Hi, I recently updated my box to Fedora20.
I run my segatex program and got this error.
[root@localhost ~]# less /var/log/audit/audit.log|grep capability type=AVC msg=audit(1388174188.785:534): avc: denied { sys_resource } for pid=2819 comm="dbus-daemon" capability=24 scontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tclass=capability ////////////////////////////////////////////////////////////////////// And, here's SETtroubleshoot Details window says. ////////////////////////////////////////////////////////////////////// Additional Information: Source Context unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 Target Context unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 Target Objects [ capability ] Source dbus-daemon Source Path /usr/bin/dbus-daemon Port <Unknown> Host localhost.localdomain Source RPM Packages dbus-1.6.12-2.fc19.i686 Target RPM Packages Policy RPM selinux-policy-3.12.1-106.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name localhost.localdomain Platform Linux localhost.localdomain 3.11.10-301.fc20.i686+PAE #1 SMP Thu Dec 5 14:12:06 UTC 2013 i686 i686 Alert Count 1 First Seen 2013-12-28 04:56:28 JST Last Seen 2013-12-28 04:56:28 JST Local ID deb7259c-4795-48a1-a74f-61c331ddd21c
Raw Audit Messages type=AVC msg=audit(1388174188.785:534): avc: denied { sys_resource } for pid=2819 comm="dbus-daemon" capability=24 scontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tclass=capability
type=SYSCALL msg=audit(1388174188.785:534): arch=i386 syscall=setrlimit success=no exit=EPERM a0=7 a1=bfd61e28 a2=b7594000 a3=b8d8cee0 items=0 ppid=1 pid=2819 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=1 tty=(none) comm=dbus-daemon exe=/usr/bin/dbus-daemon subj=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 key=(null)
Hash: dbus-daemon,segatex_t,segatex_t,capability,sys_resource ////////////////////////////////////////////////////// Is it just complaining for the more use for the resource?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 12/27/2013 03:48 PM, Shintaro Fujiwara wrote:
Hi, I recently updated my box to Fedora20.
I run my segatex program and got this error.
[root@localhost ~]# less /var/log/audit/audit.log|grep capability type=AVC msg=audit(1388174188.785:534): avc: denied { sys_resource } for pid=2819 comm="dbus-daemon" capability=24 scontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tclass=capability ////////////////////////////////////////////////////////////////////// And, here's SETtroubleshoot Details window says. ////////////////////////////////////////////////////////////////////// Additional Information: Source Context unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 Target Context unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 Target Objects [ capability ] Source dbus-daemon Source Path /usr/bin/dbus-daemon Port <Unknown> Host localhost.localdomain Source RPM Packages dbus-1.6.12-2.fc19.i686 Target RPM Packages Policy RPM selinux-policy-3.12.1-106.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name localhost.localdomain Platform Linux localhost.localdomain 3.11.10-301.fc20.i686+PAE #1 SMP Thu Dec 5 14:12:06 UTC 2013 i686 i686 Alert Count 1 First Seen 2013-12-28 04:56:28 JST Last Seen 2013-12-28 04:56:28 JST Local ID deb7259c-4795-48a1-a74f-61c331ddd21c
Raw Audit Messages type=AVC msg=audit(1388174188.785:534): avc: denied { sys_resource } for pid=2819 comm="dbus-daemon" capability=24 scontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tclass=capability
type=SYSCALL msg=audit(1388174188.785:534): arch=i386 syscall=setrlimit success=no exit=EPERM a0=7 a1=bfd61e28 a2=b7594000 a3=b8d8cee0 items=0 ppid=1 pid=2819 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=1 tty=(none) comm=dbus-daemon exe=/usr/bin/dbus-daemon subj=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 key=(null)
Hash: dbus-daemon,segatex_t,segatex_t,capability,sys_resource ////////////////////////////////////////////////////// Is it just complaining for the more use for the resource?
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
This indicates your system is running out of resources like MAX Processes or MAX FD's.
Thank you, sir.
I understood it's a problem typical on my box. I will not write a policy for it this time.
2014/1/3 Daniel J Walsh dwalsh@redhat.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 12/27/2013 03:48 PM, Shintaro Fujiwara wrote:
Hi, I recently updated my box to Fedora20.
I run my segatex program and got this error.
[root@localhost ~]# less /var/log/audit/audit.log|grep capability
type=AVC
msg=audit(1388174188.785:534): avc: denied { sys_resource } for
pid=2819
comm="dbus-daemon" capability=24 scontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tclass=capability //////////////////////////////////////////////////////////////////////
And,
here's SETtroubleshoot Details window says. ////////////////////////////////////////////////////////////////////// Additional Information: Source Context unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 Target Context unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 Target Objects [ capability ] Source dbus-daemon Source Path /usr/bin/dbus-daemon Port <Unknown> Host localhost.localdomain Source RPM Packages dbus-1.6.12-2.fc19.i686 Target RPM Packages Policy RPM selinux-policy-3.12.1-106.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name localhost.localdomain Platform Linux localhost.localdomain 3.11.10-301.fc20.i686+PAE #1 SMP Thu Dec 5 14:12:06 UTC 2013 i686 i686 Alert Count 1 First Seen 2013-12-28 04:56:28 JST Last Seen 2013-12-28 04:56:28 JST Local ID deb7259c-4795-48a1-a74f-61c331ddd21c
Raw Audit Messages type=AVC msg=audit(1388174188.785:534): avc: denied
{
sys_resource } for pid=2819 comm="dbus-daemon" capability=24 scontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 tclass=capability
type=SYSCALL msg=audit(1388174188.785:534): arch=i386 syscall=setrlimit success=no exit=EPERM a0=7 a1=bfd61e28 a2=b7594000 a3=b8d8cee0 items=0 ppid=1 pid=2819 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=1 tty=(none) comm=dbus-daemon exe=/usr/bin/dbus-daemon subj=unconfined_u:unconfined_r:segatex_t:s0-s0:c0.c1023 key=(null)
Hash: dbus-daemon,segatex_t,segatex_t,capability,sys_resource ////////////////////////////////////////////////////// Is it just complaining for the more use for the resource?
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
This indicates your system is running out of resources like MAX Processes or MAX FD's. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlLFiawACgkQrlYvE4MpobMEYwCfWPDQbr7EIApikpr8we8zT4oU fREAoJTPBoNMz/JfyP35iiSKwqilK+/m =3Lxn -----END PGP SIGNATURE-----
selinux@lists.fedoraproject.org