Core 2: Accidently switched on SELINUX
Jan Houtsma
list at houtsma.net
Mon May 24 16:20:11 UTC 2004
Hello,
By accident i installed the policy rpm on an updated machine (from core
1 to core 2). The update did not install the core utils for selinux and
stuff, so i only had policy (shouldn't the dependencies have picked this
up somehow?).
Then i rebooted the box. Below is the result.... The box sometimes even
hanged. I fixed it by doing rpm -e policy again.....
My question is if there isn't done any harm to my system anyhow because
the log shows it tried to change all kind of stuff to my system......
Also after a reboot /selinux is always mounted again. On a fresh box it
doesn't. How can i get rid of that? Before the policy rpm /selinux was
always unmounted by default.
Thanks,
--
jan
May 23 19:58:24 pandora kernel: SELinux: Completing initialization.
May 23 19:58:24 pandora kernel: SELinux: Setting up existing superblocks.
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
selinuxfs), uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev hda5, type
ext3), uses xattr
May 23 19:58:24 pandora kernel: SELinux: initialized (dev ram0, type
ext2), uses xattr
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
mqueue), not configured for labeling
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
hugetlbfs), not configured for labeling
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
devpts), uses transition SIDs
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
eventpollfs), uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
pipefs), uses task SIDs
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type tmpfs),
uses transition SIDs
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
futexfs), uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
sockfs), uses task SIDs
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type proc),
uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type bdev),
uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type
rootfs), uses genfs_contexts
May 23 19:58:24 pandora kernel: SELinux: initialized (dev , type sysfs),
uses genfs_contexts
May 23 19:58:24 pandora kernel: audit(1085335066.139:0): avc: denied {
getattr } for pid=1 exe=/sbin/init path=/dev/initctl dev=h
da5 ino=8195 scontext=system_u:system_r:kernel_t
tcontext=system_u:object_r:file_t tclass=fifo_file
May 23 19:58:24 pandora kernel: audit(1085335066.139:0): avc: denied {
read write } for pid=1 exe=/sbin/init name=initctl dev=hda
5 ino=8195 scontext=system_u:system_r:kernel_t
tcontext=system_u:object_r:file_t tclass=fifo_file
May 23 19:58:24 pandora kernel: audit(1085335067.446:0): avc: denied {
syslog_console } for pid=449 exe=/bin/dmesg scontext=syste
m_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system
May 23 19:58:24 pandora kernel: audit(1085335067.523:0): avc: denied {
search } for pid=453 exe=/sbin/sysctl name=net dev= ino=-2
68435354 scontext=system_u:system_r:kernel_t
tcontext=system_u:object_r:sysctl_net_t tclass=dir
May 23 19:58:24 pandora kernel: audit(1085335067.523:0): avc: denied {
write } for pid=453 exe=/sbin/sysctl name=ip_forward dev=
ino=-268435331 scontext=system_u:system_r:kernel_t
tcontext=system_u:object_r:sysctl_net_t tclass=file
May 23 19:58:24 pandora kernel: audit(1085335067.523:0): avc: denied {
getattr } for pid=453 exe=/sbin/sysctl path=/proc/sys/net/
ipv4/ip_forward dev= ino=-268435331 scontext=system_u:system_r:kernel_t
tcontext=system_u:object_r:sysctl_net_t tclass=file
May 23 19:58:24 pandora kernel: ACPI: Power Button (FF) [PWRF]
More information about the fedora-list
mailing list