After updating audit today I get an error after udev is started that says that it can't connot to the audit system. I found this in the audit logs:
type=AVC msg=audit(1122549673.001:7418105): avc: denied { create } for pid=34 19 comm="hwclock" scontext=root:system_r:hwclock_t tcontext=root:system_r:hwcloc k_t tclass=netlink_audit_socket type=SYSCALL msg=audit(1122549673.001:7418105): arch=c000003e syscall=41 success =no exit=-13 a0=10 a1=3 a2=9 a3=42e8bfa9 items=0 pid=3419 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hwclock" exe="/sbin/hwclock"
this results in an incorrect clock (+2h) I am not using ntpd. Timezonesettings are correct and it worked fine after the update.
dragoran wrote:
After updating audit today I get an error after udev is started that says that it can't connot to the audit system. I found this in the audit logs:
type=AVC msg=audit(1122549673.001:7418105): avc: denied { create } for pid=34 19 comm="hwclock" scontext=root:system_r:hwclock_t tcontext=root:system_r:hwcloc k_t tclass=netlink_audit_socket type=SYSCALL msg=audit(1122549673.001:7418105): arch=c000003e syscall=41 success =no exit=-13 a0=10 a1=3 a2=9 a3=42e8bfa9 items=0 pid=3419 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hwclock" exe="/sbin/hwclock"
this results in an incorrect clock (+2h) I am not using ntpd. Timezonesettings are correct and it worked fine after the update.
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-selinux-list
setiing the clock with system-config-date works but I get this in the logs:
type=AVC msg=audit(1122550262.001:698688): avc: denied { create } for pid=3211 comm="hwclock" scontext=root:system_r:hwclock_t tcontext=root:system_r:hwclock_t tclass=netlink_audit_socket type=SYSCALL msg=audit(1122550262.001:698688): arch=c000003e syscall=41 success=no exit=-13 a0=10 a1=3 a2=9 a3=42e8c1f6 items=0 pid=3211 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="hwclock" exe="/sbin/hwclock"
and after reboot the time is incorrect again.
After updating audit today I get an error after udev is started that says that it can't connot to the audit system.
Are you sure that you didn't update util-linux, too? I did submit a patch to util-linux to make hwclock log its actions as this is required by CAPP. I guess that got pushed out.
-Steve
____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
On Thu, 2005-07-28 at 05:26 -0700, Steve G wrote:
After updating audit today I get an error after udev is started that says that it can't connot to the audit system.
Are you sure that you didn't update util-linux, too? I did submit a patch to util-linux to make hwclock log its actions as this is required by CAPP. I guess that got pushed out.
I get the same error and my clock is whacked too.
util-linux-2.12p-9.7 audit-0.9.19-2.FC4 audit-libs-0.9.19-2.FC4
type=SELINUX_ERR msg=audit(1122574921.986:5): SELinux: unrecognized netlink message type=1009 for sclass=49
[medieval@chaucer ~]$ audit2allow -d allow hwclock_t self:netlink_audit_socket create;
Bob
Bobby Kashani wrote:
On Thu, 2005-07-28 at 05:26 -0700, Steve G wrote:
After updating audit today I get an error after udev is started that says that it can't connot to the audit system.
Are you sure that you didn't update util-linux, too? I did submit a patch to util-linux to make hwclock log its actions as this is required by CAPP. I guess that got pushed out.
I get the same error and my clock is whacked too.
util-linux-2.12p-9.7 audit-0.9.19-2.FC4 audit-libs-0.9.19-2.FC4
type=SELINUX_ERR msg=audit(1122574921.986:5): SELinux: unrecognized netlink message type=1009 for sclass=49
[medieval@chaucer ~]$ audit2allow -d allow hwclock_t self:netlink_audit_socket create;
Bob
I filled a bugzilla for this https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164603 yes I updated util-linux too: util-linux-2.12p-9.7
dragoran wrote
Bobby Kashani wrote:
On Thu, 2005-07-28 at 05:26 -0700, Steve G wrote:
After updating audit today I get an error after udev is started that says that it can't connot to the audit system.
Are you sure that you didn't update util-linux, too? I did submit a patch to util-linux to make hwclock log its actions as this is required by CAPP. I guess that got pushed out.
I get the same error and my clock is whacked too.
util-linux-2.12p-9.7 audit-0.9.19-2.FC4 audit-libs-0.9.19-2.FC4
type=SELINUX_ERR msg=audit(1122574921.986:5): SELinux: unrecognized netlink message type=1009 for sclass=49
[medieval@chaucer ~]$ audit2allow -d allow hwclock_t self:netlink_audit_socket create;
Bob
I filled a bugzilla for this https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164603 yes I updated util-linux too: util-linux-2.12p-9.7
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-selinux-list
updating to selinux-policy-targeted from updates testing fixes this problem.
On Thursday 28 July 2005 22:26, Steve G linux_4ever@yahoo.com wrote:
After updating audit today I get an error after udev is started that says that it can't connot to the audit system.
Are you sure that you didn't update util-linux, too? I did submit a patch to util-linux to make hwclock log its actions as this is required by CAPP. I guess that got pushed out.
The hwclock in rawhide doesn't have that, so it seems that the update got in FC4 before Rawhide. :(
I've attached a policy patch against the rawhide policy to get things going again.
selinux@lists.fedoraproject.org