May 2006 - selinux - Fedora Mailing-Lists

Re: fedora-selinux-list Digest, Vol 26, Issue 32

by John Griffiths

fedora-selinux-list-request(a)redhat.com wrote: > > Subject: > Error running ffmpeg due to permission denied on library > From: > "Robert Foster" <rfoster(a)mountainvisions.com.au> > Date: > Thu, 27 Apr 2006 12:41:09 +1000 > To: > <fedora-selinux-list(a)redhat.com> > > To: > <fedora-selinux-list(a)redhat.com> > > > Hi, > I'm trying to get ffmpeg working for Gallery2 on FC5, and getting the > following error (from the debug message via Gallery): > > Executing: ( "/usr/bin/ffmpeg" "-h" ) > 2>/MV/webs/Repository/gallery/tmp/g2dbgitTQYC > file_exists(/MV/webs/Repository/gallery/tmp/g2dbgitTQYC) > filesize(/MV/webs/Repository/gallery/tmp/g2dbgitTQYC) > fopen(/MV/webs/Repository/gallery/tmp/g2dbgitTQYC, r, 0) > feof(Resource id #108) > fgets(Resource id #108, 4096) > feof(Resource id #108) > fgets(Resource id #108, 4096) > feof(Resource id #108) > fclose(Resource id #108) > unlink(/MV/webs/Repository/gallery/tmp/g2dbgitTQYC) > Regular Output: > Error Output: > /usr/bin/ffmpeg: error while loading shared libraries: libavcodec.so.51: > cannot enable executable stack as shared object requires: Permission > denied > Status: 127 (expected 0) > A quick look in /usr/lib reveals: > > -rwxr-xr-x root root system_u:object_r:textrel_shlib_t > /usr/lib/libavcodec-CVS.so > lrwxrwxrwx root root system_u:object_r:lib_t > /usr/lib/libavcodec.so -> libavcodec-CVS.so > lrwxrwxrwx root root > system_u:object_r:lib_t /usr/lib/libavcodec.so.51 -> > libavcodec-CVS.so > > > /var/log/audit/audit.log shows: > > type=SYSCALL msg=audit(1146010953.133:45163): arch=40000003 > syscall=125 success=no exit=-13 a0=bfc5b000 a1=1000 a2=1000007 > a3=fffff000 items=0 pid=25005 auid=1000 uid=48 gid=48 euid=48 suid=48 > fsuid=48 egid=48 sgid=48 fsgid=48 comm="ffmpeg" exe="/usr/bin/ffmpeg" > type=AVC msg=audit(1146010953.141:45164): avc: denied { execstack } > for pid=25007 comm="ffmpeg" > scontext=user_u:system_r:httpd_sys_script_t:s0 > tcontext=user_u:system_r:httpd_sys_script_t:s0 tclass=process > type=SYSCALL msg=audit(1146010953.141:45164): arch=40000003 > syscall=125 success=no exit=-13 a0=bf9e8000 a1=1000 a2=1000007 > a3=fffff000 items=0 pid=25007 auid=1000 uid=48 gid=48 euid=48 suid=48 > fsuid=48 egid=48 sgid=48 fsgid=48 comm="ffmpeg" exe="/usr/bin/ffmpeg" > type=AVC msg=audit(1146010953.213:45165): avc: denied { execstack } > for pid=25009 comm="ffmpeg" > scontext=user_u:system_r:httpd_sys_script_t:s0 > tcontext=user_u:system_r:httpd_sys_script_t:s0 tclass=process > type=SYSCALL msg=audit(1146010953.213:45165): arch=40000003 > syscall=125 success=no exit=-13 a0=bfbe6000 a1=1000 a2=1000007 > a3=fffff000 items=0 pid=25009 auid=1000 uid=48 gid=48 euid=48 suid=48 > fsuid=48 egid=48 sgid=48 fsgid=48 comm="ffmpeg" exe="/usr/bin/ffmpeg" > type=AVC msg=audit(1146010953.221:45166): avc: denied { execstack } > for pid=25011 comm="ffmpeg" > scontext=user_u:system_r:httpd_sys_script_t:s0 > tcontext=user_u:system_r:httpd_sys_script_t:s0 tclass=process > type=SYSCALL msg=audit(1146010953.221:45166): arch=40000003 > syscall=125 success=no exit=-13 a0=bf89b000 a1=1000 a2=1000007 > a3=fffff000 items=0 pid=25011 auid=1000 uid=48 gid=48 euid=48 suid=48 > fsuid=48 egid=48 sgid=48 fsgid=48 comm="ffmpeg" exe="/usr/bin/ffmpeg" > when I run the page producing the error output. > > I tried to set the allow_execstack boolean but it didn't make any > difference. > > I'm out of ideas on this one - any help appreciated :) > > Robert Foster > General Manager > Mountain Visions P/L http://mountainvisions.com.au > <http://mountainvisions.com.au/> > Mobile: 0418 131 065 > I had the same problem when using Kino which also uses ffmpeg. Here is what I did and it works. execstack -c /usr/lib/libmp3lame.so.0 execstack -c /usr/lib/libxvidcore.so.4 chcon -t textrel_shlib_t /usr/lib/libavformat.so.50 chcon -t textrel_shlib_t /usr/lib/libavutil.so.49 chcon -t textrel_shlib_t /usr/lib/libavcodec.so.51 This also takes care of the problem with lame-3.96.1-10.rhfc5.at, libxvidcore4-1.1.0-8.rhfc5.at, libavformat50-0.4.9-14_cvs20060301.rhfc5.at, libavutil49-0.4.9-14_cvs20060301.rhfc5.at, and libavcodec51-0.4.9-14_cvs20060301.rhfc5.at. Regards, John

17 years, 12 months

4
9
0 / 0

mock and SELinux

by Paul Howarth

I've written up my workaround for getting mock to work under SELinux at: http://fedoraproject.org/wiki/Extras/MockTricks (the bottom half of the page). It'd be nice if some people more knowledgeable than myself would give it a once-over to make sure I'm not talking complete nonsense... :-) Cheers, Paul.

17 years, 12 months

4
3
0 / 0

Problem with SELinux and Postfix (sending from Python scripts)

by Jeff Coffler

Hi folks, I found this link that had a similar (but not identical) problem: http://www.redhat.com/archives/fedora-selinux-list/2004-December/msg00033... O/S: Fedora Core5 Mail server: Postfix SELinux: Enabled. Basically, the problem is this. When I try to send E-Mail from a Python script, Postfix fails. In the maillog file, I see: Apr 24 13:53:57 miffy postfix/pickup[29094]: warning: maildrop/2104D276B2A: Permission denied In messages, I see: Apr 24 13:57:58 miffy kernel: audit(1145912278.348:688): avc: denied { getattr } for pid=29094 comm="pickup" name="2104D276B2A" dev=sda3 ino=2583338 scontext=root:system_r:postfix_pickup_t:s0 tcontext=root:object_r:postfix_spool_t:s0 tclass=file If I set SELinux to permissive mode, it works fine. Is this an SELinux policy problem? How can I go about fixing this? I'd prefer to run with SELinux enabled ... Thanks! -- Jeff

17 years, 12 months

2
3
0 / 0

RE: [ANN] Setools-2.4

by Kevin Carr

> On Tue, 2006-05-02 at 15:28 -0400, Kevin Carr wrote: > > A new version of setools is available on the Tresys website. > > http://www.tresys.com/selinux/ > > > > Change-Log > > ========== > > apol: File contexts tab now allows for MLS range searching if the loaded > > database is from a MLS filesystem. Policy statistics dialog now > > shows MLS and ocontexts summaries. > > > > libapol: Added support for loading base policies containing optionals. > > Added support for searching range transitions containing attributes. > > > > libseaudit: Bugfix to support parsing FC5-style audit logs. > > Curious: Is FC5 style different from a standard one? This was nothing substantial, just a bug that showed up in the parser. Kevin Carr Tresys Technology 410.290.1411 x137

17 years, 12 months

1
0
0 / 0

Problems with clamav and httpd

by Robert Foster

Hi all, Been playing with docmgr (http://docmgr.sourceforge.net) and discovered that when uploading a file, it fails because clamav can't scan the uploaded content. Audit log contains the following relevant lines: type=AVC msg=audit(1146659861.108:221013): avc: denied { read } for pid=15887 comm="clamscan" name="clamav" dev=dm-3 ino=2593916 scontext=user_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir type=SYSCALL msg=audit(1146659861.108:221013): arch=40000003 syscall=5 success=no exit=-13 a0=9de85b8 a1=18800 a2=26f120 a3=9de8008 items=1 pid=15887 auid=1000 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 comm="clamscan" exe="/usr/bin/clamscan" type=CWD msg=audit(1146659861.108:221013): cwd="/MV/webs/project/html/doc" type=PATH msg=audit(1146659861.108:221013): item=0 name="/var/lib/clamav" flags=103 inode=2593916 dev=fd:03 mode=040755 ouid=100 ogid=101 rdev=00:00 I've also setsebool -P on allow_execstack and allow_httpd_anon_write amongst others, and the relevant directories have the following context to allow httpd and samba to play nice together: user_u:object_r:public_content_rw_t Anyone able to shed some light on this? Other (maybe) relevant info: # ls -alZ /var/lib/clamav/ drwxr-xr-x clamav clamav system_u:object_r:var_lib_t . drwxr-xr-x root root system_u:object_r:var_lib_t .. -rw-r--r-- clamav clamav user_u:object_r:var_lib_t daily.cvd -rw-r--r-- clamav clamav user_u:object_r:var_lib_t daily.cvd.rpmsave drwx------ clamav clamav system_u:object_r:var_lib_t Maildir -rw-r--r-- clamav clamav system_u:object_r:var_lib_t main.cvd -rw-r--r-- clamav clamav user_u:object_r:var_lib_t main.cvd.rpmsave # ls -alZ /MV/webs/project/html/doc drwsrws--x apache apache user_u:object_r:public_content_rw_t . drwsrws--x apache apache system_u:object_r:public_content_rw_t .. drwsrws--x apache apache user_u:object_r:public_content_rw_t app drwsrws--x apache apache user_u:object_r:public_content_rw_t auth drwsrws--x apache apache user_u:object_r:public_content_rw_t bin drwsrws--x apache apache user_u:object_r:public_content_rw_t config drwsrws--x apache apache user_u:object_r:public_content_rw_t DOCS drwsrws--x apache apache user_u:object_r:public_content_rw_t fckeditor drwsrws--x apache apache user_u:object_r:public_content_rw_t files drwsrws--x apache apache user_u:object_r:public_content_rw_t header drwsrws--x apache apache user_u:object_r:public_content_rw_t include -rwxrwx--x apache apache user_u:object_r:public_content_rw_t index.php drwsrws--x apache apache user_u:object_r:public_content_rw_t javascript drwsrws--x apache apache user_u:object_r:public_content_rw_t lang drwsrws--x apache apache user_u:object_r:public_content_rw_t modules drwsrws--x apache apache user_u:object_r:public_content_rw_t scripts drwsrws--x apache apache user_u:object_r:public_content_rw_t themes drwsrws--x apache apache user_u:object_r:public_content_rw_t webdav It also seems that docmgr is calling clamscan on a temp file found in /tmp. But I haven't been able to confirm the context of the target file as yet. Thanks, Robert Foster

17 years, 12 months

1
0
0 / 0

HOWTO: kdebluetooth with SELinux on FC5

by Charles-Edouard Ruault

Hi all, for those who are interested, after struggling to get kdebluetooth to work on my FC5 with SELinux targetted policy i've published a HOWTO at the following address: http://www.ruault.com/kdebluetooth/ Feel free to let me know if i've missed something or if it can be improved. Regards. -- Charles-Edouard Ruault GPG key Id E4D2B80C

17 years, 12 months

5
6
0 / 0

[ANN] Setools-2.4

by Kevin Carr

A new version of setools is available on the Tresys website. http://www.tresys.com/selinux/ Change-Log ========== apol: File contexts tab now allows for MLS range searching if the loaded database is from a MLS filesystem. Policy statistics dialog now shows MLS and ocontexts summaries. libapol: Added support for loading base policies containing optionals. Added support for searching range transitions containing attributes. libseaudit: Bugfix to support parsing FC5-style audit logs. seaudit: Added date filters. secmds: Added support to indexcon and searchcon for MLS filesytems. Added support to findcon and replcon for MLS filesystems. sechecker: Added incomplete network access (inc_net_access) module. Added unreachable domains (unreachable_doms) module. Added impossible range transitions (imp_range_trans) module. sesearch: Allow user to search range transitions by attributes and indirect matching. Added RBAC searching. Kevin Carr Tresys Technology 410.290.1411 x137

17 years, 12 months

2
1
0 / 0

Firefox/Flash printing

by Ted Rule

On my - admittedly FC4 - system, I've had a problem recently printing from various Flash pages on certain websites. This is with the combination of: Flash 7.0.63 Firefox 1.0.8 selinux-policy-strict-1.27.1-2.27 An example of the problem is to be found here ( build the jigsaw an print it out): http://www.bbc.co.uk/cbeebies/funandgames/jigsaw.shtml ( Yes, fixing the problem was prompted by my desire not to let 4-year olds have to know how to temporarily set SELinux to permissive just so as to print out their games results! ) After some burrowing around with policy tweaks and enableaudit, the minimum extra policy I had to allow was this: allow user_mozilla_t cupsd_t:dir { getattr search }; allow user_mozilla_t cupsd_t:file { read }; ( i.e. let mozilla plugins read /proc/xxx for the cups daemon process ) With enableaudit in place, it seems that the Flash plugin seems to invoke a very verbose call to "ps". This, in turn, leads to lots of denial messages as SELinux stops the plugin from seeing /proc/xxx for all the system processes. The fixup seems to be to allow Flash to read status and cmdline for the cupsd process itself; once it has found that process, the existing print/lpr permissions for user_mozilla_t seem to be enough to allow it to proceed. This still leaves a flood of denial messages, but at least the printer works. My suspicion is that the plugin decodes the output of something like "ps axww" to determine the flavour of the local print server. Since the plugin is probably designed to run on a number of platforms, it presumably has to dynamically probe for the print processor type. Given what I see, it would not surprise me that this behaviour exists in some sort of generic print-API within Flash, and hence the problem may be reasonably widespread on "Flashy" websites. Can anyone confirm/deny whether this permission exists in the FC5 strict and/or targeted policies? Sample enableaudit trace of a print Job invocation - with my patch set to auditallow: Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2567): avc: denied { getattr } for pid=4883 comm="ps" name="1" dev=proc ino=65538 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:init_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2568): avc: denied { getattr } for pid=4883 comm="ps" name="2" dev=proc ino=131074 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2569): avc: denied { getattr } for pid=4883 comm="ps" name="3" dev=proc ino=196610 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2570): avc: denied { getattr } for pid=4883 comm="ps" name="4" dev=proc ino=262146 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2571): avc: denied { getattr } for pid=4883 comm="ps" name="5" dev=proc ino=327682 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2572): avc: denied { getattr } for pid=4883 comm="ps" name="9" dev=proc ino=589826 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2573): avc: denied { getattr } for pid=4883 comm="ps" name="10" dev=proc ino=655362 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2574): avc: denied { getattr } for pid=4883 comm="ps" name="242" dev=proc ino=15859714 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2575): avc: denied { getattr } for pid=4883 comm="ps" name="296" dev=proc ino=19398658 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2576): avc: denied { getattr } for pid=4883 comm="ps" name="297" dev=proc ino=19464194 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2577): avc: denied { getattr } for pid=4883 comm="ps" name="299" dev=proc ino=19595266 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2578): avc: denied { getattr } for pid=4883 comm="ps" name="298" dev=proc ino=19529730 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.469:2579): avc: denied { getattr } for pid=4883 comm="ps" name="386" dev=proc ino=25296898 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2580): avc: denied { getattr } for pid=4883 comm="ps" name="466" dev=proc ino=30539778 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2581): avc: denied { getattr } for pid=4883 comm="ps" name="485" dev=proc ino=31784962 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2582): avc: denied { getattr } for pid=4883 comm="ps" name="539" dev=proc ino=35323906 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2583): avc: denied { getattr } for pid=4883 comm="ps" name="681" dev=proc ino=44630018 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:udev_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2584): avc: denied { getattr } for pid=4883 comm="ps" name="1212" dev=proc ino=79429634 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2585): avc: denied { getattr } for pid=4883 comm="ps" name="1213" dev=proc ino=79495170 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2586): avc: denied { getattr } for pid=4883 comm="ps" name="1655" dev=proc ino=108462082 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2587): avc: denied { getattr } for pid=4883 comm="ps" name="1658" dev=proc ino=108658690 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2588): avc: denied { getattr } for pid=4883 comm="ps" name="1661" dev=proc ino=108855298 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2589): avc: denied { getattr } for pid=4883 comm="ps" name="1664" dev=proc ino=109051906 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2590): avc: denied { getattr } for pid=4883 comm="ps" name="1667" dev=proc ino=109248514 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2591): avc: denied { getattr } for pid=4883 comm="ps" name="2103" dev=proc ino=137822210 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:syslogd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2592): avc: denied { getattr } for pid=4883 comm="ps" name="2239" dev=proc ino=146735106 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:automount_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2593): avc: denied { getattr } for pid=4883 comm="ps" name="2253" dev=proc ino=147652610 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:fsdaemon_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2594): avc: denied { getattr } for pid=4883 comm="ps" name="2261" dev=proc ino=148176898 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:apmd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2595): avc: denied { getattr } for pid=4883 comm="ps" name="2269" dev=proc ino=148701186 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:hplip_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2596): avc: denied { getattr } for pid=4883 comm="ps" name="2273" dev=proc ino=148963330 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:hplip_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2597): avc: granted { getattr } for pid=4883 comm="ps" name="2284" dev=proc ino=149684226 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2598): avc: granted { search } for pid=4883 comm="ps" name="2284" dev=proc ino=149684226 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2599): avc: granted { read } for pid=4883 comm="ps" name="stat" dev=proc ino=149684237 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.473:2600): avc: granted { read } for pid=4883 comm="ps" name="stat" dev=proc ino=149684237 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2601): avc: granted { search } for pid=4883 comm="ps" name="2284" dev=proc ino=149684226 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2602): avc: granted { read } for pid=4883 comm="ps" name="status" dev=proc ino=149684228 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2603): avc: granted { read } for pid=4883 comm="ps" name="status" dev=proc ino=149684228 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2604): avc: granted { search } for pid=4883 comm="ps" name="2284" dev=proc ino=149684226 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2605): avc: granted { read } for pid=4883 comm="ps" name="cmdline" dev=proc ino=149684236 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2606): avc: granted { read } for pid=4883 comm="ps" name="cmdline" dev=proc ino=149684236 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2607): avc: denied { getattr } for pid=4883 comm="ps" name="2341" dev=proc ino=153419778 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:ntpd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2608): avc: denied { getattr } for pid=4883 comm="ps" name="2363" dev=proc ino=154861570 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:sendmail_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2609): avc: denied { getattr } for pid=4883 comm="ps" name="2369" dev=proc ino=155254786 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:sendmail_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2610): avc: denied { getattr } for pid=4883 comm="ps" name="2379" dev=proc ino=155910146 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:sendmail_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2611): avc: denied { getattr } for pid=4883 comm="ps" name="2390" dev=proc ino=156631042 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:spamd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2612): avc: denied { getattr } for pid=4883 comm="ps" name="2399" dev=proc ino=157220866 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:gpm_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2613): avc: denied { getattr } for pid=4883 comm="ps" name="2407" dev=proc ino=157745154 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2614): avc: denied { getattr } for pid=4883 comm="ps" name="2419" dev=proc ino=158531586 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:spamd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2615): avc: denied { getattr } for pid=4883 comm="ps" name="2420" dev=proc ino=158597122 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:spamd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2616): avc: denied { getattr } for pid=4883 comm="ps" name="2421" dev=proc ino=158662658 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:spamd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.477:2617): avc: denied { getattr } for pid=4883 comm="ps" name="2422" dev=proc ino=158728194 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:spamd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2618): avc: denied { getattr } for pid=4883 comm="ps" name="2423" dev=proc ino=158793730 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:spamd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2619): avc: denied { getattr } for pid=4883 comm="ps" name="2441" dev=proc ino=159973378 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:xfs_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2620): avc: denied { getattr } for pid=4883 comm="ps" name="2449" dev=proc ino=160497666 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:smbd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2621): avc: denied { getattr } for pid=4883 comm="ps" name="2451" dev=proc ino=160628738 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:smbd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2622): avc: denied { getattr } for pid=4883 comm="ps" name="2452" dev=proc ino=160694274 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:nmbd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2623): avc: denied { getattr } for pid=4883 comm="ps" name="2468" dev=proc ino=161742850 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2624): avc: denied { getattr } for pid=4883 comm="ps" name="2484" dev=proc ino=162791426 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:system_dbusd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2625): avc: denied { getattr } for pid=4883 comm="ps" name="2496" dev=proc ino=163577858 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:cupsd_config_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2626): avc: denied { getattr } for pid=4883 comm="ps" name="2505" dev=proc ino=164167682 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:hald_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2627): avc: denied { getattr } for pid=4883 comm="ps" name="2510" dev=proc ino=164495362 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:hald_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2628): avc: denied { getattr } for pid=4883 comm="ps" name="2518" dev=proc ino=165019650 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:hald_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2629): avc: denied { getattr } for pid=4883 comm="ps" name="2520" dev=proc ino=165150722 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:hald_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2630): avc: denied { getattr } for pid=4883 comm="ps" name="2526" dev=proc ino=165543938 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:hald_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2631): avc: denied { getattr } for pid=4883 comm="ps" name="2538" dev=proc ino=166330370 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:kernel_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2632): avc: denied { getattr } for pid=4883 comm="ps" name="2542" dev=proc ino=166592514 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:hald_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2633): avc: denied { getattr } for pid=4883 comm="ps" name="2581" dev=proc ino=169148418 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:mdadm_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2634): avc: denied { getattr } for pid=4883 comm="ps" name="2588" dev=proc ino=169607170 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:getty_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2635): avc: denied { getattr } for pid=4883 comm="ps" name="2589" dev=proc ino=169672706 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:getty_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2636): avc: denied { getattr } for pid=4883 comm="ps" name="2590" dev=proc ino=169738242 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:getty_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2637): avc: denied { getattr } for pid=4883 comm="ps" name="2591" dev=proc ino=169803778 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:getty_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.481:2638): avc: denied { getattr } for pid=4883 comm="ps" name="2592" dev=proc ino=169869314 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:getty_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2639): avc: denied { getattr } for pid=4883 comm="ps" name="2593" dev=proc ino=169934850 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:getty_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2640): avc: denied { getattr } for pid=4883 comm="ps" name="2594" dev=proc ino=170000386 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:initrc_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2641): avc: denied { getattr } for pid=4883 comm="ps" name="2798" dev=proc ino=183369730 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:xdm_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2642): avc: denied { getattr } for pid=4883 comm="ps" name="2855" dev=proc ino=187105282 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:xdm_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2643): avc: denied { getattr } for pid=4883 comm="ps" name="2865" dev=proc ino=187760642 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:xdm_xserver_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2644): avc: denied { getattr } for pid=4883 comm="ps" name="3721" dev=proc ino=243859458 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2645): avc: denied { getattr } for pid=4883 comm="ps" name="3723" dev=proc ino=243990530 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2646): avc: denied { getattr } for pid=4883 comm="ps" name="3724" dev=proc ino=244056066 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2647): avc: denied { getattr } for pid=4883 comm="ps" name="3726" dev=proc ino=244187138 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2648): avc: denied { getattr } for pid=4883 comm="ps" name="3727" dev=proc ino=244252674 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2649): avc: denied { getattr } for pid=4883 comm="ps" name="3728" dev=proc ino=244318210 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2650): avc: denied { getattr } for pid=4883 comm="ps" name="3729" dev=proc ino=244383746 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2651): avc: denied { getattr } for pid=4883 comm="ps" name="3730" dev=proc ino=244449282 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2652): avc: denied { getattr } for pid=4883 comm="ps" name="3731" dev=proc ino=244514818 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2653): avc: denied { getattr } for pid=4883 comm="ps" name="3754" dev=proc ino=246022146 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2654): avc: denied { getattr } for pid=4883 comm="ps" name="3756" dev=proc ino=246153218 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2655): avc: denied { getattr } for pid=4883 comm="ps" name="3760" dev=proc ino=246415362 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2656): avc: denied { getattr } for pid=4883 comm="ps" name="3761" dev=proc ino=246480898 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2657): avc: denied { getattr } for pid=4883 comm="ps" name="3763" dev=proc ino=246611970 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2658): avc: denied { getattr } for pid=4883 comm="ps" name="3764" dev=proc ino=246677506 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2659): avc: denied { getattr } for pid=4883 comm="ps" name="3765" dev=proc ino=246743042 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.485:2660): avc: denied { getattr } for pid=4883 comm="ps" name="3767" dev=proc ino=246874114 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2661): avc: denied { getattr } for pid=4883 comm="ps" name="3768" dev=proc ino=246939650 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2662): avc: denied { getattr } for pid=4883 comm="ps" name="3769" dev=proc ino=247005186 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2663): avc: denied { getattr } for pid=4883 comm="ps" name="3770" dev=proc ino=247070722 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2664): avc: denied { getattr } for pid=4883 comm="ps" name="3772" dev=proc ino=247201794 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2665): avc: denied { getattr } for pid=4883 comm="ps" name="3773" dev=proc ino=247267330 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2666): avc: denied { getattr } for pid=4883 comm="ps" name="3797" dev=proc ino=248840194 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2667): avc: denied { getattr } for pid=4883 comm="ps" name="3799" dev=proc ino=248971266 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2668): avc: denied { getattr } for pid=4883 comm="ps" name="3800" dev=proc ino=249036802 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2669): avc: denied { getattr } for pid=4883 comm="ps" name="3802" dev=proc ino=249167874 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2670): avc: denied { getattr } for pid=4883 comm="ps" name="3803" dev=proc ino=249233410 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2671): avc: denied { getattr } for pid=4883 comm="ps" name="3804" dev=proc ino=249298946 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2672): avc: denied { getattr } for pid=4883 comm="ps" name="3805" dev=proc ino=249364482 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2673): avc: denied { getattr } for pid=4883 comm="ps" name="3806" dev=proc ino=249430018 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2674): avc: denied { getattr } for pid=4883 comm="ps" name="3807" dev=proc ino=249495554 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2675): avc: denied { getattr } for pid=4883 comm="ps" name="3833" dev=proc ino=251199490 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2676): avc: denied { getattr } for pid=4883 comm="ps" name="3835" dev=proc ino=251330562 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2677): avc: denied { getattr } for pid=4883 comm="ps" name="3836" dev=proc ino=251396098 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2678): avc: denied { getattr } for pid=4883 comm="ps" name="3838" dev=proc ino=251527170 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.489:2679): avc: denied { getattr } for pid=4883 comm="ps" name="3839" dev=proc ino=251592706 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2680): avc: denied { getattr } for pid=4883 comm="ps" name="3840" dev=proc ino=251658242 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2681): avc: denied { getattr } for pid=4883 comm="ps" name="3841" dev=proc ino=251723778 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2682): avc: denied { getattr } for pid=4883 comm="ps" name="3842" dev=proc ino=251789314 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2683): avc: denied { getattr } for pid=4883 comm="ps" name="3843" dev=proc ino=251854850 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2684): avc: denied { getattr } for pid=4883 comm="ps" name="3866" dev=proc ino=253362178 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2685): avc: denied { getattr } for pid=4883 comm="ps" name="3868" dev=proc ino=253493250 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2686): avc: denied { getattr } for pid=4883 comm="ps" name="3869" dev=proc ino=253558786 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2687): avc: denied { getattr } for pid=4883 comm="ps" name="3871" dev=proc ino=253689858 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2688): avc: denied { getattr } for pid=4883 comm="ps" name="3872" dev=proc ino=253755394 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2689): avc: denied { getattr } for pid=4883 comm="ps" name="3873" dev=proc ino=253820930 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2690): avc: denied { getattr } for pid=4883 comm="ps" name="3874" dev=proc ino=253886466 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2691): avc: denied { getattr } for pid=4883 comm="ps" name="3875" dev=proc ino=253952002 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2692): avc: denied { getattr } for pid=4883 comm="ps" name="3876" dev=proc ino=254017538 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2693): avc: denied { getattr } for pid=4883 comm="ps" name="3900" dev=proc ino=255590402 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2694): avc: denied { getattr } for pid=4883 comm="ps" name="3902" dev=proc ino=255721474 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2695): avc: denied { getattr } for pid=4883 comm="ps" name="3903" dev=proc ino=255787010 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2696): avc: denied { getattr } for pid=4883 comm="ps" name="3905" dev=proc ino=255918082 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2697): avc: denied { getattr } for pid=4883 comm="ps" name="3906" dev=proc ino=255983618 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2698): avc: denied { getattr } for pid=4883 comm="ps" name="3907" dev=proc ino=256049154 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2699): avc: denied { getattr } for pid=4883 comm="ps" name="3908" dev=proc ino=256114690 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.493:2700): avc: denied { getattr } for pid=4883 comm="ps" name="3911" dev=proc ino=256311298 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2701): avc: denied { getattr } for pid=4883 comm="ps" name="3912" dev=proc ino=256376834 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2702): avc: denied { getattr } for pid=4883 comm="ps" name="3934" dev=proc ino=257818626 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2703): avc: denied { getattr } for pid=4883 comm="ps" name="3936" dev=proc ino=257949698 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2704): avc: denied { getattr } for pid=4883 comm="ps" name="3937" dev=proc ino=258015234 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2705): avc: denied { getattr } for pid=4883 comm="ps" name="3939" dev=proc ino=258146306 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2706): avc: denied { getattr } for pid=4883 comm="ps" name="3940" dev=proc ino=258211842 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2707): avc: denied { getattr } for pid=4883 comm="ps" name="3941" dev=proc ino=258277378 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2708): avc: denied { getattr } for pid=4883 comm="ps" name="3942" dev=proc ino=258342914 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2709): avc: denied { getattr } for pid=4883 comm="ps" name="3943" dev=proc ino=258408450 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2710): avc: denied { getattr } for pid=4883 comm="ps" name="3944" dev=proc ino=258473986 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2711): avc: denied { getattr } for pid=4883 comm="ps" name="3958" dev=proc ino=259391490 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2712): avc: denied { getattr } for pid=4883 comm="ps" name="4028" dev=proc ino=263979010 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_ssh_agent_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2713): avc: denied { getattr } for pid=4883 comm="ps" name="4031" dev=proc ino=264175618 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_dbusd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2714): avc: denied { getattr } for pid=4883 comm="ps" name="4032" dev=proc ino=264241154 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2715): avc: denied { getattr } for pid=4883 comm="ps" name="4039" dev=proc ino=264699906 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_gconfd_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2716): avc: denied { getattr } for pid=4883 comm="ps" name="4044" dev=proc ino=265027586 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2717): avc: denied { getattr } for pid=4883 comm="ps" name="4046" dev=proc ino=265158658 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_bonobo_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2718): avc: denied { getattr } for pid=4883 comm="ps" name="4048" dev=proc ino=265289730 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2719): avc: denied { getattr } for pid=4883 comm="ps" name="4050" dev=proc ino=265420802 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2720): avc: denied { getattr } for pid=4883 comm="ps" name="4052" dev=proc ino=265551874 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2721): avc: denied { getattr } for pid=4883 comm="ps" name="4054" dev=proc ino=265682946 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.497:2722): avc: denied { getattr } for pid=4883 comm="ps" name="4056" dev=proc ino=265814018 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2723): avc: denied { getattr } for pid=4883 comm="ps" name="4072" dev=proc ino=266862594 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2724): avc: denied { getattr } for pid=4883 comm="ps" name="4080" dev=proc ino=267386882 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2725): avc: denied { getattr } for pid=4883 comm="ps" name="4086" dev=proc ino=267780098 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2726): avc: denied { getattr } for pid=4883 comm="ps" name="4090" dev=proc ino=268042242 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2727): avc: denied { getattr } for pid=4883 comm="ps" name="4092" dev=proc ino=268173314 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2728): avc: denied { getattr } for pid=4883 comm="ps" name="4094" dev=proc ino=268304386 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2729): avc: denied { getattr } for pid=4883 comm="ps" name="4098" dev=proc ino=268566530 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2730): avc: denied { getattr } for pid=4883 comm="ps" name="4100" dev=proc ino=268697602 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_evolution_alarm_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2731): avc: denied { getattr } for pid=4883 comm="ps" name="4103" dev=proc ino=268894210 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_gnome_vfs_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2732): avc: denied { getattr } for pid=4883 comm="ps" name="4115" dev=proc ino=269680642 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2733): avc: denied { getattr } for pid=4883 comm="ps" name="4121" dev=proc ino=270073858 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2734): avc: denied { getattr } for pid=4883 comm="ps" name="4124" dev=proc ino=270270466 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2735): avc: denied { getattr } for pid=4883 comm="ps" name="4130" dev=proc ino=270663682 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:pam_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2736): avc: denied { getattr } for pid=4883 comm="ps" name="4147" dev=proc ino=271777794 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_evolution_server_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2737): avc: denied { getattr } for pid=4883 comm="ps" name="4178" dev=proc ino=273809410 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_gph_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.501:2738): avc: denied { getattr } for pid=4883 comm="ps" name="4179" dev=proc ino=273874946 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2739): avc: denied { getattr } for pid=4883 comm="ps" name="4195" dev=proc ino=274923522 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2740): avc: denied { getattr } for pid=4883 comm="ps" name="4308" dev=proc ino=282329090 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_evolution_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2741): avc: denied { getattr } for pid=4883 comm="ps" name="4341" dev=proc ino=284491778 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2742): avc: denied { getattr } for pid=4883 comm="ps" name="4342" dev=proc ino=284557314 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2743): avc: denied { getattr } for pid=4883 comm="ps" name="4345" dev=proc ino=284753922 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2744): avc: denied { getattr } for pid=4883 comm="ps" name="4346" dev=proc ino=284819458 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2745): avc: denied { getattr } for pid=4883 comm="ps" name="4347" dev=proc ino=284884994 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2746): avc: denied { getattr } for pid=4883 comm="ps" name="4348" dev=proc ino=284950530 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2747): avc: denied { getattr } for pid=4883 comm="ps" name="4350" dev=proc ino=285081602 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2748): avc: denied { getattr } for pid=4883 comm="ps" name="4351" dev=proc ino=285147138 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2749): avc: denied { getattr } for pid=4883 comm="ps" name="4352" dev=proc ino=285212674 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2750): avc: denied { getattr } for pid=4883 comm="ps" name="4353" dev=proc ino=285278210 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2751): avc: denied { getattr } for pid=4883 comm="ps" name="4354" dev=proc ino=285343746 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2752): avc: denied { getattr } for pid=4883 comm="ps" name="4355" dev=proc ino=285409282 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2753): avc: denied { getattr } for pid=4883 comm="ps" name="4357" dev=proc ino=285540354 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.505:2754): avc: denied { getattr } for pid=4883 comm="ps" name="4414" dev=proc ino=289275906 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_ssh_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2755): avc: denied { getattr } for pid=4883 comm="ps" name="4426" dev=proc ino=290062338 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2756): avc: denied { getattr } for pid=4883 comm="ps" name="4428" dev=proc ino=290193410 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2757): avc: denied { getattr } for pid=4883 comm="ps" name="4429" dev=proc ino=290258946 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2758): avc: denied { getattr } for pid=4883 comm="ps" name="4431" dev=proc ino=290390018 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2759): avc: denied { getattr } for pid=4883 comm="ps" name="4432" dev=proc ino=290455554 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2760): avc: denied { getattr } for pid=4883 comm="ps" name="4433" dev=proc ino=290521090 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2761): avc: denied { getattr } for pid=4883 comm="ps" name="4434" dev=proc ino=290586626 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2762): avc: denied { getattr } for pid=4883 comm="ps" name="4435" dev=proc ino=290652162 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2763): avc: denied { getattr } for pid=4883 comm="ps" name="4436" dev=proc ino=290717698 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2764): avc: denied { getattr } for pid=4883 comm="ps" name="4532" dev=proc ino=297009154 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2765): avc: denied { getattr } for pid=4883 comm="ps" name="4534" dev=proc ino=297140226 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2766): avc: denied { getattr } for pid=4883 comm="ps" name="4535" dev=proc ino=297205762 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2767): avc: denied { getattr } for pid=4883 comm="ps" name="4537" dev=proc ino=297336834 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2768): avc: denied { getattr } for pid=4883 comm="ps" name="4538" dev=proc ino=297402370 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2769): avc: denied { getattr } for pid=4883 comm="ps" name="4539" dev=proc ino=297467906 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2770): avc: denied { getattr } for pid=4883 comm="ps" name="4540" dev=proc ino=297533442 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2771): avc: denied { getattr } for pid=4883 comm="ps" name="4543" dev=proc ino=297730050 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2772): avc: denied { getattr } for pid=4883 comm="ps" name="4544" dev=proc ino=297795586 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2773): avc: denied { getattr } for pid=4883 comm="ps" name="4591" dev=proc ino=300875778 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2774): avc: denied { getattr } for pid=4883 comm="ps" name="4593" dev=proc ino=301006850 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2775): avc: denied { getattr } for pid=4883 comm="ps" name="4594" dev=proc ino=301072386 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.509:2776): avc: denied { getattr } for pid=4883 comm="ps" name="4596" dev=proc ino=301203458 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2777): avc: denied { getattr } for pid=4883 comm="ps" name="4597" dev=proc ino=301268994 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2778): avc: denied { getattr } for pid=4883 comm="ps" name="4598" dev=proc ino=301334530 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2779): avc: denied { getattr } for pid=4883 comm="ps" name="4599" dev=proc ino=301400066 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2780): avc: denied { getattr } for pid=4883 comm="ps" name="4600" dev=proc ino=301465602 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2781): avc: denied { getattr } for pid=4883 comm="ps" name="4601" dev=proc ino=301531138 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2782): avc: denied { getattr } for pid=4883 comm="ps" name="4641" dev=proc ino=304152578 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2783): avc: denied { getattr } for pid=4883 comm="ps" name="4645" dev=proc ino=304414722 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2784): avc: denied { getattr } for pid=4883 comm="ps" name="4646" dev=proc ino=304480258 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2785): avc: denied { getattr } for pid=4883 comm="ps" name="4648" dev=proc ino=304611330 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2786): avc: denied { getattr } for pid=4883 comm="ps" name="4649" dev=proc ino=304676866 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2787): avc: denied { getattr } for pid=4883 comm="ps" name="4650" dev=proc ino=304742402 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2788): avc: denied { getattr } for pid=4883 comm="ps" name="4651" dev=proc ino=304807938 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2789): avc: denied { getattr } for pid=4883 comm="ps" name="4653" dev=proc ino=304939010 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2790): avc: denied { getattr } for pid=4883 comm="ps" name="4654" dev=proc ino=305004546 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2791): avc: denied { getattr } for pid=4883 comm="ps" name="4682" dev=proc ino=306839554 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_su_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2792): avc: denied { getattr } for pid=4883 comm="ps" name="4687" dev=proc ino=307167234 scontext=user_u:user_r:user_mozilla_t tcontext=root:sysadm_r:sysadm_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2793): avc: denied { getattr } for pid=4883 comm="ps" name="4733" dev=proc ino=310181890 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2794): avc: denied { getattr } for pid=4883 comm="ps" name="4786" dev=proc ino=313655298 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:system_r:crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2795): avc: denied { getattr } for pid=4883 comm="ps" name="4788" dev=proc ino=313786370 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.513:2796): avc: denied { getattr } for pid=4883 comm="ps" name="4789" dev=proc ino=313851906 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.517:2797): avc: denied { getattr } for pid=4883 comm="ps" name="4791" dev=proc ino=313982978 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.517:2798): avc: denied { getattr } for pid=4883 comm="ps" name="4792" dev=proc ino=314048514 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.517:2799): avc: denied { getattr } for pid=4883 comm="ps" name="4793" dev=proc ino=314114050 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.517:2800): avc: denied { getattr } for pid=4883 comm="ps" name="4794" dev=proc ino=314179586 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.517:2801): avc: denied { getattr } for pid=4883 comm="ps" name="4795" dev=proc ino=314245122 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.517:2802): avc: denied { getattr } for pid=4883 comm="ps" name="4796" dev=proc ino=314310658 scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_crond_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.517:2803): avc: denied { getattr } for pid=4883 comm="ps" name="4800" dev=proc ino=314572802 scontext=user_u:user_r:user_mozilla_t tcontext=root:sysadm_r:sysadm_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.517:2804): avc: denied { getattr } for pid=4883 comm="ps" name="4801" dev=proc ino=314638338 scontext=user_u:user_r:user_mozilla_t tcontext=root:sysadm_r:sysadm_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2807): avc: denied { read write } for pid=4881 comm="lpr" name="_CACHE_MAP_" dev=hda8 ino=727273 scontext=user_u:user_r:user_lpr_t tcontext=user_u:object_r:user_mozilla_home_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2808): avc: denied { read write } for pid=4881 comm="lpr" name="history.dat" dev=hda8 ino=323465 scontext=user_u:user_r:user_lpr_t tcontext=user_u:object_r:user_mozilla_home_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2809): avc: denied { read write } for pid=4881 comm="lpr" name="_CACHE_001_" dev=hda8 ino=727274 scontext=user_u:user_r:user_lpr_t tcontext=user_u:object_r:user_mozilla_home_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2810): avc: denied { read write } for pid=4881 comm="lpr" name="_CACHE_002_" dev=hda8 ino=727275 scontext=user_u:user_r:user_lpr_t tcontext=user_u:object_r:user_mozilla_home_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2811): avc: denied { read write } for pid=4881 comm="lpr" name="_CACHE_003_" dev=hda8 ino=727276 scontext=user_u:user_r:user_lpr_t tcontext=user_u:object_r:user_mozilla_home_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2812): avc: denied { read write } for pid=4881 comm="lpr" name="mixer" dev=tmpfs ino=4206 scontext=user_u:user_r:user_lpr_t tcontext=system_u:object_r:sound_device_t tclass=chr_file Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2813): avc: denied { read } for pid=4881 comm="lpr" name="XUL.mfasl" dev=hda8 ino=323401 scontext=user_u:user_r:user_lpr_t tcontext=user_u:object_r:user_mozilla_home_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2814): avc: denied { read write } for pid=4881 comm="lpr" name="7A1B3157d01" dev=hda8 ino=727747 scontext=user_u:user_r:user_lpr_t tcontext=user_u:object_r:user_mozilla_home_t tclass=file Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2815): avc: denied { read write } for pid=4881 comm="lpr" name="[14195]" dev=sockfs ino=14195 scontext=user_u:user_r:user_lpr_t tcontext=user_u:user_r:user_mozilla_t tclass=unix_stream_socket Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2816): avc: denied { read write } for pid=4881 comm="lpr" name="[14197]" dev=sockfs ino=14197 scontext=user_u:user_r:user_lpr_t tcontext=user_u:user_r:user_mozilla_t tclass=unix_stream_socket Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2817): avc: denied { siginh } for pid=4881 comm="lpr" scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_lpr_t tclass=process Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2818): avc: denied { rlimitinh } for pid=4881 comm="lpr" scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_lpr_t tclass=process Apr 23 10:57:26 workstation kernel: audit(1145786246.549:2819): avc: denied { noatsecure } for pid=4881 comm="lpr" scontext=user_u:user_r:user_mozilla_t tcontext=user_u:user_r:user_lpr_t tclass=process Apr 23 10:57:26 workstation kernel: audit(1145786246.557:2820): avc: denied { search } for pid=4881 comm="lpr" name="nscd" dev=hda7 ino=258574 scontext=user_u:user_r:user_lpr_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:26 workstation kernel: audit(1145786246.561:2821): avc: denied { search } for pid=4881 comm="lpr" name="nscd" dev=hda7 ino=258574 scontext=user_u:user_r:user_lpr_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:28 workstation kernel: audit(1145786247.997:2822): avc: denied { search } for pid=4881 comm="lpr" name="nscd" dev=hda7 ino=258574 scontext=user_u:user_r:user_lpr_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:28 workstation kernel: audit(1145786247.997:2823): avc: denied { search } for pid=4881 comm="lpr" name="nscd" dev=hda7 ino=258574 scontext=user_u:user_r:user_lpr_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:32 workstation kernel: audit(1145786252.002:2824): avc: denied { search } for pid=4893 comm="sh" name="nscd" dev=hda7 ino=258574 scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:32 workstation kernel: audit(1145786252.006:2825): avc: denied { search } for pid=4893 comm="sh" name="nscd" dev=hda7 ino=258574 scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:32 workstation kernel: audit(1145786252.070:2826): avc: denied { search } for pid=4893 comm="sh" name="nscd" dev=hda7 ino=258574 scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:32 workstation kernel: audit(1145786252.070:2827): avc: denied { search } for pid=4893 comm="sh" name="nscd" dev=hda7 ino=258574 scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:34 workstation kernel: audit(1145786254.714:2828): avc: denied { search } for pid=4896 comm="sh" name="nscd" dev=hda7 ino=258574 scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:34 workstation kernel: audit(1145786254.714:2829): avc: denied { search } for pid=4896 comm="sh" name="nscd" dev=hda7 ino=258574 scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:34 workstation kernel: audit(1145786254.730:2830): avc: denied { search } for pid=4898 comm="sh" name="nscd" dev=hda7 ino=258574 scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:34 workstation kernel: audit(1145786254.730:2831): avc: denied { search } for pid=4898 comm="sh" name="nscd" dev=hda7 ino=258574 scontext=system_u:system_r:cupsd_t tcontext=system_u:object_r:nscd_var_run_t tclass=dir Apr 23 10:57:42 workstation kernel: audit(1145786262.103:2832): avc: denied { name_connect } for pid=4199 comm="firefox-bin" dest=5000 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:object_r:port_t tclass=tcp_socket -- Ted Rule Director, Layer3 Systems Ltd W: http://www.layer3.co.uk/

17 years, 12 months

2
1
0 / 0

Add SELinux protection to Pure-FTPd

by Aurelien Bompard

Hi, I'm trying to add SELinux protection to Pure-FTPd. It's an FTP server, so labelling the binary to ftpd_t did 99% of the job ! Well done SELinux devs ! But this server has additional features, like the possibility to get its user list from MySQL, PostgreSQL or LDAP. So I've written this te file : ========================== module pureftpd 1.0; require { class dir { getattr search }; class file { read write }; class tcp_socket name_connect; class sock_file { getattr read write append ioctl lock }; class unix_stream_socket { read write connectto }; type ftpd_t; type initrc_var_run_t; type mysqld_port_t; type ldap_port_t; }; # Write to /var/run/utmp allow ftpd_t initrc_var_run_t:file { read write }; ### Allow connect to mysql # Network connect corenet_tcp_connect_mysqld_port(ftpd_t) # Socket file connect mysql_stream_connect(ftpd_t); mysql_rw_db_sockets(ftpd_t) ### Allow connect to postgresql # Network connect corenet_tcp_connect_postgresql_port(ftpd_t) # Socket file connect postgresql_stream_connect(ftpd_t) # Allow connect to ldap allow ftpd_t ldap_port_t:tcp_socket name_connect; ========================== I figured that out mainly by reading the policy source (mainly apache's), and with the help of the wiki : http://fedoraproject.org/wiki/SELinux/LoadableModules/Audit2allow explains how to let SpamAssassin connect to LDAP. I have a few questions: - Does this look OK to you ? - Is it better to use the macros ( like mysql_stream_connect(ftpd_t)) or to write the policies explicitely (allow ftpd_t mysqld_port_t:tcp_socket name_connect) ? - The apache policy source used the sysnet_use_ldap macro to let it access LDAP. It looks like it does much more and requires much more than the simple allow tcp_socket name_connect. Yet, this is the one advertised in the wiki. Which solution should I choose ? - I'll build the module in %install and load it in %post. Any preferred place for the .pp file ? /usr/share/pure-ftpd is OK, or would it be better to put it in /usr/share/selinux/targeted ? When this is verified, I'll add it to the wiki page (http://fedoraproject.org/wiki/Packaging/SELinux). Thanks a lot for your help ! Aurélien -- http://aurelien.bompard.org ~~~~ Jabber : abompard(a)jabber.fr For external use only

17 years, 12 months

4
7
0 / 0

enforcing reset to disabled on update

by Richard Hally

When I updated to the latest targeted policy (see below), the configuration was changed to disabled! This is the second update that has made this change. The previous policy update was the first time that has happened and was reported by both myself and Tom London. Apparently the change listed in the 04/26 rawhide report (also below) needs further attention. installed on an updated rawhide system: selinux-policy-2.2.35-2 selinux-policy-targeted-2.2.35-2 libselinux-devel-1.30.3-1 libselinux-python-1.30.3-1 selinux-doc-1.25.2-1 selinux-policy-mls-2.2.35-2 libselinux-1.30.3-1 selinux-policy-strict-2.2.35-2 selinux-policy-2.2.35-2 ----------------------- * Tue Apr 25 2006 James Antill <jantill(a)redhat.com> 2.2.35-2 - Add xm policy - Fix policygentool * Mon Apr 24 2006 Dan Walsh <dwalsh(a)redhat.com> 2.2.35-1 - Update to upstream - Fix postun to only disable selinux on full removal of the packages <-------

17 years, 12 months

3
3
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

selinux May 2006