AVC on install of libutempter ?
Daniel J Walsh
dwalsh at redhat.com
Mon Jul 31 13:46:02 UTC 2006
Tom London wrote:
> After installing today's rawhide (selinux-policy-2.3.3-14), I 'yum
> install libutempter'. I believe the following occured then:
>
> type=USER_CHAUTHTOK msg=audit(07/29/2006 09:51:16.038:68) : user
> pid=4163 uid=root auid=tbl subj=user_u:system_r:groupadd_t:s0
> msg='op=adding group acct=utempter exe=(hostname=?, addr=?,
> terminal=pts/0 res=success)'
> ----
> type=PATH msg=audit(07/29/2006 09:51:16.042:69) : item=1
> name=inode=7798798 dev=fd:00 mode=file,755 ouid=root ogid=root
> rdev=00:00 obj=system_u:object_r:ld_so_t:s0
> type=PATH msg=audit(07/29/2006 09:51:16.042:69) : item=0
> name=inode=8303056 dev=fd:00 mode=file,755 ouid=root ogid=root
> rdev=00:00 obj=system_u:object_r:nscd_exec_t:s0
> type=CWD msg=audit(07/29/2006 09:51:16.042:69) : cwd=
> type=EXECVE msg=audit(07/29/2006 09:51:16.042:69) :
> a0="/usr/sbin/nscd" a1="nscd" a2="-i" a3="group"
> type=AVC_PATH msg=audit(07/29/2006 09:51:16.042:69) : path=
> type=AVC_PATH msg=audit(07/29/2006 09:51:16.042:69) : path=
> type=SYSCALL msg=audit(07/29/2006 09:51:16.042:69) : arch=i386
> syscall=execve success=yes exit=0 a0=804de0d a1=bf8131a4 a2=bf8131b8
> a3=1 items=2 ppid=4163 pid=4164 auid=tbl uid=root gid=root euid=root
> suid=root fsuid=root egid=root sgid=root fsgid=root tty=pts0
> comm=exe=subj=user_u:system_r:nscd_t:s0 key=(null)
> type=AVC msg=audit(07/29/2006 09:51:16.042:69) : avc: denied { read
> write } for pid=4164 comm=name=dev=dm-0 ino=853755
> scontext=user_u:system_r:nscd_t:s0
> tcontext=system_u:object_r:shadow_t:s0 tclass=file
> type=AVC msg=audit(07/29/2006 09:51:16.042:69) : avc: denied { write
> } for pid=4164 comm=name=dev=dm-0 ino=854746
> scontext=user_u:system_r:nscd_t:s0 tcontext=system_u:object_r:etc_t:s0
> tclass=file
>
> tom
This log file seems very screwed up. Any idea what happened to it?
More information about the fedora-selinux-list
mailing list