SELinux changes from Fedora 2 to Fedora 3
by Steve Strong
So, I bought a book to learn how to configure selinux (Bill McCarty from
O'Reilly) and it appears that selinux has changed between Fedora 2 and
3. Has anyone else found differences? Has anyone set up a live server
using policies written for SELinux?
steve
19 years, 4 months
systat needs perms for proc_net_t?
by Tom London
Running strict/enforcing off of latest Rawhide:
I get:
Nov 27 11:10:01 fedora kernel: audit(1101582601.882:0): avc: denied
{ search } for pid=8407 exe=/usr/lib/sa/sadc name=net dev=proc
ino=-268435434 scontext=system_u:system_r:sysstat_t
tcontext=system_u:object_r:proc_net_t tclass=dir
Nov 27 11:10:01 fedora kernel: audit(1101582601.884:0): avc: denied
{ search } for pid=8407 exe=/usr/lib/sa/sadc name=net dev=proc
ino=-268435434 scontext=system_u:system_r:sysstat_t
tcontext=system_u:object_r:proc_net_t tclass=dir
every 10 minutes or so...
I made the following patch to sysstat.te to add
read perms for proc_net_t.
That right?
tom
--- SAVE/sysstat.te 2004-11-27 11:19:14.988551119 -0800
+++ ./sysstat.te 2004-11-27 11:20:08.235155773 -0800
@@ -51,8 +51,8 @@
allow sysstat_t fs_t:filesystem getattr;
# get info from /proc
-allow sysstat_t { proc_t sysctl_kernel_t sysctl_t sysctl_fs_t
sysctl_rpc_t }:dir r_dir_perms;
-allow sysstat_t { proc_t sysctl_kernel_t sysctl_t sysctl_fs_t
sysctl_rpc_t }:file { read getattr };
+allow sysstat_t { proc_t proc_net_t sysctl_kernel_t sysctl_t
sysctl_fs_t sysctl_rpc_t }:dir r_dir_perms;
+allow sysstat_t { proc_t proc_net_t sysctl_kernel_t sysctl_t
sysctl_fs_t sysctl_rpc_t }:file { read getattr };
domain_auto_trans(initrc_t, sysstat_exec_t, sysstat_t)
allow sysstat_t init_t:fd use;
--
Tom London
19 years, 4 months
Re: Issue on getting security context of socket and message
by Park Lee
On Tue, 09 Nov 2004 at 10:39, Stephen Smalley wrote:
> In the kernel, you can obtain the security context of a socket via the
> security field of its associated inode. Look at socket_has_perm()
> and selinux_socket_sock_rcv_skb() in security/selinux/hooks.c for
> examples.
I'm now trying to do something on integrating IPsec with SELinux. Now I need to get the security context of a socket and the socket itself.
Would you please tell me further that when an outbound packet is going to be send, How can we get the struct socket itself (i.e. the socket that is related to the outbound packet. it refers that when we want to send the packet, we should first set up the socket )?
And, in kernel-space, How can we transfer a SID to a security context? Is there any function can we use to achieve it?
Thank you.
--
Best Regards,
Park Lee <parklee_sel(a)yahoo.com>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
19 years, 4 months
test
by gandharv@fastmail.fm
test
--
19 years, 5 months
Issue with SELinux on FC3 - No policies
by Daryn Hanright
Hi - I've experienced something weird with SeLinux. When I first installed
FC3 I chose targeted & noticed loads of different options under the SELinux tab
in system-config-securitylevel, basically a twisty-tie list of different apps
that are targeted. But I think when I reinstalled FC3 the other day
I chose to disable SELinux, and now none of those options appear. When I choose
to enable, those options I first saw don't reappear. Have tried reinstalling the
relevent rpm's with no luck. Anyone have any idea what might have happened, or
at least some idea on how I can reconfigure it?
Having had a read of the SELinux FAQ for FC3, I should see a whole range of
policies in "/etc/selinux/targeted/policy/", but when I go there I see only one
policy
Any ideas?
cheers
Daryn
19 years, 5 months
kudzu (kmodule) and /dev/zero: latest rawhide issues....
by Tom London
Latest rawhide packages, kudzu has problems with /dev/zero
and /dev/mem
kudzu generates:
Nov 7 17:20:13 fedora kernel: audit(1099847973.501:0): avc: denied
{ read } for pid=826 exe=/sbin/kmodule name=zero dev=tmpfs ino=3510
scontext=system_u:system_r:kudzu_t
tcontext=system_u:object_r:zero_device_t tclass=chr_file
Nov 7 17:20:13 fedora kernel: audit(1099847973.501:0): avc: denied
{ read } for pid=826 exe=/sbin/kmodule name=zero dev=tmpfs ino=3510
scontext=system_u:system_r:kudzu_t
tcontext=system_u:object_r:zero_device_t tclass=chr_file
after fixing this, it fails on mmap of /dev/zero, so need to
also add execute.
Here's a patch:
--- SAVE/kudzu.te 2004-11-07 18:18:24.889196971 -0800
+++ ./kudzu.te 2004-11-07 18:18:52.095994659 -0800
@@ -18,6 +18,7 @@
allow kudzu_t modules_object_t:dir r_dir_perms;
allow kudzu_t { modules_object_t modules_dep_t }:file { getattr read };
allow kudzu_t mouse_device_t:chr_file { read write };
+allow kudzu_t zero_device_t:chr_file { read execute };
allow kudzu_t proc_t:file { getattr read };
allow kudzu_t { fixed_disk_device_t removable_device_t }:blk_file
rw_file_perms;
allow kudzu_t scsi_generic_device_t:chr_file r_file_perms;
But, it now produces:
Nov 8 06:53:38 fedora kernel: audit(1099896764.946:0): avc: denied
{ read write } for pid=826 exe=/sbin/kmodule name=mem dev=tmpfs
ino=909 scontext=system_u:system_r:kudzu_t
tcontext=system_u:object_r:memory_device_t tclass=chr_file
Adding
allow kudzu_t memory_device_t:chr_file { read write };
produces
/usr/bin/checkpolicy: loading policy configuration from policy.conf
security: 5 users, 6 roles, 1323 types, 31 bools
security: 53 classes, 313479 rules
assertion on line 269956 violated by allow kudzu_t
memory_device_t:chr_file { read write };
make: *** [/etc/selinux/strict/policy/policy.18] Error 1
Some help, please?
thanks,
tom
--
Tom London
19 years, 5 months
Domains, interpreted languages, and Cron scripts
by Bill McCarty
Hi all,
I've run into an architectural headache that someone else must already have
visited, and perhaps solved. But, I find no mention of the problem in list
archives or elsewhere.
I have several Python scripts that run under Cron. Some of these scripts
access or modify sensitive data, and so I'd like to define one or more
domains by means of which to limit their privileges. However, the exe name
associated with such scripts is /usr/bin/python2.3, rather than the name of
the script. Consistent with the principle of least privilege, I'd prefer to
define distinct domains for each script, rather than an overly broad
python_t domain, for instance.
Has anyone else been here already? What techniques are useful for
constraining the privileges given to scripts?
One idea: Would it be a good thing to modify Run-parts to transition to a
domain named for the Cron script it launches? Doing so would seem to solve
my problem, but it might create others <g>.
Thanks,
--
Bill McCarty, Ph.D.
Professor of Information Technology
Azusa Pacific University
19 years, 5 months
installation of selinux on non-selinux system
by Jim Cornette
After upgrading a computer from FC2 to FC3, I decided to give SELinux a
shot and used up2date to retrieve the rpm for selinux-policy-targeted
and expected for all needed deps to be pulled in. The other dependent
ackages did not get pulled in with this selection. I ended up having
system messages not being accessable and also httpd being damened with
errors. I supposed that there was an abnormality on my particular
system. Within recent days, I have noted others experiencing similar
failures on the fedora-list. I then decided that this might e a more
common prblem than first expected.
Another Fedora user was asking questions regarding running fixfiles
relabel. I noticed that I also did not have fixfiles installed.
After several failures trying to install selinux-policy-targeted-sources
using up2date, I tried using yum and was able to get the needed
dependent programs that contained fixfiles. After relabeling the system
for targeted using fixfiles relabel at a command prompt, I decided to go
one step further and fixfiles relabel with
selinux-policy-strict-1.17.30-2 installed, which did not pull in
fixfiles either when using up2date.
Attached is the AVC messages containing 11/19/04 when I ended up
changing targeted / enforcing jn order to get system logs to diagnose
another problem and finding out that there were no logs from 10/4 until
11/19. Messages after 8:00 PM are avc errors after relabeling the
filesystem and rebooting.
After trying to start X in runlevel 3 using startx and experiencing a
failure, I ran setenforce 0 and decided to at least attempt to convey
useful information to help improve SELinux installations for systems
that are upgraded from non-selinux to selinux complient systems.
Thanks,
Jim Cornette
--
You will give someone a piece of your mind, which you can ill afford.
Oct 4 23:50:13 localhost kernel: audit(1096948213.231:0): avc: denied { append } for pid=2632 exe=/usr/sbin/httpd path=/var/log/httpd/error_log dev=hda3 ino=783426 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:18 localhost kernel: audit(1100907093.310:0): avc: denied { read write } for pid=606 exe=/sbin/minilogd name=console dev=tmpfs ino=930 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
Nov 19 23:32:18 localhost kernel: audit(1100907093.311:0): avc: denied { write } for pid=606 exe=/sbin/minilogd name=/ dev=tmpfs ino=929 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 19 23:32:18 localhost kernel: audit(1100907093.311:0): avc: denied { add_name } for pid=606 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 19 23:32:18 localhost kernel: audit(1100907093.311:0): avc: denied { create } for pid=606 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:32:18 localhost kernel: audit(1100907093.312:0): avc: denied { getattr } for pid=612 exe=/sbin/minilogd path=/dev/log dev=tmpfs ino=1789 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:32:18 localhost kernel: audit(1100907098.255:0): avc: denied { write } for pid=612 exe=/sbin/minilogd name=log dev=tmpfs ino=1789 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:32:18 localhost kernel: audit(1100907102.090:0): avc: denied { remove_name } for pid=1182 exe=/sbin/minilogd name=log dev=tmpfs ino=1789 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 19 23:32:18 localhost kernel: audit(1100907102.090:0): avc: denied { unlink } for pid=1182 exe=/sbin/minilogd name=log dev=tmpfs ino=1789 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:32:18 localhost kernel: audit(1100925136.741:0): avc: denied { read } for pid=2086 exe=/sbin/syslogd name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:18 localhost kernel: audit(1100925136.741:0): avc: denied { getattr } for pid=2086 exe=/sbin/syslogd path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:18 localhost kernel: audit(1100925136.756:0): avc: denied { append } for pid=2086 exe=/sbin/syslogd name=messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:18 localhost kernel: audit(1100925136.756:0): avc: denied { ioctl } for pid=2086 exe=/sbin/syslogd path=/var/log/messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:18 localhost kernel: audit(1100925136.763:0): avc: denied { setattr } for pid=2086 exe=/sbin/syslogd name=log dev=tmpfs ino=4973 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:32:18 localhost kernel: audit(1100925137.499:0): avc: denied { search } for pid=2117 exe=/sbin/portmap name=/ dev=hda3 ino=2 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=dir
Nov 19 23:32:18 localhost kernel: audit(1100925137.531:0): avc: denied { search } for pid=2118 exe=/sbin/portmap name=/ dev=tmpfs ino=929 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 19 23:32:18 localhost kernel: audit(1100925137.566:0): avc: denied { read } for pid=2118 exe=/sbin/portmap name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:18 localhost kernel: audit(1100925137.566:0): avc: denied { getattr } for pid=2118 exe=/sbin/portmap path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:28 localhost kernel: audit(1100925148.288:0): avc: denied { search } for pid=2450 exe=/usr/sbin/httpd name=/ dev=hda3 ino=2 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=dir
Nov 19 23:32:28 localhost kernel: audit(1100925148.288:0): avc: denied { read } for pid=2450 exe=/usr/sbin/httpd name=libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:28 localhost kernel: audit(1100925148.289:0): avc: denied { getattr } for pid=2450 exe=/usr/sbin/httpd path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:28 localhost kernel: audit(1100925148.289:0): avc: denied { execute } for pid=2450 path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:32:28 localhost kernel: audit(1100925148.331:0): avc: denied { read } for pid=2450 exe=/usr/sbin/httpd name=libaprutil-0.so.0 dev=hda3 ino=103404 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=lnk_file
Nov 19 23:32:29 localhost kernel: audit(1100925149.369:0): avc: denied { append } for pid=2450 exe=/usr/sbin/httpd name=error_log dev=hda3 ino=783426 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:33:32 localhost dbus: avc: 1 AV entries and 1/512 buckets used, longest chain length 1
Nov 19 23:35:46 localhost kernel: audit(1100907302.257:0): avc: denied { read write } for pid=604 exe=/sbin/minilogd name=console dev=tmpfs ino=930 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
Nov 19 23:35:46 localhost kernel: audit(1100907302.258:0): avc: denied { write } for pid=604 exe=/sbin/minilogd name=/ dev=tmpfs ino=929 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 19 23:35:46 localhost kernel: audit(1100907302.258:0): avc: denied { add_name } for pid=604 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 19 23:35:46 localhost kernel: audit(1100907302.258:0): avc: denied { create } for pid=604 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:35:46 localhost kernel: audit(1100907302.259:0): avc: denied { getattr } for pid=607 exe=/sbin/minilogd path=/dev/log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:35:46 localhost kernel: audit(1100907307.244:0): avc: denied { write } for pid=607 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:35:46 localhost kernel: audit(1100907311.038:0): avc: denied { remove_name } for pid=1180 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 19 23:35:46 localhost kernel: audit(1100907311.039:0): avc: denied { unlink } for pid=1180 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:35:46 localhost kernel: audit(1100925344.632:0): avc: denied { read } for pid=2084 exe=/sbin/syslogd name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:46 localhost kernel: audit(1100925344.632:0): avc: denied { getattr } for pid=2084 exe=/sbin/syslogd path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:46 localhost kernel: audit(1100925344.648:0): avc: denied { append } for pid=2084 exe=/sbin/syslogd name=messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:46 localhost kernel: audit(1100925344.648:0): avc: denied { ioctl } for pid=2084 exe=/sbin/syslogd path=/var/log/messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:46 localhost kernel: audit(1100925344.655:0): avc: denied { setattr } for pid=2084 exe=/sbin/syslogd name=log dev=tmpfs ino=4970 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 19 23:35:46 localhost kernel: audit(1100925345.248:0): avc: denied { search } for pid=2115 exe=/sbin/portmap name=/ dev=hda3 ino=2 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=dir
Nov 19 23:35:46 localhost kernel: audit(1100925345.280:0): avc: denied { search } for pid=2116 exe=/sbin/portmap name=/ dev=tmpfs ino=929 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 19 23:35:46 localhost kernel: audit(1100925345.291:0): avc: denied { read } for pid=2116 exe=/sbin/portmap name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:46 localhost kernel: audit(1100925345.291:0): avc: denied { getattr } for pid=2116 exe=/sbin/portmap path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:56 localhost kernel: audit(1100925356.180:0): avc: denied { search } for pid=2448 exe=/usr/sbin/httpd name=/ dev=hda3 ino=2 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=dir
Nov 19 23:35:56 localhost kernel: audit(1100925356.180:0): avc: denied { read } for pid=2448 exe=/usr/sbin/httpd name=libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:56 localhost kernel: audit(1100925356.180:0): avc: denied { getattr } for pid=2448 exe=/usr/sbin/httpd path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:56 localhost kernel: audit(1100925356.181:0): avc: denied { execute } for pid=2448 path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 19 23:35:56 localhost kernel: audit(1100925356.237:0): avc: denied { read } for pid=2448 exe=/usr/sbin/httpd name=libaprutil-0.so.0 dev=hda3 ino=103404 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=lnk_file
Nov 19 23:35:57 localhost kernel: audit(1100925357.204:0): avc: denied { append } for pid=2448 exe=/usr/sbin/httpd name=error_log dev=hda3 ino=783426 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 02:37:05 localhost dbus: avc: 1 AV entries and 1/512 buckets used, longest chain length 1
Nov 20 07:23:08 localhost kernel: audit(1100935340.336:0): avc: denied { read write } for pid=604 exe=/sbin/minilogd name=console dev=tmpfs ino=930 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
Nov 20 07:23:08 localhost kernel: audit(1100935340.337:0): avc: denied { write } for pid=604 exe=/sbin/minilogd name=/ dev=tmpfs ino=929 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 07:23:08 localhost kernel: audit(1100935340.337:0): avc: denied { add_name } for pid=604 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 07:23:08 localhost kernel: audit(1100935340.337:0): avc: denied { create } for pid=604 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 07:23:08 localhost kernel: audit(1100935340.338:0): avc: denied { getattr } for pid=607 exe=/sbin/minilogd path=/dev/log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 07:23:08 localhost kernel: audit(1100935345.294:0): avc: denied { write } for pid=607 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 07:23:08 localhost kernel: audit(1100935349.114:0): avc: denied { remove_name } for pid=1180 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 07:23:08 localhost kernel: audit(1100935349.114:0): avc: denied { unlink } for pid=1180 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 07:23:08 localhost kernel: audit(1100953386.843:0): avc: denied { read } for pid=2081 exe=/sbin/syslogd name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:08 localhost kernel: audit(1100953386.844:0): avc: denied { getattr } for pid=2081 exe=/sbin/syslogd path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:08 localhost kernel: audit(1100953386.858:0): avc: denied { append } for pid=2081 exe=/sbin/syslogd name=messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:08 localhost kernel: audit(1100953386.858:0): avc: denied { ioctl } for pid=2081 exe=/sbin/syslogd path=/var/log/messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:08 localhost kernel: audit(1100953386.865:0): avc: denied { setattr } for pid=2081 exe=/sbin/syslogd name=log dev=tmpfs ino=4961 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 07:23:08 localhost kernel: audit(1100953387.587:0): avc: denied { search } for pid=2112 exe=/sbin/portmap name=/ dev=hda3 ino=2 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=dir
Nov 20 07:23:08 localhost kernel: audit(1100953387.619:0): avc: denied { search } for pid=2113 exe=/sbin/portmap name=/ dev=tmpfs ino=929 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 07:23:08 localhost kernel: audit(1100953387.630:0): avc: denied { read } for pid=2113 exe=/sbin/portmap name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:08 localhost kernel: audit(1100953387.630:0): avc: denied { getattr } for pid=2113 exe=/sbin/portmap path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:17 localhost kernel: audit(1100953397.732:0): avc: denied { search } for pid=2445 exe=/usr/sbin/httpd name=/ dev=hda3 ino=2 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=dir
Nov 20 07:23:17 localhost kernel: audit(1100953397.733:0): avc: denied { read } for pid=2445 exe=/usr/sbin/httpd name=libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:17 localhost kernel: audit(1100953397.733:0): avc: denied { getattr } for pid=2445 exe=/usr/sbin/httpd path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:17 localhost kernel: audit(1100953397.733:0): avc: denied { execute } for pid=2445 path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:17 localhost kernel: audit(1100953397.775:0): avc: denied { read } for pid=2445 exe=/usr/sbin/httpd name=libaprutil-0.so.0 dev=hda3 ino=103404 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=lnk_file
Nov 20 07:23:18 localhost kernel: audit(1100953398.728:0): avc: denied { append } for pid=2445 exe=/usr/sbin/httpd name=error_log dev=hda3 ino=783426 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 07:23:47 localhost dbus: avc: 1 AV entries and 1/512 buckets used, longest chain length 1
Nov 20 09:30:32 localhost kernel: audit(1100942986.311:0): avc: denied { read write } for pid=604 exe=/sbin/minilogd name=console dev=tmpfs ino=930 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
Nov 20 09:30:32 localhost kernel: audit(1100942986.311:0): avc: denied { write } for pid=604 exe=/sbin/minilogd name=/ dev=tmpfs ino=929 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 09:30:32 localhost kernel: audit(1100942986.311:0): avc: denied { add_name } for pid=604 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 09:30:32 localhost kernel: audit(1100942986.312:0): avc: denied { create } for pid=604 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 09:30:32 localhost kernel: audit(1100942986.312:0): avc: denied { getattr } for pid=607 exe=/sbin/minilogd path=/dev/log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 09:30:32 localhost kernel: audit(1100942991.282:0): avc: denied { write } for pid=607 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 09:30:32 localhost kernel: audit(1100942995.091:0): avc: denied { remove_name } for pid=1180 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 09:30:32 localhost kernel: audit(1100942995.091:0): avc: denied { unlink } for pid=1180 exe=/sbin/minilogd name=log dev=tmpfs ino=1785 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 09:30:32 localhost kernel: audit(1100961030.712:0): avc: denied { read } for pid=2081 exe=/sbin/syslogd name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:32 localhost kernel: audit(1100961030.713:0): avc: denied { getattr } for pid=2081 exe=/sbin/syslogd path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:32 localhost kernel: audit(1100961030.728:0): avc: denied { append } for pid=2081 exe=/sbin/syslogd name=messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:32 localhost kernel: audit(1100961030.728:0): avc: denied { ioctl } for pid=2081 exe=/sbin/syslogd path=/var/log/messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:32 localhost kernel: audit(1100961030.735:0): avc: denied { setattr } for pid=2081 exe=/sbin/syslogd name=log dev=tmpfs ino=4959 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 09:30:32 localhost kernel: audit(1100961031.842:0): avc: denied { search } for pid=2112 exe=/sbin/portmap name=/ dev=hda3 ino=2 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=dir
Nov 20 09:30:32 localhost kernel: audit(1100961031.860:0): avc: denied { search } for pid=2113 exe=/sbin/portmap name=/ dev=tmpfs ino=929 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 09:30:32 localhost kernel: audit(1100961031.872:0): avc: denied { read } for pid=2113 exe=/sbin/portmap name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:32 localhost kernel: audit(1100961031.872:0): avc: denied { getattr } for pid=2113 exe=/sbin/portmap path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:42 localhost kernel: audit(1100961042.630:0): avc: denied { search } for pid=2445 exe=/usr/sbin/httpd name=/ dev=hda3 ino=2 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=dir
Nov 20 09:30:42 localhost kernel: audit(1100961042.631:0): avc: denied { read } for pid=2445 exe=/usr/sbin/httpd name=libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:42 localhost kernel: audit(1100961042.631:0): avc: denied { getattr } for pid=2445 exe=/usr/sbin/httpd path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:42 localhost kernel: audit(1100961042.631:0): avc: denied { execute } for pid=2445 path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 09:30:42 localhost kernel: audit(1100961042.673:0): avc: denied { read } for pid=2445 exe=/usr/sbin/httpd name=libaprutil-0.so.0 dev=hda3 ino=103404 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=lnk_file
Nov 20 09:30:43 localhost kernel: audit(1100961043.683:0): avc: denied { append } for pid=2445 exe=/usr/sbin/httpd name=error_log dev=hda3 ino=783426 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 13:45:28 localhost dbus: avc: 1 AV entries and 1/512 buckets used, longest chain length 1
Nov 20 15:49:58 localhost kernel: audit(1100965751.021:0): avc: denied { read write } for pid=606 exe=/sbin/minilogd name=console dev=tmpfs ino=930 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=chr_file
Nov 20 15:49:58 localhost kernel: audit(1100965751.021:0): avc: denied { write } for pid=606 exe=/sbin/minilogd name=/ dev=tmpfs ino=929 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 15:49:58 localhost kernel: audit(1100965751.021:0): avc: denied { add_name } for pid=606 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 15:49:58 localhost kernel: audit(1100965751.021:0): avc: denied { create } for pid=606 exe=/sbin/minilogd name=log scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 15:49:58 localhost kernel: audit(1100965751.022:0): avc: denied { getattr } for pid=609 exe=/sbin/minilogd path=/dev/log dev=tmpfs ino=1788 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 15:49:58 localhost kernel: audit(1100965756.006:0): avc: denied { write } for pid=609 exe=/sbin/minilogd name=log dev=tmpfs ino=1788 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 15:49:58 localhost kernel: audit(1100965759.815:0): avc: denied { remove_name } for pid=1182 exe=/sbin/minilogd name=log dev=tmpfs ino=1788 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 15:49:58 localhost kernel: audit(1100965759.815:0): avc: denied { unlink } for pid=1182 exe=/sbin/minilogd name=log dev=tmpfs ino=1788 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 15:49:58 localhost kernel: audit(1100983796.690:0): avc: denied { read } for pid=1910 exe=/sbin/syslogd name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:49:58 localhost kernel: audit(1100983796.690:0): avc: denied { getattr } for pid=1910 exe=/sbin/syslogd path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:49:58 localhost kernel: audit(1100983796.706:0): avc: denied { append } for pid=1910 exe=/sbin/syslogd name=messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:49:58 localhost kernel: audit(1100983796.706:0): avc: denied { ioctl } for pid=1910 exe=/sbin/syslogd path=/var/log/messages dev=hda3 ino=408316 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:49:58 localhost kernel: audit(1100983796.713:0): avc: denied { setattr } for pid=1910 exe=/sbin/syslogd name=log dev=tmpfs ino=4583 scontext=user_u:system_r:syslogd_t tcontext=user_u:object_r:tmpfs_t tclass=sock_file
Nov 20 15:49:58 localhost kernel: audit(1100983797.605:0): avc: denied { search } for pid=1941 exe=/sbin/portmap name=/ dev=hda3 ino=2 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=dir
Nov 20 15:49:58 localhost kernel: audit(1100983797.638:0): avc: denied { search } for pid=1942 exe=/sbin/portmap name=/ dev=tmpfs ino=929 scontext=user_u:system_r:portmap_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Nov 20 15:49:58 localhost kernel: audit(1100983797.651:0): avc: denied { read } for pid=1942 exe=/sbin/portmap name=nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:49:58 localhost kernel: audit(1100983797.651:0): avc: denied { getattr } for pid=1942 exe=/sbin/portmap path=/etc/nsswitch.conf dev=hda3 ino=554920 scontext=user_u:system_r:portmap_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:50:08 localhost kernel: audit(1100983808.337:0): avc: denied { search } for pid=2274 exe=/usr/sbin/httpd name=/ dev=hda3 ino=2 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=dir
Nov 20 15:50:08 localhost kernel: audit(1100983808.337:0): avc: denied { read } for pid=2274 exe=/usr/sbin/httpd name=libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:50:08 localhost kernel: audit(1100983808.338:0): avc: denied { getattr } for pid=2274 exe=/usr/sbin/httpd path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:50:08 localhost kernel: audit(1100983808.338:0): avc: denied { execute } for pid=2274 path=/lib/libpcre.so.0.0.1 dev=hda3 ino=685883 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 15:50:08 localhost kernel: audit(1100983808.380:0): avc: denied { read } for pid=2274 exe=/usr/sbin/httpd name=libaprutil-0.so.0 dev=hda3 ino=103404 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=lnk_file
Nov 20 15:50:09 localhost kernel: audit(1100983809.318:0): avc: denied { append } for pid=2274 exe=/usr/sbin/httpd name=error_log dev=hda3 ino=783426 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 16:31:25 localhost kernel: audit(1100986285.045:0): avc: granted { load_policy } for pid=3190 exe=/usr/sbin/load_policy scontext=root:system_r:unconfined_t tcontext=system_u:object_r:security_t tclass=security
Nov 20 16:36:23 localhost kernel: audit(1100986583.107:0): avc: granted { load_policy } for pid=3322 exe=/usr/sbin/load_policy scontext=root:system_r:unconfined_t tcontext=system_u:object_r:security_t tclass=security
Nov 20 16:37:17 localhost dbus: avc: 1 AV entries and 1/512 buckets used, longest chain length 1
Nov 20 16:37:25 localhost kernel: audit(1100986645.478:0): avc: denied { search } for pid=2275 exe=/usr/sbin/httpd name=/ dev=hda3 ino=2 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=dir
Nov 20 16:37:25 localhost kernel: audit(1100986645.515:0): avc: denied { append } for pid=2275 exe=/usr/sbin/httpd path=/var/log/httpd/error_log dev=hda3 ino=783426 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:file_t tclass=file
Nov 20 16:53:12 localhost dbus: avc: 1 AV entries and 1/512 buckets used, longest chain length 1
Nov 20 20:05:51 localhost kernel: audit(1100981107.146:0): avc: denied { ioctl } for pid=613 exe=/bin/bash path=/proc/ide/ide0/hda/media dev=proc ino=-268435122 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:proc_t tclass=file
Nov 20 20:05:51 localhost kernel: audit(1100981107.350:0): avc: denied { ioctl } for pid=613 exe=/bin/bash path=/proc/ide/ide1/hdc/media dev=proc ino=-268435110 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:proc_t tclass=file
Nov 20 20:05:51 localhost kernel: audit(1100999126.945:0): avc: denied { search } for pid=1576 exe=/sbin/alsactl name=root dev=hda3 ino=424321 scontext=system_u:system_r:udev_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:05:51 localhost kernel: audit(1100999126.955:0): avc: denied { search } for pid=1583 exe=/sbin/alsactl name=root dev=hda3 ino=424321 scontext=system_u:system_r:udev_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:05:51 localhost kernel: audit(1100999127.025:0): avc: denied { search } for pid=1588 exe=/sbin/alsactl name=root dev=hda3 ino=424321 scontext=system_u:system_r:udev_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:05:51 localhost kernel: audit(1100999144.634:0): avc: denied { read } for pid=1646 exe=/usr/sbin/cpuspeed name=mtab dev=hda3 ino=557677 scontext=system_u:system_r:cpuspeed_t tcontext=system_u:object_r:etc_runtime_t tclass=file
Nov 20 20:05:51 localhost kernel: audit(1100999144.634:0): avc: denied { read } for pid=1646 exe=/usr/sbin/cpuspeed name=fstab dev=hda3 ino=555388 scontext=system_u:system_r:cpuspeed_t tcontext=system_u:object_r:etc_t tclass=file
Nov 20 20:05:58 localhost kernel: audit(1100999158.170:0): avc: denied { search } for pid=2197 exe=/usr/sbin/clamd name=clamav dev=hda3 ino=473684 scontext=system_u:system_r:clamd_t tcontext=system_u:object_r:freshclam_log_t tclass=dir
Nov 20 20:06:00 localhost kernel: audit(1100999160.614:0): avc: denied { fowner } for pid=2250 exe=/sbin/restorecon capability=3 scontext=system_u:system_r:restorecon_t tcontext=system_u:system_r:restorecon_t tclass=capability
Nov 20 20:06:18 localhost kernel: audit(1100999178.145:0): avc: denied { getattr } for pid=2474 exe=/bin/mount path=/tos1 dev=hda3 ino=489601 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:default_t tclass=dir
Nov 20 20:06:20 localhost kernel: audit(1100999180.875:0): avc: denied { search } for pid=2456 exe=/usr/sbin/hald name=lib dev=hda3 ino=408002 scontext=system_u:system_r:hald_t tcontext=system_u:object_r:var_lib_t tclass=dir
Nov 20 20:06:20 localhost kernel: audit(1100999180.876:0): avc: denied { search } for pid=2456 exe=/usr/sbin/hald name=lib dev=hda3 ino=408002 scontext=system_u:system_r:hald_t tcontext=system_u:object_r:var_lib_t tclass=dir
Nov 20 20:06:20 localhost kernel: audit(1100999180.877:0): avc: denied { search } for pid=2456 exe=/usr/sbin/hald name=lib dev=hda3 ino=408002 scontext=system_u:system_r:hald_t tcontext=system_u:object_r:var_lib_t tclass=dir
Nov 20 20:06:20 localhost kernel: audit(1100999180.877:0): avc: denied { search } for pid=2456 exe=/usr/sbin/hald name=lib dev=hda3 ino=408002 scontext=system_u:system_r:hald_t tcontext=system_u:object_r:var_lib_t tclass=dir
Nov 20 20:14:21 localhost kernel: audit(1100999661.322:0): avc: denied { search } for pid=2959 exe=/usr/X11R6/bin/Xorg name=selinux dev=hda3 ino=603892 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:selinux_config_t tclass=dir
Nov 20 20:14:21 localhost kernel: audit(1100999661.355:0): avc: denied { search } for pid=2959 exe=/usr/X11R6/bin/Xorg name=console dev=hda3 ino=408043 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:pam_var_console_t tclass=dir
Nov 20 20:15:03 localhost kernel: audit(1100999703.350:0): avc: granted { setenforce } for pid=2961 exe=/usr/bin/setenforce scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
Nov 20 20:15:14 localhost kernel: audit(1100999714.269:0): avc: denied { search } for pid=2974 exe=/usr/X11R6/bin/Xorg name=selinux dev=hda3 ino=603892 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:selinux_config_t tclass=dir
Nov 20 20:15:14 localhost kernel: audit(1100999714.269:0): avc: denied { read } for pid=2974 exe=/usr/X11R6/bin/Xorg name=config dev=hda3 ino=603908 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:selinux_config_t tclass=file
Nov 20 20:15:14 localhost kernel: audit(1100999714.270:0): avc: denied { getattr } for pid=2974 exe=/usr/X11R6/bin/Xorg path=/etc/selinux/config dev=hda3 ino=603908 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:selinux_config_t tclass=file
Nov 20 20:15:14 localhost kernel: audit(1100999714.277:0): avc: denied { search } for pid=2974 exe=/usr/X11R6/bin/Xorg name=console dev=hda3 ino=408043 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:pam_var_console_t tclass=dir
Nov 20 20:15:22 localhost kernel: audit(1100999722.138:0): avc: denied { read } for pid=3050 exe=/usr/bin/ssh-agent name=config dev=hda3 ino=603908 scontext=user_u:user_r:user_ssh_agent_t tcontext=system_u:object_r:selinux_config_t tclass=file
Nov 20 20:15:22 localhost kernel: audit(1100999722.139:0): avc: denied { getattr } for pid=3050 exe=/usr/bin/ssh-agent path=/etc/selinux/config dev=hda3 ino=603908 scontext=user_u:user_r:user_ssh_agent_t tcontext=system_u:object_r:selinux_config_t tclass=file
Nov 20 20:15:32 localhost kernel: audit(1100999732.960:0): avc: denied { search } for pid=2974 exe=/usr/X11R6/bin/Xorg name=.gnome2 dev=hda3 ino=1338661 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:user_home_t tclass=dir
Nov 20 20:15:32 localhost kernel: audit(1100999732.960:0): avc: denied { read } for pid=2974 exe=/usr/X11R6/bin/Xorg name=fonts.dir dev=hda3 ino=1338668 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:user_home_t tclass=file
Nov 20 20:15:32 localhost kernel: audit(1100999732.960:0): avc: denied { getattr } for pid=2974 exe=/usr/X11R6/bin/Xorg path=/home/jim/.gnome2/share/cursor-fonts/fonts.dir dev=hda3 ino=1338668 scontext=user_u:user_r:user_xserver_t tcontext=system_u:object_r:user_home_t tclass=file
Nov 20 20:15:41 localhost dbus: avc: received setenforce notice (enforcing=0)
Nov 20 20:15:42 localhost kernel: audit(1100999742.244:0): avc: denied { use } for pid=3110 exe=/bin/mount path=/dev/tty2 dev=tmpfs ino=1864 scontext=user_u:user_r:user_mount_t tcontext=system_u:system_r:local_login_t tclass=fd
Nov 20 20:16:54 localhost kernel: audit(1100999814.959:0): avc: denied { write } for pid=3156 exe=/usr/sbin/userhelper name=root dev=hda3 ino=424321 scontext=user_u:user_r:user_userhelper_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:16:54 localhost kernel: audit(1100999814.959:0): avc: denied { add_name } for pid=3156 exe=/usr/sbin/userhelper name=.xauthclDLiD scontext=user_u:user_r:user_userhelper_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:16:54 localhost kernel: audit(1100999814.959:0): avc: denied { create } for pid=3156 exe=/usr/sbin/userhelper name=.xauthclDLiD scontext=user_u:user_r:user_userhelper_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
Nov 20 20:16:55 localhost kernel: audit(1100999815.027:0): avc: denied { setattr } for pid=3156 exe=/usr/sbin/userhelper name=.xauthclDLiD dev=hda3 ino=391917 scontext=user_u:user_r:user_userhelper_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
Nov 20 20:16:55 localhost kernel: audit(1100999815.035:0): avc: denied { search } for pid=3158 exe=/usr/X11R6/bin/xauth name=root dev=hda3 ino=424321 scontext=user_u:user_r:user_xauth_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:16:55 localhost kernel: audit(1100999815.036:0): avc: denied { write } for pid=3158 exe=/usr/X11R6/bin/xauth name=root dev=hda3 ino=424321 scontext=user_u:user_r:user_xauth_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:16:55 localhost kernel: audit(1100999815.036:0): avc: denied { add_name } for pid=3158 exe=/usr/X11R6/bin/xauth name=.xauthclDLiD-c scontext=user_u:user_r:user_xauth_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:16:55 localhost kernel: audit(1100999815.036:0): avc: denied { create } for pid=3158 exe=/usr/X11R6/bin/xauth name=.xauthclDLiD-c scontext=user_u:user_r:user_xauth_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
Nov 20 20:16:55 localhost kernel: audit(1100999815.037:0): avc: denied { link } for pid=3158 exe=/usr/X11R6/bin/xauth name=.xauthclDLiD-c dev=hda3 ino=391918 scontext=user_u:user_r:user_xauth_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
Nov 20 20:16:55 localhost kernel: audit(1100999815.037:0): avc: denied { write } for pid=3158 exe=/usr/X11R6/bin/xauth name=.xauthclDLiD dev=hda3 ino=391917 scontext=user_u:user_r:user_xauth_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
Nov 20 20:16:55 localhost kernel: audit(1100999815.038:0): avc: denied { read } for pid=3158 exe=/usr/X11R6/bin/xauth name=.xauthclDLiD dev=hda3 ino=391917 scontext=user_u:user_r:user_xauth_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
Nov 20 20:16:55 localhost kernel: audit(1100999815.038:0): avc: denied { getattr } for pid=3158 exe=/usr/X11R6/bin/xauth path=/root/.xauthclDLiD dev=hda3 ino=391917 scontext=user_u:user_r:user_xauth_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
Nov 20 20:16:55 localhost kernel: audit(1100999815.040:0): avc: denied { remove_name } for pid=3158 exe=/usr/X11R6/bin/xauth name=.xauthclDLiD dev=hda3 ino=391917 scontext=user_u:user_r:user_xauth_t tcontext=root:object_r:staff_home_dir_t tclass=dir
Nov 20 20:16:55 localhost kernel: audit(1100999815.040:0): avc: denied { unlink } for pid=3158 exe=/usr/X11R6/bin/xauth name=.xauthclDLiD dev=hda3 ino=391917 scontext=user_u:user_r:user_xauth_t tcontext=user_u:object_r:staff_home_dir_t tclass=file
Nov 20 20:16:56 localhost kernel: audit(1100999816.429:0): avc: denied { connectto } for pid=3159 exe=/usr/bin/python path=/tmp/.X11-unix/X0 scontext=root:sysadm_r:sysadm_t tcontext=user_u:user_r:user_xserver_t tclass=unix_stream_socket
Nov 20 20:17:02 localhost kernel: audit(1100999822.827:0): avc: denied { unix_read unix_write } for pid=2974 exe=/usr/X11R6/bin/Xorg key=0 scontext=user_u:user_r:user_xserver_t tcontext=root:sysadm_r:sysadm_t tclass=shm
Nov 20 20:17:02 localhost kernel: audit(1100999822.827:0): avc: denied { read write } for pid=2974 exe=/usr/X11R6/bin/Xorg key=0 scontext=user_u:user_r:user_xserver_t tcontext=root:sysadm_r:sysadm_t tclass=shm
Nov 20 20:17:02 localhost kernel: audit(1100999822.827:0): avc: denied { use } for pid=2974 path=/SYSV00000000 (deleted) dev=tmpfs ino=557072 scontext=user_u:user_r:user_xserver_t tcontext=root:sysadm_r:sysadm_t tclass=fd
Nov 20 20:17:02 localhost kernel: audit(1100999822.827:0): avc: denied { read write } for pid=2974 path=/SYSV00000000 (deleted) dev=tmpfs ino=557072 scontext=user_u:user_r:user_xserver_t tcontext=root:object_r:sysadm_tmpfs_t tclass=file
Nov 20 20:17:02 localhost kernel: audit(1100999822.827:0): avc: denied { getattr associate } for pid=2974 exe=/usr/X11R6/bin/Xorg key=0 scontext=user_u:user_r:user_xserver_t tcontext=root:sysadm_r:sysadm_t tclass=shm
19 years, 5 months
PHP cannot upload files
by dragoran
I cannot upload files via php (selinux=enabled;policy=targeted).
php shows this error:
*Warning*: File upload error - unable to create a temporary file in
*Unknown* on line *0
*And in dmesg I found this error:
audit(1100940427.918:0): avc: denied { write } for pid=9202
exe=/usr/sbin/httpd name=tmp dev=hda3 ino=24
scontext=root:system_r:httpd_t tcontext=root:object_r:root_t tclass=dir
19 years, 5 months
libselinux tools location
by Joe Orton
I noticed the tools moved from /usr/bin to /usr/sbin which broke the
changes I'd made to apachectl to use /usr/bin/selinuxenabled. Are these
going to stay in /usr/sbin now, and this location change will be in
RHEL4 as well as FC4?
Regards,
joe
19 years, 5 months