fam: Permission denied.... avc denied...?
t l
concert at europe.com
Mon Apr 19 22:59:03 UTC 2004
Thanks for the info.
Funny... I don't remember "turning fam on"... and this behavior seems to have started around April 17.
I'll assume its a known behavior and check it again in test3.
tom
--------------------------------------------------------
* From: Jim Cornette <redhat-jc insight rr com>
* To: For testers of Fedora Core development releases <fedora-test-list redhat com>
* Subject: Re: fam: Permission denied.... avc denied...?
* Date: Mon, 19 Apr 2004 17:27:30 -0400
t l wrote:
Examining /var/log/messages, I note that I am now logging many log entries for "fam". The messages repeat until xnetd terminates it.
After restarting, "fam" behaves for a while (say 45 minutes).
I didn't see anything in bugzilla against fam.... Anyone else seeing this?
tom
-------------------------------------------------------------------------
Apr 19 10:57:57 fedora xinetd[1386]: Activating service sgi_fam
Apr 19 11:36:36 fedora fam[2974]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2975]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2976]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2977]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2978]: listen: Permission denied
Apr 19 11:36:36 fedora fam[2979]: listen: Permission denied
Apr 19 11:36:36 fedora kernel: audit(1082399796.413:0): avc: denied { search } for pid=2974 exe=/usr/bin/fam name=sys dev= ino=4120 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:sysctl_t tclass=dir
Apr 19 11:36:36 fedora kernel: audit(1082399796.414:0): avc: denied { listen } for pid=2974 exe=/usr/bin/fam path=/tmp/.fam_socket scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
Apr 19 11:36:36 fedora fam[2980]: listen: Permission denied
Apr 19 11:36:36 fedora kernel: audit(1082399796.421:0): avc: denied { search } for pid=2975 exe=/usr/bin/fam name=sys dev= ino=4120 scontext=system_u:system_r:inetd_child_t tcontext=system_u:object_r:sysctl_t tclass=dir
Apr 19 11:36:36 fedora kernel: audit(1082399796.422:0): avc: denied { listen } for pid=2975 exe=/usr/bin/fam path=/tmp/.fam_socket scontext=system_u:system_r:inetd_child_t tcontext=system_u:system_r:inetd_child_t tclass=unix_stream_socket
...
Apr 19 11:36:36 fedora xinetd[1386]: Deactivating service sgi_fam due to excessive incoming connections. Restarting in 30 seconds.
If you check the SELinux list archives, you might find a discussion about fam being off for test2 by default. I guess fam tries to do some things that are not secure enough for it to be set to on.
I submited a bunch of AVC errors that were related to fam just before test2 came out. Some of the AVC errors not related to fam were corrected.
Jim
--
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm
More information about the fedora-test-list
mailing list