rawhide 20060213 -- SELinux "denied" audit messages
Daniel J Walsh
dwalsh at redhat.com
Tue Feb 14 17:43:02 UTC 2006
Miles Lane wrote:
> audit(1139851937.273:2): avc: denied { read } for pid=1303
> comm="ifconfig" name="locale-archive" dev=hda9 ino=182666
> scontext=system_u:system_r:ifconfig_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=file
> audit(1139851937.273:3): avc: denied { getattr } for pid=1303
> comm="ifconfig" name="locale-archive" dev=hda9 ino=182666
> scontext=system_u:system_r:ifconfig_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=file
> audit(1139851937.361:4): avc: denied { search } for pid=1303
> comm="ifconfig" name="locale" dev=hda9 ino=313857
> scontext=system_u:system_r:ifconfig_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=dir
> audit(1139851947.254:9): avc: denied { read } for pid=1381
> comm="swapon" name="locale-archive" dev=hda9 ino=182666
> scontext=system_u:system_r:fsadm_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=file
> audit(1139851947.254:10): avc: denied { getattr } for pid=1381
> comm="swapon" name="locale-archive" dev=hda9 ino=182666
> scontext=system_u:system_r:fsadm_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=file
> audit(1139851956.586:13): avc: denied { search } for pid=1717
> comm="named-checkconf" name="locale" dev=hda9 ino=313857
> scontext=system_u:system_r:named_t:s0
> tcontext=user_u:object_r:file_t:s0 tclass=dir
>
>
If you see file_t it is a good indicator that you need to relabel.
touch /.autorelabel
reboot
More information about the fedora-test-list
mailing list