{a|min}getty/wtmp AVCs

Daniel J Walsh dwalsh at redhat.com
Thu Aug 10 14:05:30 UTC 2006


Émeric Maschino wrote:
> Hi,
>
> I'm getting the following AVCs on my Itanium system
> (selinux-policy-targeted-2.3.6-1). Are they also noticeable on other
> architectures?
>
> audit(1155148758.991:4): avc:  denied  { write } for  pid=2382 comm="mingetty" n
> ame="wtmp" dev=dm-0 ino=360636 scontext=system_u:system_r:getty_t:s0 tcontext=sy
> stem_u:object_r:var_log_t:s0 tclass=file
> audit(1155148758.991:5): avc:  denied  { write } for  pid=2383 comm="mingetty" n
> ame="wtmp" dev=dm-0 ino=360636 scontext=system_u:system_r:getty_t:s0 tcontext=sy
> stem_u:object_r:var_log_t:s0 tclass=file
> audit(1155148759.411:6): avc:  denied  { write } for  pid=2384 comm="mingetty" n
> ame="wtmp" dev=dm-0 ino=360636 scontext=system_u:system_r:getty_t:s0 tcontext=sy
> stem_u:object_r:var_log_t:s0 tclass=file
> audit(1155148759.627:7): avc:  denied  { write } for  pid=2385 comm="mingetty" n
> ame="wtmp" dev=dm-0 ino=360636 scontext=system_u:system_r:getty_t:s0 tcontext=sy
> stem_u:object_r:var_log_t:s0 tclass=file
> audit(1155148759.627:8): avc:  denied  { write } for  pid=2381 comm="agetty" nam
> e="wtmp" dev=dm-0 ino=360636 scontext=system_u:system_r:getty_t:s0 tcontext=syst
> em_u:object_r:var_log_t:s0 tclass=file
> audit(1155148760.063:9): avc:  denied  { write } for  pid=2386 comm="mingetty" n
> ame="wtmp" dev=dm-0 ino=360636 scontext=system_u:system_r:getty_t:s0 tcontext=sy
> stem_u:object_r:var_log_t:s0 tclass=file
> audit(1155148760.199:10): avc:  denied  { write } for  pid=2387 comm="mingetty"
> name="wtmp" dev=dm-0 ino=360636 scontext=system_u:system_r:getty_t:s0 tcontext=s
> ystem_u:object_r:var_log_t:s0 tclass=file
>
>   
logrotate was broken and changing the file context on /var/log/wtmp. 
You can restore the context with restorecon /var/log/wtmp
Then if you update to the latest logrotate the problem should be fixed.
> Cheers,
>
>    �meric
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>   






More information about the fedora-selinux-list mailing list