fam: Permission denied.... avc denied...?

Jim Cornette redhat-jc at insight.rr.com
Mon Apr 19 21:27:30 UTC 2004 

t l wrote:
> Examining /var/log/messages, I note that I am now logging many log entries for "fam". The messages repeat until xnetd terminates it.
> 
> After restarting, "fam" behaves for a while (say 45 minutes).
> 
> I didn't see anything in bugzilla against fam.... Anyone else seeing this?
> 
> tom
> -------------------------------------------------------------------------
> Apr 19 10:57:57 fedora xinetd[1386]: Activating service sgi_fam
> Apr 19 11:36:36 fedora fam[2974]: listen: Permission denied
> Apr 19 11:36:36 fedora fam[2975]: listen: Permission denied
> Apr 19 11:36:36 fedora fam[2976]: listen: Permission denied
> Apr 19 11:36:36 fedora fam[2977]: listen: Permission denied
> Apr 19 11:36:36 fedora fam[2978]: listen: Permission denied
> Apr 19 11:36:36 fedora fam[2979]: listen: Permission denied
> Apr 19 11:36:36 fedora kernel: audit(1082399796.413:0): avc:  denied  { search } for  pid=2974 exe=/usr/bin/fam name=sys dev= ino=4120 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:sysctl_t tclass=dir
> Apr 19 11:36:36 fedora kernel: audit(1082399796.414:0): avc:  denied  { listen } for  pid=2974 exe=/usr/bin/fam path=/tmp/.fam_socket scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
> Apr 19 11:36:36 fedora fam[2980]: listen: Permission denied
> Apr 19 11:36:36 fedora kernel: audit(1082399796.421:0): avc:  denied  { search } for  pid=2975 exe=/usr/bin/fam name=sys dev= ino=4120 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:sysctl_t tclass=dir
> Apr 19 11:36:36 fedora kernel: audit(1082399796.422:0): avc:  denied  { listen } for  pid=2975 exe=/usr/bin/fam path=/tmp/.fam_socket scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
> ...
> Apr 19 11:36:36 fedora xinetd[1386]: Deactivating service sgi_fam due to excessive incoming connections.  Restarting in 30 seconds.
> 

If you check the SELinux list archives, you might find a discussion 
about fam being off for test2 by default. I guess fam tries to do some 
things that are not secure enough for it to be set to on.

I submited a bunch of AVC errors that were related to fam just before 
test2 came out. Some of the AVC errors not related to fam were corrected.

Jim

More information about the fedora-test-list mailing list