AVCs from today's update...

Tom London selinux at gmail.com
Sat Oct 7 17:29:53 UTC 2006 

Running rawhide, targeted/enforcing.

pirut update (selected 'update' from tray icon) of today's packages
produced the following AVCs:

type=AVC msg=audit(1160241847.264:23): avc:  denied  { use } for
pid=3510 comm="groupadd" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:groupadd_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fd
type=AVC msg=audit(1160241847.264:23): avc:  denied  { use } for
pid=3510 comm="groupadd" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:groupadd_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fd
type=SYSCALL msg=audit(1160241847.264:23): arch=40000003 syscall=11
success=yes exit=0 a0=9b23160 a1=9b22580 a2=9b232c0 a3=9b22f58 items=0
ppid=3509 pid=3510 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="groupadd" exe="/usr/sbin/groupadd"
subj=system_u:system_r:groupadd_t:s0 key=(null)
type=AVC_PATH msg=audit(1160241847.264:23):  path="pipe:[12624]"
type=AVC_PATH msg=audit(1160241847.264:23):  path="pipe:[12624]"
type=AVC msg=audit(1160241932.886:24): avc:  denied  { use } for
pid=3563 comm="depmod" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:depmod_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fd
type=AVC msg=audit(1160241932.886:24): avc:  denied  { use } for
pid=3563 comm="depmod" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:depmod_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fd
type=SYSCALL msg=audit(1160241932.886:24): arch=40000003 syscall=11
success=yes exit=0 a0=8b94460 a1=8b864d8 a2=8b89d78 a3=8b946c8 items=0
ppid=3550 pid=3563 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="depmod" exe="/sbin/depmod"
subj=system_u:system_r:depmod_t:s0 key=(null)
type=AVC_PATH msg=audit(1160241932.886:24):  path="pipe:[12624]"
type=AVC_PATH msg=audit(1160241932.886:24):  path="pipe:[12624]"
type=AVC msg=audit(1160241933.218:25): avc:  denied  { use } for
pid=3564 comm="mkinitrd" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:bootloader_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fd
type=AVC msg=audit(1160241933.218:25): avc:  denied  { use } for
pid=3564 comm="mkinitrd" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:bootloader_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fd
type=SYSCALL msg=audit(1160241933.218:25): arch=40000003 syscall=11
success=yes exit=0 a0=8b93fb0 a1=8b864d8 a2=8b89d78 a3=8b942f0 items=0
ppid=3550 pid=3564 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="mkinitrd" exe="/bin/bash"
subj=system_u:system_r:bootloader_t:s0 key=(null)
type=AVC_PATH msg=audit(1160241933.218:25):  path="pipe:[12624]"
type=AVC_PATH msg=audit(1160241933.218:25):  path="pipe:[12624]"
type=AVC msg=audit(1160241947.891:26): avc:  denied  { use } for
pid=5039 comm="semodule" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:semanage_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fd
type=AVC msg=audit(1160241947.891:26): avc:  denied  { use } for
pid=5039 comm="semodule" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:semanage_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fd
type=SYSCALL msg=audit(1160241947.891:26): arch=40000003 syscall=11
success=yes exit=0 a0=8d527e0 a1=8d54828 a2=8d54768 a3=8d53090 items=0
ppid=5038 pid=5039 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="semodule" exe="/usr/sbin/semodule"
subj=system_u:system_r:semanage_t:s0 key=(null)
type=AVC_PATH msg=audit(1160241947.891:26):  path="pipe:[12624]"
type=AVC_PATH msg=audit(1160241947.891:26):  path="pipe:[12624]"
type=MAC_POLICY_LOAD msg=audit(1160241953.404:27): policy loaded auid=500
type=SYSCALL msg=audit(1160241953.404:27): arch=40000003 syscall=4
success=yes exit=988177 a0=4 a1=b7ed6000 a2=f1411 a3=bfa84ff8 items=0
ppid=5039 pid=5041 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="load_policy"
exe="/usr/sbin/load_policy" subj=system_u:system_r:load_policy_t:s0
key=(null)
type=AVC msg=audit(1160241954.796:28): avc:  denied  { write } for
pid=5073 comm="restorecon" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fifo_file
type=AVC msg=audit(1160241954.796:28): avc:  denied  { write } for
pid=5073 comm="restorecon" name="[12624]" dev=pipefs ino=12624
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=fifo_file
type=SYSCALL msg=audit(1160241954.796:28): arch=40000003 syscall=11
success=yes exit=0 a0=8550998 a1=8550c18 a2=8545bd8 a3=85506c0 items=0
ppid=5045 pid=5073 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="restorecon" exe="/sbin/restorecon"
subj=system_u:system_r:restorecon_t:s0 key=(null)
type=AVC_PATH msg=audit(1160241954.796:28):  path="pipe:[12624]"
type=AVC_PATH msg=audit(1160241954.796:28):  path="pipe:[12624]"


-- 
Tom London

More information about the fedora-selinux-list mailing list