 Mitchell Lane, Boulder CO 80301 http://www.co-ra.com


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]