fam: Permission denied.... avc denied...?

t l concert at europe.com
Mon Apr 19 22:59:03 UTC 2004 

Thanks for the info.  

Funny... I don't remember "turning fam on"... and this behavior seems to have started around April 17.

I'll assume its a known behavior and check it again in test3.

tom
--------------------------------------------------------

    * From: Jim Cornette <redhat-jc insight rr com>
    * To: For testers of Fedora Core development releases <fedora-test-list redhat com>
    * Subject: Re: fam: Permission denied.... avc denied...?
    * Date: Mon, 19 Apr 2004 17:27:30 -0400

t l wrote:

    Examining /var/log/messages, I note that I am now logging many log entries for "fam". The messages repeat until xnetd terminates it.

    After restarting, "fam" behaves for a while (say 45 minutes).

    I didn't see anything in bugzilla against fam.... Anyone else seeing this?

tom
-------------------------------------------------------------------------
Apr 19 10:57:57 fedora xinetd[1386]: Activating service sgi_fam
Apr 19 11:36:36 fedora fam[2974]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2975]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2976]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2977]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2978]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2979]: listen: Permission denied
Apr 19 11:36:36 fedora kernel: audit(1082399796.413:0): avc:  denied  { search } for  pid=2974 exe=/usr/bin/fam name=sys dev= ino=4120 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:sysctl_t tclass=dir
Apr 19 11:36:36 fedora kernel: audit(1082399796.414:0): avc:  denied  { listen } for  pid=2974 exe=/usr/bin/fam path=/tmp/.fam_socket scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
Apr 19 11:36:36 fedora fam[2980]: listen: Permission denied
Apr 19 11:36:36 fedora kernel: audit(1082399796.421:0): avc:  denied  { search } for  pid=2975 exe=/usr/bin/fam name=sys dev= ino=4120 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:sysctl_t tclass=dir
Apr 19 11:36:36 fedora kernel: audit(1082399796.422:0): avc:  denied  { listen } for  pid=2975 exe=/usr/bin/fam path=/tmp/.fam_socket scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
...
Apr 19 11:36:36 fedora xinetd[1386]: Deactivating service sgi_fam due to excessive incoming connections.  Restarting in 30 seconds.



If you check the SELinux list archives, you might find a discussion about fam being off for test2 by default. I guess fam tries to do some things that are not secure enough for it to be set to on.

I submited a bunch of AVC errors that were related to fam just before test2 came out. Some of the AVC errors not related to fam were corrected.

Jim
-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm

More information about the fedora-test-list mailing list