-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 06/02/2012 02:13 PM, Vadym Chepkov wrote:
Hi,
I just upgraded to Fedora 17. I see these AVC on the console and dmesg output during the startup:
[ 10.617385] type=1400 audit(1338674944.983:4): avc: denied { create } for pid=472 comm="systemd-tmpfile" name="lp0" scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file [ 10.618270] type=1400 audit(1338674944.984:5): avc: denied { create } for pid=472 comm="systemd-tmpfile" name="lp1" scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file [ 10.619047] type=1400 audit(1338674944.985:6): avc: denied { create } for pid=472 comm="systemd-tmpfile" name="lp2" scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file [ 10.619769] type=1400 audit(1338674944.985:7): avc: denied { create } for pid=472 comm="systemd-tmpfile" name="lp3" scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file [ 10.648250] type=1400 audit(1338674945.014:8): avc: denied { read } for pid=472 comm="systemd-tmpfile" name="lock" dev="dm-3" ino=3764 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=lnk_file [ 10.648824] type=1400 audit(1338674945.014:9): avc: denied { read } for pid=472 comm="systemd-tmpfile" name="lock" dev="dm-3" ino=3764 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=lnk_file
Something I should be concerned about or can be safely ignored?
Thanks, Vadym=
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
You can safely ignore this as long as the devices are created with the correct label. With the latest policy this should be fixed.
ls -lZ /dev/lp* crw-rw----. root lp system_u:object_r:printer_device_t:s0 /dev/lp0 crw-rw----. root lp system_u:object_r:printer_device_t:s0 /dev/lp1 crw-rw----. root lp system_u:object_r:printer_device_t:s0 /dev/lp2 crw-rw----. root lp system_u:object_r:printer_device_t:s0 /dev/lp3