selinux April 2006

selinux@lists.fedoraproject.org

69 participants
97 discussions

apache serving nfs-hosted files on FC5
by Ben 11 Apr '06

11 Apr '06

Is there a simple boolean that lets me do this? My avc errors look like: Apr 9 11:21:50 charlotte kernel: audit(1144606910.006:153): avc: denied { search } for pid=17677 comm="httpd" name="/" dev=0:12 ino=292243 scontext=root:system_r:httpd_t:s0 tcontext=system_u:object_r:nfs_t:s0 tclass=dir Apr 9 11:21:50 charlotte kernel: audit(1144606910.006:154): avc: denied { getattr } for pid=17677 comm="httpd" name="/" dev=0:12 ino=292243 scontext=root:system_r:httpd_t:s0 tcontext=system_u:object_r:nfs_t:s0 tclass=dir On a related note, is there a way to see what the various booleans are supposed to be good for?

2 1

SELinux blocking something related to camera
by Tor Arne Thune 11 Apr '06

11 Apr '06

Hi. I am having some trouble accessing my Canon EOS 10D camera through digikam as non-root. SELinux seems to be blocking something. When I turn the camera on I get these messages in /var/log/messages: Apr 9 10:34:43 ranger kernel: usb 2-1: new full speed USB device using uhci_hcd and address 2 Apr 9 10:34:44 ranger kernel: usb 2-1: configuration #1 chosen from 1 choice Apr 9 10:34:44 ranger kernel: audit(1144571684.462:10): avc: denied { search } for pid=21743 comm="cat" name="console" dev=dm-0 ino=1474652 scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:pam_var_console_t:s0 tclass=dir Apr 9 10:37:03 ranger kernel: usb 2-1: USB disconnect, address 2 What should I disable in the SELinux policy to make this work? Any thoughts are greatly appreciated.

3 2

policy 2.2.29-6 complains about system_chkpwd_t
by Valdis.Kletnieks＠vt.edu 11 Apr '06

11 Apr '06

Using 'strict' policy (yes, I know development is probably elsewhere at the moment), installing selinux-policy-2.2.29-6, I get: # rpm -Fvh selin* Preparing... ########################################### [100%] 1:selinux-policy ########################################### [ 50%] 2:selinux-policy-strict ########################################### [100%] libsepol.scope_copy_callback: authlogin: Duplicate declaration in module: type/attribute system_chkpwd_t libsemanage.semanage_link_sandbox: Link packages failed semodule: Failed! Using a can opener on the .src.rpm and poking around, I find 3 hits in ./serefpolicy-2.2.29/policy/modules/system/authlogin.if - but all 3 seem to be wrapped in a gen_require(). Any hints/suggestions? Hopefully enough info so somebody says "D'oh! fixed in tomorrow's Rawhide", but I'm certainly willing to help debug this one.

1 0

Re: [FC5] Samba and SELinux
by Stephen Smalley 11 Apr '06

11 Apr '06

On Mon, 2006-04-10 at 10:01 -0700, Dan Thurman wrote: > I su as root initially and in my /root directory > and created the "foo" there. You did not state > where to create "foo" so if I did this in the > wrong place, please let me know. Re-added the list to the cc line above. It doesn't matter where you create it - it is just a temporary working directory. > I downloaded the > checkmodule and installed it earlier so it appears > that this time everything works, except that in the > tmp file created, I did not get the same files as > you may have. Here is the log of actions: > > [dant@copper ~]$ su - > Password: > [root@copper ~]# mkdir foo > [root@copper ~]# cd foo > [root@copper foo]# vi local.te > [root@copper foo]# touch local.if local.fc > [root@copper foo]# make -f /usr/share/selinux/devel/Makefile > Compliling targeted local module > /usr/bin/checkmodule: loading policy configuration from tmp/local.tmp > /usr/bin/checkmodule: policy configuration loaded > /usr/bin/checkmodule: writing binary representation (version 5) to > tmp/local.mod > Creating targeted local.pp policy package > rm tmp/local.mod.fc tmp/local.mod > [root@copper foo]# ls > local.fc local.if local.pp local.te tmp > [root@copper foo]# ls tmp > all_interfaces.conf local.mod.role local.tmp > [root@copper foo]# Looks correct to me, and matches what was in my original message. So now you finish the sequence of instructions I provided originally, i.e. # semodule -i local.pp Then retry accessing /var/www content from samba, and if it still doesn't work, check your /var/log/messages file for avc: denied messages. -- Stephen Smalley National Security Agency

2 1

[FC5] rsyncd invocation from rc.local
by mroselinux＠eastgranby.k12.ct.us 11 Apr '06

11 Apr '06

I am migrating a samba server from FC3 to FC5. I did a fresh install and have run into an SELINUX policy issue. I have no problem logging on as root and typing in rsync --daemon, but when I insert the same line at the end of /etc/rc.d/rc.local and reboot, then /var/log/messages shows the following (with other stuff edited out). ---------------------------------------------------------------------- Apr 7 20:18:50 localhost kernel: hub 2-0:1.0: USB hub found Apr 7 20:18:50 localhost rsyncd[2062]: rsync: failed to open log-file /var/log/rsyncd.log: Permission denied (13) Apr 7 20:18:50 localhost rsyncd[2062]: Ignoring "log file" setting. Apr 7 20:18:50 localhost rsyncd[2062]: rsyncd version 2.6.6 starting, listening on port 873 Apr 7 20:18:50 localhost rsyncd[2062]: unable to bind any inbound sockets on port 873 Apr 7 20:18:50 localhost rsyncd[2062]: rsync error: error in socket IO (code 10) at socket.c(448) Apr 7 20:18:53 localhost kernel: SELinux: initialized (dev autofs, type autofs), uses genfs_contexts Apr 7 20:18:53 localhost kernel: ppdev: user-space parallel port driver Apr 7 20:18:53 localhost kernel: audit(1144455530.173:2): avc: denied { use } for pid=2061 comm="rsync" name="0" dev=devpts ino=2 scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fd Apr 7 20:18:53 localhost kernel: audit(1144455530.173:3): avc: denied { use } for pid=2061 comm="rsync" name="0" dev=devpts ino=2 scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fd Apr 7 20:18:53 localhost kernel: audit(1144455530.173:4): avc: denied { use } for pid=2061 comm="rsync" name="0" dev=devpts ino=2 scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fd Apr 7 20:18:53 localhost kernel: audit(1144455530.593:5): avc: denied { search } for pid=2062 comm="rsync" name="log" dev=dm-0 ino=3309596 scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=dir Apr 7 20:18:53 localhost kernel: audit(1144455530.645:6): avc: denied { name_bind } for pid=2062 comm="rsync" src=873 scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:object_r:rsync_port_t:s0 tclass=tcp_socket Apr 7 20:18:53 localhost kernel: audit(1144455530.645:7): avc: denied { name_bind } for pid=2062 comm="rsync" src=873 scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:object_r:rsync_port_t:s0 tclass=tcp_socket Apr 7 20:18:53 localhost kernel: [drm] Initialized drm 1.0.1 20051102 Apr 7 20:18:53 localhost kernel: ACPI: PCI Interrupt 0000:00:02.0[A] -> GSI 16 (level, low) -> IRQ 19 Apr 7 20:18:53 localhost kernel: [drm] Initialized i915 1.4.0 20060119 on minor 0 Apr 7 20:21:39 localhost gconfd (root-2295): starting (version 2.14.0), pid 2295 user 'root' Apr 7 20:21:39 localhost gconfd (root-2295): Resolved address "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only configuration source at position 0 Apr 7 20:21:39 localhost gconfd (root-2295): Resolved address "xml:readwrite:/root/.gconf" to a writable configuration source at position 1 Apr 7 20:21:39 localhost gconfd (root-2295): Resolved address "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only configuration source at position 2 Apr 7 20:21:40 localhost gconfd (root-2295): Resolved address "xml:readwrite:/root/.gconf" to a writable configuration source at position 0 Apr 7 20:21:41 localhost kernel: audit(1144455701.420:8): avc: denied { use } for pid=2330 comm="bluez-pin" name="[7435]" dev=pipefs ino=7435 scontext=root:system_r:bluetooth_helper_t:s0-s0:c0.c255 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd Apr 7 20:21:41 localhost kernel: audit(1144455701.420:9): avc: denied { use } for pid=2330 comm="bluez-pin" name="[7435]" dev=pipefs ino=7435 scontext=root:system_r:bluetooth_helper_t:s0-s0:c0.c255 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd ------------------------------------------------------------------------------ What do I need to do to allow rsync --daemon from within /etc/rc.d/rc.local? Mark Orenstein East Granby (CT) School System

3 4

[FC5] New Partition help
by mroselinux＠eastgranby.k12.ct.us 09 Apr '06

09 Apr '06

As I indicated in a previous message, I am migrating a samba server from FC3 to FC5 and have run into another SELINUX policy issue. I have a second hard drive with a single ext3 partition that I primarly use for backups. It is labeled /backup. I did a mkdir /backup and entered the appropriate line into fstab. When I reboot, I get the following ----------------------------------------------------------------------- Apr 7 21:08:11 localhost kernel: audit(1144458480.400:2): avc: denied { getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2 scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=dir Apr 7 21:08:11 localhost kernel: audit(1144458480.444:3): avc: denied { getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2 scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=dir Apr 7 21:08:11 localhost kernel: audit(1144458480.516:4): avc: denied { getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2 scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=dir -------------------------------------------------------------------------- What do I need to do to support the /backup partition with SELINUX? Mark Orenstein East Granby (CT) School System

3 3

Xen AVC's FC5
by Bob Kashani 07 Apr '06

07 Apr '06

Xen doesn't seem to work with selinux enabled in FC5. :( Is the recommended solution to turn selinux off when using xen in FC5? selinux-policy-2.2.29-3.fc5 selinux-policy-targeted-2.2.29-3.fc5 kernel-xen0-2.6.16-1.2080_FC5 [root@chaucer ~]# audit2allow -l -i /var/log/audit/audit.log allow cupsd_t var_run_t:dir setattr; allow ifconfig_t xend_t:unix_stream_socket { read write }; allow smbd_t user_home_dir_t:file getattr; allow xenconsoled_t console_device_t:chr_file { read write }; allow xend_t netutils_exec_t:file getattr; allow xenstored_t console_device_t:chr_file { read write }; allow xenstored_t xen_device_t:chr_file { getattr read unlink write }; These are the AVC's that I get when I boot into the xen kernel: type=AVC msg=audit(1144449050.119:5): avc: denied { setattr } for pid=1887 comm="cupsd" name="cups" dev=hda2 ino=230397 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255 tcontext=user_u:object_r:var_run_t:s0 tclass=dir type=SYSCALL msg=audit(1144449050.119:5): arch=40000003 syscall=212 success=no exit=-13 a0=8abfcb0 a1=0 a2=7 a3=0 items=1 pid=1887 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="cupsd" exe="/usr/sbin/cupsd" type=CWD msg=audit(1144449050.119:5): cwd="/" type=PATH msg=audit(1144449050.119:5): item=0 name="/var/run/cups" flags=1 inode=230397 dev=03:02 mode=040755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449056.516:6): avc: denied { read write } for pid=2063 comm="xenstored" name="console" dev=tmpfs ino=841 scontext=system_u:system_r:xenstored_t:s0 tcontext=system_u:object_r:console_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1144449056.516:6): arch=40000003 syscall=11 success=yes exit=0 a0=9d76c48 a1=9d76f60 a2=9d76e38 a3=9d769f0 items=2 pid=2063 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="xenstored" exe="/usr/sbin/xenstored" type=AVC_PATH msg=audit(1144449056.516:6): path="/dev/console" type=CWD msg=audit(1144449056.516:6): cwd="/" type=PATH msg=audit(1144449056.516:6): item=0 name="/usr/sbin/xenstored" flags=101 inode=2481479 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449056.516:6): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449056.572:7): avc: denied { getattr } for pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308 scontext=system_u:system_r:xenstored_t:s0 tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1144449056.572:7): arch=40000003 syscall=196 success=no exit=-13 a0=805716a a1=bf88064c a2=b45ff4 a3=bf88064c items=1 pid=2065 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="xenstored" exe="/usr/sbin/xenstored" type=AVC_PATH msg=audit(1144449056.572:7): path="/dev/xen/evtchn" type=CWD msg=audit(1144449056.572:7): cwd="/" type=PATH msg=audit(1144449056.572:7): item=0 name="/dev/xen/evtchn" flags=0 inode=3308 dev=00:0f mode=020600 ouid=0 ogid=0 rdev=0a:c9 type=AVC msg=audit(1144449056.572:8): avc: denied { unlink } for pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308 scontext=system_u:system_r:xenstored_t:s0 tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1144449056.572:8): arch=40000003 syscall=10 success=no exit=-13 a0=805716a a1=d a2=a a3=0 items=1 pid=2065 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="xenstored" exe="/usr/sbin/xenstored" type=CWD msg=audit(1144449056.572:8): cwd="/" type=PATH msg=audit(1144449056.572:8): item=0 name="/dev/xen/evtchn" flags=10 inode=3307 dev=00:0f mode=040755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449056.572:9): avc: denied { read write } for pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308 scontext=system_u:system_r:xenstored_t:s0 tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file type=SYSCALL msg=audit(1144449056.572:9): arch=40000003 syscall=5 success=no exit=-13 a0=805716a a1=802 a2=bf8806e0 a3=0 items=1 pid=2065 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="xenstored" exe="/usr/sbin/xenstored" type=CWD msg=audit(1144449056.572:9): cwd="/" type=PATH msg=audit(1144449056.572:9): item=0 name="/dev/xen/evtchn" flags=101 inode=3308 dev=00:0f mode=020600 ouid=0 ogid=0 rdev=0a:c9 type=AVC msg=audit(1144449056.580:10): avc: denied { read write } for pid=2066 comm="xenconsoled" name="console" dev=tmpfs ino=841 scontext=system_u:system_r:xenconsoled_t:s0 tcontext=system_u:object_r:console_device_t:s0 tclass=chr_filetype=AVC msg=audit(1144449056.580:10): avc: denied { read write } for pid=2066 comm="xenconsoled" name="console" dev=tmpfs ino=841 scontext=system_u:system_r:xenconsoled_t:s0 tcontext=system_u:object_r:console_device_t:s0 tclass=chr_filetype=AVC msg=audit(1144449056.580:10): avc: denied { read write } for pid=2066 comm="xenconsoled" name="console" dev=tmpfs ino=841 scontext=system_u:system_r:xenconsoled_t:s0 tcontext=system_u:object_r:console_device_t:s0 tclass=chr_filetype=SYSCALL msg=audit(1144449056.580:10): arch=40000003 syscall=11 success=yes exit=0 a0=99a0068 a1=99f4120 a2=bfefdfb4 a3=9991f98 items=2 pid=2066 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="xenconsoled" exe="/usr/sbin/xenconsoled" type=AVC_PATH msg=audit(1144449056.580:10): path="/dev/console" type=AVC_PATH msg=audit(1144449056.580:10): path="/dev/console" type=AVC_PATH msg=audit(1144449056.580:10): path="/dev/console" type=CWD msg=audit(1144449056.580:10): cwd="/" type=PATH msg=audit(1144449056.580:10): item=0 name="/usr/sbin/xenconsoled" flags=101 inode=2481318 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449056.580:10): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449056.928:11): avc: denied { read write } for pid=2083 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449056.928:11): arch=40000003 syscall=11 success=yes exit=0 a0=8a53890 a1=8a55ca0 a2=8a55b90 a3=8a545b8 items=2 pid=2083 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449056.928:11): path="socket:[7118]" type=CWD msg=audit(1144449056.928:11): cwd="/" type=PATH msg=audit(1144449056.928:11): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449056.928:11): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449056.952:12): avc: denied { read write } for pid=2085 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449056.952:12): arch=40000003 syscall=11 success=yes exit=0 a0=8a60ee8 a1=8a610c0 a2=8a55b90 a3=8a60de0 items=2 pid=2085 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449056.952:12): path="socket:[7118]" type=CWD msg=audit(1144449056.952:12): cwd="/" type=PATH msg=audit(1144449056.952:12): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449056.952:12): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.248:13): avc: denied { read write } for pid=2099 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.248:13): arch=40000003 syscall=11 success=yes exit=0 a0=8a61040 a1=8a61c78 a2=8a55b90 a3=8a60680 items=2 pid=2099 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.248:13): path="socket:[7118]" type=CWD msg=audit(1144449057.248:13): cwd="/" type=PATH msg=audit(1144449057.248:13): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.248:13): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.260:14): avc: denied { read write } for pid=2100 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.260:14): arch=40000003 syscall=11 success=yes exit=0 a0=8a61788 a1=8a60b88 a2=8a55b90 a3=8a61108 items=2 pid=2100 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.260:14): path="socket:[7118]" type=CWD msg=audit(1144449057.260:14): cwd="/" type=PATH msg=audit(1144449057.260:14): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.260:14): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.268:15): avc: denied { read write } for pid=2102 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.268:15): arch=40000003 syscall=11 success=yes exit=0 a0=8a60a58 a1=8a61580 a2=8a55b90 a3=8a60ee8 items=2 pid=2102 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.268:15): path="socket:[7118]" type=CWD msg=audit(1144449057.268:15): cwd="/" type=PATH msg=audit(1144449057.268:15): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.268:15): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.340:16): avc: denied { read write } for pid=2111 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.340:16): arch=40000003 syscall=11 success=yes exit=0 a0=8a60a58 a1=8a50510 a2=8a55b90 a3=8a62178 items=2 pid=2111 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.340:16): path="socket:[7118]" type=CWD msg=audit(1144449057.340:16): cwd="/" type=PATH msg=audit(1144449057.340:16): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.340:16): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.348:17): avc: denied { read write } for pid=2113 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.348:17): arch=40000003 syscall=11 success=yes exit=0 a0=8a60a58 a1=8a50510 a2=8a55b90 a3=8a62018 items=2 pid=2113 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.348:17): path="socket:[7118]" type=CWD msg=audit(1144449057.348:17): cwd="/" type=PATH msg=audit(1144449057.348:17): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.348:17): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.368:18): avc: denied { read write } for pid=2118 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.368:18): arch=40000003 syscall=11 success=yes exit=0 a0=91b5b68 a1=91b6040 a2=91b5f28 a3=91b5890 items=2 pid=2118 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.368:18): path="socket:[7118]" type=CWD msg=audit(1144449057.368:18): cwd="/" type=PATH msg=audit(1144449057.368:18): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.368:18): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.380:19): avc: denied { read write } for pid=2119 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.380:19): arch=40000003 syscall=11 success=yes exit=0 a0=8a60a58 a1=8a50400 a2=8a55b90 a3=8a61fb0 items=2 pid=2119 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.380:19): path="socket:[7118]" type=CWD msg=audit(1144449057.380:19): cwd="/" type=PATH msg=audit(1144449057.380:19): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.380:19): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.592:20): avc: denied { read write } for pid=2162 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.592:20): arch=40000003 syscall=11 success=yes exit=0 a0=8927090 a1=89255a0 a2=89026c8 a3=8921b30 items=2 pid=2162 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.592:20): path="socket:[7118]" type=CWD msg=audit(1144449057.592:20): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449057.592:20): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.592:20): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.632:21): avc: denied { read write } for pid=2169 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.632:21): arch=40000003 syscall=11 success=yes exit=0 a0=8925ab0 a1=88ff1a0 a2=8901910 a3=89013e8 items=2 pid=2169 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.632:21): path="socket:[7118]" type=CWD msg=audit(1144449057.632:21): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449057.632:21): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.632:21): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.640:22): avc: denied { read write } for pid=2170 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.640:22): arch=40000003 syscall=11 success=yes exit=0 a0=8927110 a1=88ff1a0 a2=8901910 a3=8900bb0 items=2 pid=2170 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.640:22): path="socket:[7118]" type=CWD msg=audit(1144449057.640:22): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449057.640:22): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.640:22): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.660:23): avc: denied { read write } for pid=2173 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.660:23): arch=40000003 syscall=11 success=yes exit=0 a0=8925558 a1=8925588 a2=8902810 a3=8925720 items=2 pid=2173 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.660:23): path="socket:[7118]" type=CWD msg=audit(1144449057.660:23): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449057.660:23): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.660:23): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.720:24): avc: denied { read write } for pid=2187 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.720:24): arch=40000003 syscall=11 success=yes exit=0 a0=99f1560 a1=99f1440 a2=99de528 a3=99e20e8 items=2 pid=2187 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.720:24): path="socket:[7118]" type=CWD msg=audit(1144449057.720:24): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449057.720:24): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.720:24): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.732:25): avc: denied { read write } for pid=2189 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.732:25): arch=40000003 syscall=11 success=yes exit=0 a0=99de678 a1=99f1440 a2=99e1100 a3=99f2b60 items=2 pid=2189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.732:25): path="socket:[7118]" type=CWD msg=audit(1144449057.732:25): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449057.732:25): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.732:25): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.740:26): avc: denied { read write } for pid=2192 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.740:26): arch=40000003 syscall=11 success=yes exit=0 a0=99e14b8 a1=99e16f0 a2=99e1a80 a3=99e1a70 items=2 pid=2192 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.740:26): path="socket:[7118]" type=CWD msg=audit(1144449057.740:26): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449057.740:26): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.740:26): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.760:27): avc: denied { read write } for pid=2196 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.760:27): arch=40000003 syscall=11 success=yes exit=0 a0=8a60a58 a1=8a608a0 a2=8a55b90 a3=8a612e8 items=2 pid=2196 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.760:27): path="socket:[7118]" type=CWD msg=audit(1144449057.760:27): cwd="/" type=PATH msg=audit(1144449057.760:27): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.760:27): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.772:28): avc: denied { read write } for pid=2197 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.772:28): arch=40000003 syscall=11 success=yes exit=0 a0=8a61fa0 a1=8a608a0 a2=8a55b90 a3=8a612b8 items=2 pid=2197 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.772:28): path="socket:[7118]" type=CWD msg=audit(1144449057.772:28): cwd="/" type=PATH msg=audit(1144449057.772:28): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.772:28): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.772:29): avc: denied { read write } for pid=2198 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.772:29): arch=40000003 syscall=11 success=yes exit=0 a0=8a61f68 a1=8a50318 a2=8a55b90 a3=8a61288 items=2 pid=2198 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.772:29): path="socket:[7118]" type=CWD msg=audit(1144449057.772:29): cwd="/" type=PATH msg=audit(1144449057.772:29): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.772:29): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.772:30): avc: denied { read write } for pid=2199 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.772:30): arch=40000003 syscall=11 success=yes exit=0 a0=8a621d0 a1=8a608a0 a2=8a55b90 a3=8a61228 items=2 pid=2199 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.772:30): path="socket:[7118]" type=CWD msg=audit(1144449057.772:30): cwd="/" type=PATH msg=audit(1144449057.772:30): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.772:30): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.780:31): avc: denied { read write } for pid=2200 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.780:31): arch=40000003 syscall=11 success=yes exit=0 a0=8a62178 a1=8a61368 a2=8a55b90 a3=8a61600 items=2 pid=2200 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.780:31): path="socket:[7118]" type=CWD msg=audit(1144449057.780:31): cwd="/" type=PATH msg=audit(1144449057.780:31): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.780:31): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.792:32): avc: denied { read write } for pid=2201 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.792:32): arch=40000003 syscall=11 success=yes exit=0 a0=8a621f0 a1=8a50318 a2=8a55b90 a3=8a61198 items=2 pid=2201 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.792:32): path="socket:[7118]" type=CWD msg=audit(1144449057.792:32): cwd="/" type=PATH msg=audit(1144449057.792:32): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.792:32): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.812:33): avc: denied { read write } for pid=2205 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.812:33): arch=40000003 syscall=11 success=yes exit=0 a0=8a60f18 a1=8a61b60 a2=8a55b90 a3=8a61138 items=2 pid=2205 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.812:33): path="socket:[7118]" type=CWD msg=audit(1144449057.812:33): cwd="/" type=PATH msg=audit(1144449057.812:33): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.812:33): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.812:34): avc: denied { read write } for pid=2206 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.812:34): arch=40000003 syscall=11 success=yes exit=0 a0=8a61798 a1=8a61b60 a2=8a55b90 a3=8a61788 items=2 pid=2206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.812:34): path="socket:[7118]" type=CWD msg=audit(1144449057.812:34): cwd="/" type=PATH msg=audit(1144449057.812:34): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.812:34): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.820:35): avc: denied { read write } for pid=2207 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.820:35): arch=40000003 syscall=11 success=yes exit=0 a0=8a611f8 a1=8a61b60 a2=8a55b90 a3=8a61040 items=2 pid=2207 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449057.820:35): path="socket:[7118]" type=CWD msg=audit(1144449057.820:35): cwd="/" type=PATH msg=audit(1144449057.820:35): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.820:35): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449057.864:36): avc: denied { read write } for pid=2209 comm="ifconfig" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449057.864:36): arch=40000003 syscall=11 success=yes exit=0 a0=8a61fe8 a1=8a61558 a2=8a55b90 a3=8a62398 items=2 pid=2209 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ifconfig" exe="/sbin/ifconfig" type=AVC_PATH msg=audit(1144449057.864:36): path="socket:[7118]" type=CWD msg=audit(1144449057.864:36): cwd="/" type=PATH msg=audit(1144449057.864:36): item=0 name="/sbin/ifconfig" flags=101 inode=102062 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449057.864:36): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.020:37): avc: denied { read write } for pid=2241 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.020:37): arch=40000003 syscall=11 success=yes exit=0 a0=98b0180 a1=988cf58 a2=988b760 a3=98b0080 items=2 pid=2241 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449058.020:37): path="socket:[7118]" type=CWD msg=audit(1144449058.020:37): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.020:37): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.020:37): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.040:38): avc: denied { read write } for pid=2247 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.040:38): arch=40000003 syscall=11 success=yes exit=0 a0=98ae860 a1=988cf58 a2=988b810 a3=98ae598 items=2 pid=2247 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449058.040:38): path="socket:[7118]" type=CWD msg=audit(1144449058.040:38): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.040:38): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.040:38): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.052:39): avc: denied { read write } for pid=2249 comm="iwconfig" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.052:39): arch=40000003 syscall=11 success=yes exit=0 a0=98a95d8 a1=98aca10 a2=988b760 a3=98ab010 items=2 pid=2249 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="iwconfig" exe="/sbin/iwconfig" type=AVC_PATH msg=audit(1144449058.052:39): path="socket:[7118]" type=CWD msg=audit(1144449058.052:39): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.052:39): item=0 name="/sbin/iwconfig" flags=101 inode=102068 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.052:39): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.072:40): avc: denied { read write } for pid=2251 comm="ethtool" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.072:40): arch=40000003 syscall=11 success=yes exit=0 a0=988a6a0 a1=988e7c8 a2=988a9a8 a3=98ae9c8 items=2 pid=2251 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ethtool" exe="/sbin/ethtool" type=AVC_PATH msg=audit(1144449058.072:40): path="socket:[7118]" type=CWD msg=audit(1144449058.072:40): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.072:40): item=0 name="/sbin/ethtool" flags=101 inode=102186 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.072:40): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.080:41): avc: denied { read write } for pid=2254 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.080:41): arch=40000003 syscall=11 success=yes exit=0 a0=98b4628 a1=98871a0 a2=988a9a8 a3=98b3a10 items=2 pid=2254 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449058.080:41): path="socket:[7118]" type=CWD msg=audit(1144449058.080:41): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.080:41): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.080:41): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.092:42): avc: denied { read write } for pid=2255 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.092:42): arch=40000003 syscall=11 success=yes exit=0 a0=98b3a10 a1=98b4190 a2=9887310 a3=98b3ab0 items=2 pid=2255 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449058.092:42): path="socket:[7118]" type=CWD msg=audit(1144449058.092:42): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.092:42): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.092:42): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.100:43): avc: denied { getattr } for pid=2214 comm="ifup-eth" name="arping" dev=hda2 ino=99965 scontext=system_u:system_r:xend_t:s0 tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file type=SYSCALL msg=audit(1144449058.100:43): arch=40000003 syscall=195 success=no exit=-13 a0=988a498 a1=bf874d10 a2=5fdff4 a3=988a498 items=1 pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ifup-eth" exe="/bin/bash" type=AVC_PATH msg=audit(1144449058.100:43): path="/sbin/arping" type=CWD msg=audit(1144449058.100:43): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.100:43): item=0 name="/sbin/arping" flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.100:44): avc: denied { getattr } for pid=2214 comm="ifup-eth" name="arping" dev=hda2 ino=99965 scontext=system_u:system_r:xend_t:s0 tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file type=SYSCALL msg=audit(1144449058.100:44): arch=40000003 syscall=195 success=no exit=-13 a0=988a498 a1=bf874d10 a2=5fdff4 a3=988a498 items=1 pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ifup-eth" exe="/bin/bash" type=AVC_PATH msg=audit(1144449058.100:44): path="/sbin/arping" type=CWD msg=audit(1144449058.100:44): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.100:44): item=0 name="/usr/sbin/arping" flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.120:45): avc: denied { read write } for pid=2262 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.120:45): arch=40000003 syscall=11 success=yes exit=0 a0=98b4070 a1=98871a0 a2=988a9a8 a3=98b4060 items=2 pid=2262 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449058.120:45): path="socket:[7118]" type=CWD msg=audit(1144449058.120:45): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.120:45): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.120:45): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.120:46): avc: denied { read write } for pid=2263 comm="ethtool" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.120:46): arch=40000003 syscall=11 success=yes exit=0 a0=9889960 a1=98b27d0 a2=988a9a8 a3=98b3398 items=2 pid=2263 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ethtool" exe="/sbin/ethtool" type=AVC_PATH msg=audit(1144449058.120:46): path="socket:[7118]" type=CWD msg=audit(1144449058.120:46): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.120:46): item=0 name="/sbin/ethtool" flags=101 inode=102186 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.120:46): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.132:47): avc: denied { read write } for pid=2265 comm="ip" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.132:47): arch=40000003 syscall=11 success=yes exit=0 a0=98b36a8 a1=98871a0 a2=988a9a8 a3=98b3658 items=2 pid=2265 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ip" exe="/sbin/ip" type=AVC_PATH msg=audit(1144449058.132:47): path="socket:[7118]" type=CWD msg=audit(1144449058.132:47): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.132:47): item=0 name="/sbin/ip" flags=101 inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.132:47): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449058.200:48): avc: denied { read write } for pid=2279 comm="ifconfig" name="[7118]" dev=sockfs ino=7118 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket type=SYSCALL msg=audit(1144449058.200:48): arch=40000003 syscall=11 success=yes exit=0 a0=9c020b8 a1=9c01618 a2=9beea80 a3=9c014f8 items=2 pid=2279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ifconfig" exe="/sbin/ifconfig" type=AVC_PATH msg=audit(1144449058.200:48): path="socket:[7118]" type=CWD msg=audit(1144449058.200:48): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449058.200:48): item=0 name="/sbin/ifconfig" flags=101 inode=102062 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=PATH msg=audit(1144449058.200:48): item=1 flags=101 inode=1298196 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449060.120:49): avc: denied { getattr } for pid=2258 comm="ifup-eth" name="arping" dev=hda2 ino=99965 scontext=system_u:system_r:xend_t:s0 tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file type=SYSCALL msg=audit(1144449060.120:49): arch=40000003 syscall=195 success=no exit=-13 a0=988a498 a1=bf874a90 a2=5fdff4 a3=988a498 items=1 pid=2258 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ifup-eth" exe="/bin/bash" type=AVC_PATH msg=audit(1144449060.120:49): path="/sbin/arping" type=CWD msg=audit(1144449060.120:49): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449060.120:49): item=0 name="/sbin/arping" flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1144449060.120:50): avc: denied { getattr } for pid=2258 comm="ifup-eth" name="arping" dev=hda2 ino=99965 scontext=system_u:system_r:xend_t:s0 tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file type=SYSCALL msg=audit(1144449060.120:50): arch=40000003 syscall=195 success=no exit=-13 a0=988a498 a1=bf874a90 a2=5fdff4 a3=988a498 items=1 pid=2258 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ifup-eth" exe="/bin/bash" type=AVC_PATH msg=audit(1144449060.120:50): path="/sbin/arping" type=CWD msg=audit(1144449060.120:50): cwd="/etc/sysconfig/network-scripts" type=PATH msg=audit(1144449060.120:50): item=0 name="/usr/sbin/arping" flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 Bob -- Bob Kashani http://www.gnome.org/~bobk/

1 0

proftpd logs
by Paul Howarth 07 Apr '06

07 Apr '06

proftpd likes to handle its own logging, and needs the following before it will work: module proftpd 0.2; require { class dir { getattr search }; type ftpd_t; type xferlog_t; }; allow ftpd_t xferlog_t:dir { getattr search }; This is for the following proftpd log setup: ExtendedLog /var/log/proftpd/access.log WRITE,READ default ExtendedLog /var/log/proftpd/auth.log AUTH auth This is the default in the Extras package if you uncomment the anonymous ftp server bits from the included configuration file: http://cvs.fedora.redhat.com/viewcvs/devel/proftpd/proftpd.conf?root=extras… Paul.

1 0

[FC5] Samba and SELinux
by Dan Thurman 06 Apr '06

06 Apr '06

Folks, What is the procedure for creating Samba shares and getting around the SELinux issues? Samba by default no longer works with shares such as [homes] and any other added shares without administrator intervention to add SELinux labels on share directories. Please direct me to the FAQ for Samba & SELinux or please tell me what I have to do to get samba shares working. In my case - I am getting permission denied in the audit logs and in the message logs for nmbd, I am getting directories do not exists errors (when they actually do!). Kind regards, Dan

6 14

Selinux & httpd in FC5
by Jouni Viikari 06 Apr '06

06 Apr '06

Hi, I just noticed that I was able to run cgi-scripts on apache which type was bin_t instead of httpd_sys_script_exec_t. Is this expected nowadays? I am using FC5 with the latest updates (selinux-policy-targeted-2.2.25-3.fc5) Also this bin_t script was able to read files which were by accident httpd_sys_script_exec_t type. My booleans: # getsebool -a | grep httpd allow_httpd_anon_write --> off allow_httpd_sys_script_anon_write --> off httpd_builtin_scripting --> on httpd_can_network_connect --> on httpd_can_network_connect_db --> off httpd_can_network_relay --> off httpd_disable_trans --> off httpd_enable_cgi --> on httpd_enable_ftp_server --> off httpd_enable_homedirs --> on httpd_ssi_exec --> on httpd_suexec_disable_trans --> off httpd_tty_comm --> off httpd_unified --> off BTW, is there a way or tools to find out what e.g. httpd_exec_t program is allowed to do (and what do the booleans really affect) on currently active policy? Best regards, Jouni

2 1

← Newer
1
2
3
4
5
6
7
8
9
10
Older →

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

selinux April 2006