[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

More consolekit_t and dbus_t AVCs (from today's Rawhide)



After doing today's rawhide thing, get this on targeted/enforcing boot/login:

#============= system_dbusd_t ==============
allow system_dbusd_t NetworkManager_t:dbus send_msg;
allow system_dbusd_t unconfined_t:dbus send_msg;

#============= xdm_t ==============
allow xdm_t consolekit_var_run_t:dir search;

[copy of /var/log/audit/audit.log attached.]

tom
-- 
Tom London
type=DAEMON_START msg=audit(1202673141.054:3366): auditd start, ver=1.6.7 format=raw kernel=2.6.24.1-26.fc9 auid=4294967295 pid=2162 res=success
type=CONFIG_CHANGE msg=audit(1202673141.155:5): audit_enabled=1 old=0 by auid=4294967295 subj=system_u:system_r:auditd_t:s0 res=1
type=CONFIG_CHANGE msg=audit(1202673141.155:6): audit_enabled=1 old=0 by auid=4294967295 res=1
type=CONFIG_CHANGE msg=audit(1202673141.406:7): audit_backlog_limit=320 old=64 by auid=4294967295 subj=system_u:system_r:auditctl_t:s0 res=1
type=CONFIG_CHANGE msg=audit(1202673141.406:8): audit_backlog_limit=320 old=64 by auid=4294967295 res=1
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.178:9): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Cups-PDF uri=cups-pdf:/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.421:10): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=HP5MP uri=hp:/par/HP_LaserJet_5MP?device=/dev/parport0 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.663:11): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_laserjet_1300 uri=hp:/usb/hp_LaserJet_1300?serial=00CNCB954325 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.775:12): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_LaserJet_1300_USB_1 uri=usb://HP/LaserJet%201300 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.070:13): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Kyocera_FS-C5030N_on_dc1 uri=socket://10.10.3.49:9100 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.353:14): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=SavinColor uri=ipp://10.10.3.47/ipp/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.477:15): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Innopath uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.478:16): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Local uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=USER_AVC msg=audit(1202673183.465:17): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc:  denied  { send_msg } for msgtype=method_return dest=:1.7 spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1202673183.465:18): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc:  denied  { send_msg } for msgtype=method_return dest=:1.7 spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1202673183.495:19): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc:  denied  { send_msg } for msgtype=signal interface=org.freedesktop.NetworkManagerSettings member=NewConnection dest=org.freedesktop.DBus spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=AVC msg=audit(1202673238.082:20): avc:  denied  { search } for  pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.082:20): arch=40000003 syscall=33 success=no exit=-13 a0=952c588 a1=4 a2=1ef264 a3=0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1202673238.083:21): avc:  denied  { search } for  pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.083:21): arch=40000003 syscall=33 success=no exit=-13 a0=952c5b0 a1=4 a2=1ef264 a3=952c5b0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1202673238.084:22): avc:  denied  { search } for  pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.084:22): arch=40000003 syscall=5 success=no exit=-13 a0=952c608 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=USER_AUTH msg=audit(1202673250.383:23): user pid=2787 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=? exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=failed)'
type=USER_LOGIN msg=audit(1202673250.385:24): user pid=2787 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='acct=unknown: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=failed)'
type=USER_AUTH msg=audit(1202673253.772:25): user pid=2826 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=? exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=failed)'
type=USER_LOGIN msg=audit(1202673253.775:26): user pid=2826 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='acct=unknown: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=failed)'
type=USER_AUTH msg=audit(1202673302.114:27): user pid=2827 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_ACCT msg=audit(1202673302.120:28): user pid=2827 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=CRED_ACQ msg=audit(1202673302.159:29): user pid=2827 uid=500 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=LOGIN msg=audit(1202673302.200:30): login pid=2827 uid=500 old auid=4294967295 new auid=500
type=USER_ROLE_CHANGE msg=audit(1202673302.291:31): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0 selected-context=unconfined_u:unconfined_r:unconfined_t:s0: exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=? res=success)'
type=USER_START msg=audit(1202673303.234:32): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_LOGIN msg=audit(1202673303.236:33): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=success)'
type=USER_AVC msg=audit(1202673317.011:34): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc:  denied  { send_msg } for msgtype=method_return dest=:1.42 spid=2633 tpid=3061 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AUTH msg=audit(1202674234.777:35): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:authentication acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_ACCT msg=audit(1202674234.785:36): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:accounting acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_START msg=audit(1202674234.914:37): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_open acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=CRED_ACQ msg=audit(1202674234.915:38): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]