6:03 p.m.
Dear all,
I have resolved one problem(Not getting internet at startup by default), but have not
fixed the crontab one and other(s):
This one does not go away :(
Summary:
SELinux is preventing crontab (admin_crontab_t) "read write" unconfined_t.
Detailed Description:
SELinux denied access requested by crontab. It is not expected that this access
is required by crontab and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0
.c1023
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects socket [ unix_stream_socket ]
Source crontab
Source Path /usr/bin/crontab
Port <Unknown>
Host riohigh
Source RPM Packages cronie-1.2-7.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 177
First Seen Mon 02 Mar 2009 07:11:37 PM CST
Last Seen Wed 25 Mar 2009 04:57:03 PM CST
Local ID 3883b140-4d39-40f5-9262-ce2c4c4e2e16
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53528]" dev=sockfs ino=53528
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=SYSCALL msg=audit(1238021823.376:68): arch=40000003 syscall=11
success=yes exit=0 a0=9fcb5c8 a1=9fcbd10 a2=9fb5ae0 a3=9fcbd10 items=0 ppid=4295 pid=4331
auid=500 uid=500 gid=500 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=2
comm="crontab" exe="/usr/bin/crontab"
subj=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023 key=(null)
I can't modify my crontab file:
[olivares@riohigh ~]$ crontab -l
Authentication service cannot retrieve authentication info
You (olivares) are not allowed to access to (crontab) because of pam configuration.
[olivares@riohigh ~]$
if I disable selinux, I can modify it and view it, but not with selinux enabled.
I got greeted with the following:
Summary:
SELinux is preventing access to files with the default label, default_t.
Detailed Description:
SELinux permission checks on files labeled default_t are being denied. These
files/directories have the default label on them. This can indicate a labeling
problem, especially if the files being referred to are not top level
directories. Any files/directories under standard system directories, /usr,
/var. /dev, /tmp, ..., should not be labeled with the default label. The default
label is for files/directories which do not have a label on a parent directory.
So if you create a new directory in / you might legitimately get this label.
Allowing Access:
If you want a confined domain to use these files you will probably need to
relabel the file/directory with chcon. In some cases it is just easier to
relabel the system, to relabel execute: "touch /.autorelabel; reboot"
Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:default_t:s0
Target Objects /.kde [ dir ]
Source kde4-config
Source Path /usr/bin/kde4-config
Port <Unknown>
Host riohigh
Source RPM Packages kdelibs-4.2.1-4.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name default
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 7
First Seen Wed 25 Mar 2009 04:38:14 PM CST
Last Seen Wed 25 Mar 2009 04:38:14 PM CST
Local ID d3d42e40-6a28-48cf-8717-b85579c55bad
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238020694.487:40): avc: denied { getattr } for
pid=2434 comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
node=riohigh type=SYSCALL msg=audit(1238020694.487:40): arch=40000003 syscall=196
success=no exit=-13 a0=bfc3730b a1=bfc37258 a2=a12ff4 a3=a036c59 items=0 ppid=2433
pid=2434 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=4294967295 comm="kde4-config"
exe="/usr/bin/kde4-config" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023
key=(null)
Summary:
SELinux is preventing access to files with the default label, default_t.
Detailed Description:
SELinux permission checks on files labeled default_t are being denied. These
files/directories have the default label on them. This can indicate a labeling
problem, especially if the files being referred to are not top level
directories. Any files/directories under standard system directories, /usr,
/var. /dev, /tmp, ..., should not be labeled with the default label. The default
label is for files/directories which do not have a label on a parent directory.
So if you create a new directory in / you might legitimately get this label.
Allowing Access:
If you want a confined domain to use these files you will probably need to
relabel the file/directory with chcon. In some cases it is just easier to
relabel the system, to relabel execute: "touch /.autorelabel; reboot"
Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:default_t:s0
Target Objects .kde [ dir ]
Source kde4-config
Source Path /usr/bin/kde4-config
Port <Unknown>
Host riohigh
Source RPM Packages kdelibs-4.2.1-4.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name default
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 23
First Seen Wed 25 Mar 2009 04:38:14 PM CST
Last Seen Wed 25 Mar 2009 04:38:14 PM CST
Local ID 711eec22-2695-4e57-91ad-622e9c5f3b53
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238020694.489:42): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
node=riohigh type=SYSCALL msg=audit(1238020694.489:42): arch=40000003 syscall=196
success=no exit=-13 a0=a036c58 a1=bfc37230 a2=a12ff4 a3=a031250 items=0 ppid=2433 pid=2434
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="kde4-config" exe="/usr/bin/kde4-config"
subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
Startup did not take the 20 seconds, it took like 8 to 10 minutes with the relabeling and
still see the same things. Is there an update that will fix this or do I have to disable
selinux or boot in permissive in order to have a working machine.
Please help this is no longer fun as it once was.
Regards,
Antonio
7:39 a.m.
On 03/25/2009 07:03 PM, Antonio Olivares wrote:
Dear all,
I have resolved one problem(Not getting internet at startup by default), but have not
fixed the crontab one and other(s):
This one does not go away :(
Summary:
SELinux is preventing crontab (admin_crontab_t) "read write" unconfined_t.
Detailed Description:
SELinux denied access requested by crontab. It is not expected that this access
is required by crontab and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0
.c1023
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects socket [ unix_stream_socket ]
Source crontab
Source Path /usr/bin/crontab
Port<Unknown>
Host riohigh
Source RPM Packages cronie-1.2-7.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 177
First Seen Mon 02 Mar 2009 07:11:37 PM CST
Last Seen Wed 25 Mar 2009 04:57:03 PM CST
Local ID 3883b140-4d39-40f5-9262-ce2c4c4e2e16
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53528]" dev=sockfs ino=53528
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=SYSCALL msg=audit(1238021823.376:68): arch=40000003 syscall=11
success=yes exit=0 a0=9fcb5c8 a1=9fcbd10 a2=9fb5ae0 a3=9fcbd10 items=0 ppid=4295 pid=4331
auid=500 uid=500 gid=500 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=2
comm="crontab" exe="/usr/bin/crontab"
subj=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023 key=(null)
I can't modify my crontab file:
[olivares@riohigh ~]$ crontab -l
Authentication service cannot retrieve authentication info
You (olivares) are not allowed to access to (crontab) because of pam configuration.
[olivares@riohigh ~]$
if I disable selinux, I can modify it and view it, but not with selinux enabled.
I got greeted with the following:
Summary:
SELinux is preventing access to files with the default label, default_t.
Detailed Description:
SELinux permission checks on files labeled default_t are being denied. These
files/directories have the default label on them. This can indicate a labeling
problem, especially if the files being referred to are not top level
directories. Any files/directories under standard system directories, /usr,
/var. /dev, /tmp, ..., should not be labeled with the default label. The default
label is for files/directories which do not have a label on a parent directory.
So if you create a new directory in / you might legitimately get this label.
Allowing Access:
If you want a confined domain to use these files you will probably need to
relabel the file/directory with chcon. In some cases it is just easier to
relabel the system, to relabel execute: "touch /.autorelabel; reboot"
Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:default_t:s0
Target Objects /.kde [ dir ]
Source kde4-config
Source Path /usr/bin/kde4-config
Port<Unknown>
Host riohigh
Source RPM Packages kdelibs-4.2.1-4.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name default
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 7
First Seen Wed 25 Mar 2009 04:38:14 PM CST
Last Seen Wed 25 Mar 2009 04:38:14 PM CST
Local ID d3d42e40-6a28-48cf-8717-b85579c55bad
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238020694.487:40): avc: denied { getattr } for
pid=2434 comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
node=riohigh type=SYSCALL msg=audit(1238020694.487:40): arch=40000003 syscall=196
success=no exit=-13 a0=bfc3730b a1=bfc37258 a2=a12ff4 a3=a036c59 items=0 ppid=2433
pid=2434 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=4294967295 comm="kde4-config"
exe="/usr/bin/kde4-config" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023
key=(null)
Summary:
SELinux is preventing access to files with the default label, default_t.
Detailed Description:
SELinux permission checks on files labeled default_t are being denied. These
files/directories have the default label on them. This can indicate a labeling
problem, especially if the files being referred to are not top level
directories. Any files/directories under standard system directories, /usr,
/var. /dev, /tmp, ..., should not be labeled with the default label. The default
label is for files/directories which do not have a label on a parent directory.
So if you create a new directory in / you might legitimately get this label.
Allowing Access:
If you want a confined domain to use these files you will probably need to
relabel the file/directory with chcon. In some cases it is just easier to
relabel the system, to relabel execute: "touch /.autorelabel; reboot"
Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:default_t:s0
Target Objects .kde [ dir ]
Source kde4-config
Source Path /usr/bin/kde4-config
Port<Unknown>
Host riohigh
Source RPM Packages kdelibs-4.2.1-4.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name default
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 23
First Seen Wed 25 Mar 2009 04:38:14 PM CST
Last Seen Wed 25 Mar 2009 04:38:14 PM CST
Local ID 711eec22-2695-4e57-91ad-622e9c5f3b53
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238020694.489:42): avc: denied { search } for
pid=2434 comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
node=riohigh type=SYSCALL msg=audit(1238020694.489:42): arch=40000003 syscall=196
success=no exit=-13 a0=a036c58 a1=bfc37230 a2=a12ff4 a3=a031250 items=0 ppid=2433 pid=2434
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="kde4-config" exe="/usr/bin/kde4-config"
subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
Startup did not take the 20 seconds, it took like 8 to 10 minutes with the relabeling and
still see the same things. Is there an update that will fix this or do I have to disable
selinux or boot in permissive in order to have a working machine.
Please help this is no longer fun as it once was.
Regards,
Antonio
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
The kde read/writing to /.kde is a kde bug/ kdm should have a home
directory that we could give access to, not /. I have this setup and
although it genetates AVC's I am able to login fine. Although gdm
works better.
If you want to get rid of these avc's you could execute.
# semanage fcontext -a -t xdm_var_run_t '/\.kde(/.*)?'
# restorecon -R -v /.kde
Running crontab -e as root, problem is also a kdebase/konsole problem of
leaked file descriptors. If you do an ls /proc/self/fd in the konsole
you will see a whole bunch of file descriptors that have been leaked to
the konsole. When you start a confined domain from the console SELinux
reports these leaked file descriptors and closes them.
ls -l /proc/self/fd
should show something like
# ls -l /proc/self/fd
total 0
lr-x------. 1 root root 64 2009-03-26 08:31 0 -> /dev/pts/4
lrwx------. 1 root root 64 2009-03-26 08:31 1 -> /dev/pts/4
lrwx------. 1 root root 64 2009-03-26 08:31 2 -> /dev/pts/4
lr-x------. 1 root root 64 2009-03-26 08:31 3 -> /proc/32759/fd
Which are three fd's to the terminal and one to the directory you are
listing.
I see no avc that would break crontab -e?
[olivares@riohigh ~]$ crontab -l
Authentication service cannot retrieve authentication info
You (olivares) are not allowed to access to (crontab) because of pam
configuration.
Looks like you are running this as a normal user? Or are you running as
root?
I can not get this to happen on my machine, so I think it might be
something about the way you have pam setup? Do you have anything
special setup in pam?
9:55 a.m.
The kde read/writing to /.kde is a kde bug/ kdm should
have a home
directory that we could give access to, not /. I have this
setup and
although it genetates AVC's I am able to login fine.
Although gdm
works better.
If you want to get rid of these avc's you could
execute.
# semanage fcontext -a -t xdm_var_run_t
'/\.kde(/.*)?'
# restorecon -R -v /.kde
Running crontab -e as root, problem is also a
kdebase/konsole problem of
leaked file descriptors. If you do an ls /proc/self/fd in
the konsole
you will see a whole bunch of file descriptors that have
been leaked to
the konsole. When you start a confined domain from the
console SELinux
reports these leaked file descriptors and closes them.
ls -l /proc/self/fd
should show something like
# ls -l /proc/self/fd
total 0
lr-x------. 1 root root 64 2009-03-26 08:31 0 ->
/dev/pts/4
lrwx------. 1 root root 64 2009-03-26 08:31 1 ->
/dev/pts/4
lrwx------. 1 root root 64 2009-03-26 08:31 2 ->
/dev/pts/4
lr-x------. 1 root root 64 2009-03-26 08:31 3 ->
/proc/32759/fd
Which are three fd's to the terminal and one to the
directory you are
listing.
I see no avc that would break crontab -e?
The avc denies crontab to display it and
therefore the error. This happens on two machines running rawhide since the third one
broke down :(. I can't test it there :(
[olivares@riohigh ~]$ crontab -l
Authentication service cannot retrieve authentication info
You (olivares) are not allowed to access to (crontab)
because of pam
configuration.
Looks like you are running this as a normal user? Or are
you running as
root?
Normal user, even root can't edit crontab because the authority is denied
:(, yes pam configuration :)
I can not get this to happen on my machine, so I think it
might be
something about the way you have pam setup? Do you have
anything
special setup in pam?
No, just regular default setup as it comes. Nothing special
set aside.
Will try to apply the changes and report back. Thanks for helping out.
Regards,
Antonio
10:43 a.m.
Antonio Olivares wrote:
> The kde read/writing to /.kde is a kde bug/ kdm should
> have a home
> directory that we could give access to, not /. I have this
> setup and
> although it genetates AVC's I am able to login fine.
> Although gdm
> works better.
>
> If you want to get rid of these avc's you could
> execute.
>
> # semanage fcontext -a -t xdm_var_run_t
> '/\.kde(/.*)?'
> # restorecon -R -v /.kde
>
> Running crontab -e as root, problem is also a
> kdebase/konsole problem of
> leaked file descriptors. If you do an ls /proc/self/fd in
> the konsole
> you will see a whole bunch of file descriptors that have
> been leaked to
> the konsole. When you start a confined domain from the
> console SELinux
> reports these leaked file descriptors and closes them.
>
> ls -l /proc/self/fd
>
> should show something like
>
> # ls -l /proc/self/fd
> total 0
> lr-x------. 1 root root 64 2009-03-26 08:31 0 ->
> /dev/pts/4
> lrwx------. 1 root root 64 2009-03-26 08:31 1 ->
> /dev/pts/4
> lrwx------. 1 root root 64 2009-03-26 08:31 2 ->
> /dev/pts/4
> lr-x------. 1 root root 64 2009-03-26 08:31 3 ->
> /proc/32759/fd
>
> Which are three fd's to the terminal and one to the
> directory you are
> listing.
>
> I see no avc that would break crontab -e?
The avc denies crontab to display it and therefore the error. This happens on two
machines running rawhide since the third one broke down :(. I can't test it there :(
>
> [olivares@riohigh ~]$ crontab -l
>
> Authentication service cannot retrieve authentication info
> You (olivares) are not allowed to access to (crontab)
> because of pam
> configuration.
>
> Looks like you are running this as a normal user? Or are
> you running as
> root?
Normal user, even root can't edit crontab because the authority is denied :(, yes pam
configuration :)
>
> I can not get this to happen on my machine, so I think it
> might be
> something about the way you have pam setup? Do you have
> anything
> special setup in pam?
No, just regular default setup as it comes. Nothing special set aside.
I can confirm the same behavior when trying to run "crontab -l" or "crontab
-e"
both as non-root and root user.
Authentication service cannot retrieve authentication info
You (rnichols) are not allowed to access to (crontab) because of pam configuration.
OR
Authentication service cannot retrieve authentication info
You (root) are not allowed to access to (crontab) because of pam configuration.
The problem goes away when running in permissive mode. Regardless of permissive
vs. enforcing mode, no AVCs are logged. No changes have been made to the
rawhide SELinux or PAM configurations. I do see this message logged in
/var/log/secure for each unsuccessful attempt:
crontab: pam_unix(crond:account): helper binary execve failed: Permission denied
selinux-policy-3.6.8-3.fc11.noarch
selinux-policy-targeted-3.6.8-3.fc11.noarch
authconfig-5.4.7-2.fc11.i586
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
6:54 a.m.
On 03/26/2009 11:43 AM, Robert Nichols wrote:
Antonio Olivares wrote:
>
>> The kde read/writing to /.kde is a kde bug/ kdm should
>> have a home directory that we could give access to, not /. I have this
>> setup and although it genetates AVC's I am able to login fine.
>> Although gdm works better.
>>
>> If you want to get rid of these avc's you could
>> execute.
>>
>> # semanage fcontext -a -t xdm_var_run_t
>> '/\.kde(/.*)?'
>> # restorecon -R -v /.kde
>>
>> Running crontab -e as root, problem is also a
>> kdebase/konsole problem of leaked file descriptors. If you do an ls
>> /proc/self/fd in
>> the konsole you will see a whole bunch of file descriptors that have
>> been leaked to the konsole. When you start a confined domain from the
>> console SELinux reports these leaked file descriptors and closes them.
>>
>> ls -l /proc/self/fd
>>
>> should show something like
>>
>> # ls -l /proc/self/fd
>> total 0
>> lr-x------. 1 root root 64 2009-03-26 08:31 0 ->
>> /dev/pts/4
>> lrwx------. 1 root root 64 2009-03-26 08:31 1 ->
>> /dev/pts/4
>> lrwx------. 1 root root 64 2009-03-26 08:31 2 ->
>> /dev/pts/4
>> lr-x------. 1 root root 64 2009-03-26 08:31 3 ->
>> /proc/32759/fd
>>
>> Which are three fd's to the terminal and one to the
>> directory you are listing.
>>
>> I see no avc that would break crontab -e?
> The avc denies crontab to display it and therefore the error. This
> happens on two machines running rawhide since the third one broke down
> :(. I can't test it there :(
>>
>> [olivares@riohigh ~]$ crontab -l
>>
>> Authentication service cannot retrieve authentication info
>> You (olivares) are not allowed to access to (crontab)
>> because of pam configuration.
>>
>> Looks like you are running this as a normal user? Or are
>> you running as root?
> Normal user, even root can't edit crontab because the authority is
> denied :(, yes pam configuration :)
>>
>> I can not get this to happen on my machine, so I think it
>> might be something about the way you have pam setup? Do you have
>> anything special setup in pam?
> No, just regular default setup as it comes. Nothing special set aside.
I can confirm the same behavior when trying to run "crontab -l" or
"crontab -e"
both as non-root and root user.
Authentication service cannot retrieve authentication info
You (rnichols) are not allowed to access to (crontab) because of pam
configuration.
OR
Authentication service cannot retrieve authentication info
You (root) are not allowed to access to (crontab) because of pam
configuration.
The problem goes away when running in permissive mode. Regardless of
permissive
vs. enforcing mode, no AVCs are logged. No changes have been made to the
rawhide SELinux or PAM configurations. I do see this message logged in
/var/log/secure for each unsuccessful attempt:
crontab: pam_unix(crond:account): helper binary execve failed:
Permission denied
selinux-policy-3.6.8-3.fc11.noarch
selinux-policy-targeted-3.6.8-3.fc11.noarch
authconfig-5.4.7-2.fc11.i586
Do you see an SELINUX_ERR in /var/log/audit/audit.log?
WHat does id -Z show?
Could you try
# semodule -DB
Then look for avcs about cron.
7:13 a.m.
--- On Fri, 3/27/09, Daniel J Walsh <dwalsh(a)redhat.com> wrote:
From: Daniel J Walsh <dwalsh(a)redhat.com>
Subject: Re: selinux does not like crontab :(, default_t, kde
To: "Robert Nichols" <rnicholsNOSPAM(a)comcast.net>, "Antonio
Olivares" <olivares14031(a)yahoo.com>, Fedora-SELinux-List(a)redhat.com
Date: Friday, March 27, 2009, 4:54 AM
On 03/26/2009 11:43 AM, Robert Nichols wrote:
> Antonio Olivares wrote:
>>
>>> The kde read/writing to /.kde is a kde bug/
kdm should
>>> have a home directory that we could give
access to, not /. I have this
>>> setup and although it genetates AVC's I am
able to login fine.
>>> Although gdm works better.
>>>
>>> If you want to get rid of these avc's you
could
>>> execute.
>>>
>>> # semanage fcontext -a -t xdm_var_run_t
>>> '/\.kde(/.*)?'
>>> # restorecon -R -v /.kde
>>>
>>> Running crontab -e as root, problem is also a
>>> kdebase/konsole problem of leaked file
descriptors. If you do an ls
>>> /proc/self/fd in
>>> the konsole you will see a whole bunch of file
descriptors that have
>>> been leaked to the konsole. When you start a
confined domain from the
>>> console SELinux reports these leaked file
descriptors and closes them.
>>>
>>> ls -l /proc/self/fd
>>>
>>> should show something like
>>>
>>> # ls -l /proc/self/fd
>>> total 0
>>> lr-x------. 1 root root 64 2009-03-26 08:31 0
->
>>> /dev/pts/4
>>> lrwx------. 1 root root 64 2009-03-26 08:31 1
->
>>> /dev/pts/4
>>> lrwx------. 1 root root 64 2009-03-26 08:31 2
->
>>> /dev/pts/4
>>> lr-x------. 1 root root 64 2009-03-26 08:31 3
->
>>> /proc/32759/fd
>>>
>>> Which are three fd's to the terminal and
one to the
>>> directory you are listing.
>>>
>>> I see no avc that would break crontab -e?
>> The avc denies crontab to display it and therefore
the error. This
>> happens on two machines running rawhide since the
third one broke down
>> :(. I can't test it there :(
>>>
>>> [olivares@riohigh ~]$ crontab -l
>>>
>>> Authentication service cannot retrieve
authentication info
>>> You (olivares) are not allowed to access to
(crontab)
>>> because of pam configuration.
>>>
>>> Looks like you are running this as a normal
user? Or are
>>> you running as root?
>> Normal user, even root can't edit crontab
because the authority is
>> denied :(, yes pam configuration :)
>>>
>>> I can not get this to happen on my machine, so
I think it
>>> might be something about the way you have pam
setup? Do you have
>>> anything special setup in pam?
>> No, just regular default setup as it comes.
Nothing special set aside.
>
> I can confirm the same behavior when trying to run
"crontab -l" or
> "crontab -e"
> both as non-root and root user.
>
> Authentication service cannot retrieve authentication
info
> You (rnichols) are not allowed to access to (crontab)
because of pam
> configuration.
>
> OR
>
> Authentication service cannot retrieve authentication
info
> You (root) are not allowed to access to (crontab)
because of pam
> configuration.
>
> The problem goes away when running in permissive mode.
Regardless of
> permissive
> vs. enforcing mode, no AVCs are logged. No changes
have been made to the
> rawhide SELinux or PAM configurations. I do see this
message logged in
> /var/log/secure for each unsuccessful attempt:
>
> crontab: pam_unix(crond:account): helper binary execve
failed:
> Permission denied
>
> selinux-policy-3.6.8-3.fc11.noarch
> selinux-policy-targeted-3.6.8-3.fc11.noarch
> authconfig-5.4.7-2.fc11.i586
>
Do you see an SELINUX_ERR in /var/log/audit/audit.log?
WHat does id -Z show?
Could you try
# semodule -DB
Then look for avcs about cron.
In applying the fixes, I got back another sealert denying me the right to change it :(
[olivares@riohigh ~]$ su -
Password:
[root@riohigh ~]# semanage fcontext -a -t xdm_var_run_t '/\.kde(/.*)?'
[root@riohigh ~]# restorecon -R -v /.kde
restorecon reset /.kde context
system_u:object_r:default_t:s0->system_u:object_r:xdm_var_run_t:s0
restorecon reset /.kde/share context
system_u:object_r:default_t:s0->system_u:object_r:xdm_var_run_t:s0
restorecon reset /.kde/share/config context
system_u:object_r:default_t:s0->system_u:object_r:xdm_var_run_t:s0
You have new mail in /var/spool/mail/root
[root@riohigh ~]#
[olivares@riohigh ~]$ ls -l /proc/self/fd
total 0
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 0 -> /dev/pts/2
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 1 -> /dev/pts/2
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 10 -> socket:[18111]
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 11 -> socket:[18111]
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 14 -> socket:[18111]
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 15 -> socket:[18111]
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 17 -> socket:[18111]
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 2 -> /dev/pts/2
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 20 -> socket:[18111]
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 21 -> socket:[18111]
lr-x------. 1 olivares olivares 64 2009-03-27 06:08 3 -> /proc/3853/fd
lrwx------. 1 olivares olivares 64 2009-03-27 06:08 9 -> socket:[18418]
[olivares@riohigh ~]$
[root@riohigh ~]# ls -l /proc/self/fd
total 0
lrwx------. 1 root root 64 2009-03-27 06:08 0 -> /dev/pts/1
lrwx------. 1 root root 64 2009-03-27 06:08 1 -> /dev/pts/1
lrwx------. 1 root root 64 2009-03-27 06:08 2 -> /dev/pts/1
lrwx------. 1 root root 64 2009-03-27 06:08 20 -> socket:[18111]
lrwx------. 1 root root 64 2009-03-27 06:08 21 -> socket:[18111]
lr-x------. 1 root root 64 2009-03-27 06:08 3 -> /proc/3819/fd
[root@riohigh ~]#
Summary:
SELinux is preventing restorecon (setfiles_t) "read write" unconfined_t.
Detailed Description:
SELinux denied access requested by restorecon. It is not expected that this
access is required by restorecon and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c102
3
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects socket [ unix_stream_socket ]
Source restorecon
Source Path /sbin/setfiles
Port <Unknown>
Host riohigh
Source RPM Packages policycoreutils-2.0.62-4.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 2
First Seen Fri 27 Mar 2009 06:03:21 AM CST
Last Seen Fri 27 Mar 2009 06:03:21 AM CST
Local ID 280758b9-8eca-415e-9097-612ca0d9651f
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238155401.283:63): avc: denied { read write } for
pid=3738 comm="restorecon" path="socket:[18111]" dev=sockfs ino=18111
scontext=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238155401.283:63): avc: denied { read write } for
pid=3738 comm="restorecon" path="socket:[18111]" dev=sockfs ino=18111
scontext=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=SYSCALL msg=audit(1238155401.283:63): arch=40000003 syscall=11
success=yes exit=0 a0=9533b00 a1=95336d8 a2=9534bc0 a3=95336d8 items=0 ppid=3630 pid=3738
auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1
comm="restorecon" exe="/sbin/setfiles"
subj=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023 key=(null)
[root@riohigh ~]# cat /var/log/audit/audit.log | grep 'avc'
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17513]" dev=sockfs ino=17513
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931620.198:52): avc: denied { read write } for pid=4120
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17513]" dev=sockfs ino=17513
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237931623.442:55): avc: denied { read write } for pid=4122
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17513]" dev=sockfs ino=17513
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932293.691:69): avc: denied { read write } for pid=5166
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17513]" dev=sockfs ino=17513
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932297.181:72): avc: denied { read write } for pid=5170
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932306.888:79): avc: denied { read write } for pid=5219
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932306.888:79): avc: denied { read write } for pid=5219
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17513]" dev=sockfs ino=17513
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932632.246:82): avc: denied { read write } for pid=5357
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17513]" dev=sockfs ino=17513
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237932637.221:85): avc: denied { read write } for pid=5361
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17513]" dev=sockfs ino=17513
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937447.164:116): avc: denied { read write } for pid=7298
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17513]" dev=sockfs ino=17513
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237937449.632:119): avc: denied { read write } for pid=7300
comm="crontab" path="socket:[17209]" dev=sockfs ino=17209
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1237996117.239:8): avc: denied { create } for pid=2408
comm="kde4-config" name=".kde"
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:root_t:s0
tclass=dir
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181854]" dev=sockfs ino=181854
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017872.171:71): avc: denied { read write } for pid=13038
comm="crontab" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017888.596:78): avc: denied { read write } for pid=13093
comm="dhclient" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017888.596:78): avc: denied { read write } for pid=13093
comm="dhclient" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017888.596:78): avc: denied { read write } for pid=13093
comm="dhclient" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017888.596:78): avc: denied { read write } for pid=13093
comm="dhclient" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238017888.596:78): avc: denied { read write } for pid=13093
comm="dhclient" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181854]" dev=sockfs ino=181854
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238018048.157:79): avc: denied { read write } for pid=13241
comm="at" path="socket:[181488]" dev=sockfs ino=181488
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238020694.347:13): avc: denied { getattr } for pid=2434
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.348:14): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.348:15): avc: denied { getattr } for pid=2434
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.348:16): avc: denied { getattr } for pid=2434
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.355:17): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.356:18): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.356:19): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.356:20): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.357:21): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.357:22): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.357:23): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.357:24): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.358:25): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.358:26): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.358:27): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.358:28): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.359:29): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.359:30): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.359:31): avc: denied { getattr } for pid=2434
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.383:32): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.397:33): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.425:34): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.432:35): avc: denied { getattr } for pid=2434
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.481:36): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.482:37): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.486:38): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.486:39): avc: denied { getattr } for pid=2434
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.487:40): avc: denied { getattr } for pid=2434
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.488:41): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238020694.489:42): avc: denied { search } for pid=2434
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53528]" dev=sockfs ino=53528
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for pid=4331
comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238106483.931:8): avc: denied { getattr } for pid=2414
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.932:9): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.932:10): avc: denied { getattr } for pid=2414
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.933:11): avc: denied { getattr } for pid=2414
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.951:12): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.951:13): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.952:14): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.952:15): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.952:16): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.952:17): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.953:18): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.953:19): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.953:20): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.954:21): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.954:22): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.954:23): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.954:24): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.955:25): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.955:26): avc: denied { getattr } for pid=2414
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106483.959:27): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.005:28): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.021:29): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.060:30): avc: denied { getattr } for pid=2414
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.122:31): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.142:32): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.147:33): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.148:34): avc: denied { getattr } for pid=2414
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.148:35): avc: denied { getattr } for pid=2414
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.180:36): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106484.181:37): avc: denied { search } for pid=2414
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238106526.630:40): avc: denied { search } for pid=2688
comm="pulseaudio" scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir
type=AVC msg=audit(1238106526.630:40): avc: denied { read } for pid=2688
comm="pulseaudio" scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=file
type=AVC msg=audit(1238106526.702:41): avc: denied { execute } for pid=2689
comm="pulseaudio" name="polkit-read-auth-helper" dev=sda5 ino=17300
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:polkit_auth_exec_t:s0 tclass=file
type=AVC msg=audit(1238106526.702:41): avc: denied { read open } for pid=2689
comm="pulseaudio" name="polkit-read-auth-helper" dev=sda5 ino=17300
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:polkit_auth_exec_t:s0 tclass=file
type=AVC msg=audit(1238106526.702:41): avc: denied { execute_no_trans } for pid=2689
comm="pulseaudio" path="/usr/libexec/polkit-read-auth-helper" dev=sda5
ino=17300 scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:polkit_auth_exec_t:s0 tclass=file
type=AVC msg=audit(1238106526.753:42): avc: denied { setattr } for pid=2690
comm="pulseaudio" name=".pulse" dev=sda5 ino=132410
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=dir
type=AVC msg=audit(1238106526.756:43): avc: denied { read } for pid=2690
comm="pulseaudio" name="babc6121fcf79fbe86069a3248e578cc:runtime"
dev=sda5 ino=131673 scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=lnk_file
type=AVC msg=audit(1238106526.765:44): avc: denied { write } for pid=2690
comm="pulseaudio" name="pulse-7jSoifiWvzLS" dev=sda5 ino=17108
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=dir
type=AVC msg=audit(1238106526.765:44): avc: denied { add_name } for pid=2690
comm="pulseaudio" name="autospawn.lock"
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=dir
type=AVC msg=audit(1238106526.765:44): avc: denied { create } for pid=2690
comm="pulseaudio" name="autospawn.lock"
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=file
type=AVC msg=audit(1238106526.765:44): avc: denied { write } for pid=2690
comm="pulseaudio" name="autospawn.lock" dev=sda5 ino=17316
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=file
type=AVC msg=audit(1238106526.854:45): avc: denied { read } for pid=2691
comm="pulseaudio" name="pulse-shm-868967743" dev=tmpfs ino=19899
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmpfs_t:s0 tclass=file
type=AVC msg=audit(1238106526.854:45): avc: denied { open } for pid=2691
comm="pulseaudio" name="pulse-shm-868967743" dev=tmpfs ino=19899
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmpfs_t:s0 tclass=file
type=AVC msg=audit(1238106526.854:46): avc: denied { getattr } for pid=2691
comm="pulseaudio" path="/dev/shm/pulse-shm-868967743" dev=tmpfs
ino=19899 scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmpfs_t:s0 tclass=file
type=AVC msg=audit(1238106527.020:47): avc: denied { read write } for pid=2691
comm="pulseaudio"
name="babc6121fcf79fbe86069a3248e578cc:device-volumes.i386-redhat-linux-gnu.gdbm"
dev=sda5 ino=132646 scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=file
type=AVC msg=audit(1238106527.020:47): avc: denied { open } for pid=2691
comm="pulseaudio"
name="babc6121fcf79fbe86069a3248e578cc:device-volumes.i386-redhat-linux-gnu.gdbm"
dev=sda5 ino=132646 scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=file
type=AVC msg=audit(1238106527.035:48): avc: denied { getattr } for pid=2691
comm="pulseaudio"
path="/var/lib/gdm/.pulse/babc6121fcf79fbe86069a3248e578cc:device-volumes.i386-redhat-linux-gnu.gdbm"
dev=sda5 ino=132646 scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=file
type=AVC msg=audit(1238106527.415:51): avc: denied { lock } for pid=2691
comm="pulseaudio" path="/var/lib/gdm/.esd_auth" dev=sda5 ino=132649
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=file
type=AVC msg=audit(1238106527.436:52): avc: denied { create } for pid=2691
comm="pulseaudio" name="native"
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=sock_file
type=AVC msg=audit(1238106527.439:53): avc: denied { setattr } for pid=2691
comm="pulseaudio" name="native" dev=sda5 ino=19560
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=sock_file
type=AVC msg=audit(1238106527.695:54): avc: denied { remove_name } for pid=2688
comm="pulseaudio" name="autospawn.lock" dev=sda5 ino=17316
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=dir
type=AVC msg=audit(1238106527.695:54): avc: denied { unlink } for pid=2688
comm="pulseaudio" name="autospawn.lock" dev=sda5 ino=17316
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=file
type=AVC msg=audit(1238106560.602:62): avc: denied { read } for pid=2691
comm="pulseaudio" name="babc6121fcf79fbe86069a3248e578cc:runtime"
dev=sda5 ino=131673 scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=lnk_file
type=AVC msg=audit(1238106560.602:62): avc: denied { write } for pid=2691
comm="pulseaudio" name="pulse-7jSoifiWvzLS" dev=sda5 ino=17108
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=dir
type=AVC msg=audit(1238106560.602:62): avc: denied { remove_name } for pid=2691
comm="pulseaudio" name="native" dev=sda5 ino=19560
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=dir
type=AVC msg=audit(1238106560.602:62): avc: denied { unlink } for pid=2691
comm="pulseaudio" name="native" dev=sda5 ino=19560
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=sock_file
type=AVC msg=audit(1238106560.621:63): avc: denied { setattr } for pid=2691
comm="pulseaudio" name=".pulse" dev=sda5 ino=132410
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=dir
type=AVC msg=audit(1238106560.622:64): avc: denied { write } for pid=2691
comm="pulseaudio" name="pid" dev=sda5 ino=17350
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=file
type=AVC msg=audit(1238106560.623:65): avc: denied { unlink } for pid=2691
comm="pulseaudio" name="pid" dev=sda5 ino=17350
scontext=system_u:system_r:pulseaudio_t:s0-s0:c0.c1023
tcontext=system_u:object_r:xdm_tmp_t:s0 tclass=file
type=AVC msg=audit(1238154706.445:8): avc: denied { getattr } for pid=2404
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.447:9): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.447:10): avc: denied { getattr } for pid=2404
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.447:11): avc: denied { getattr } for pid=2404
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.457:12): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.458:13): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.458:14): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.458:15): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.458:16): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.459:17): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.459:18): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.459:19): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.460:20): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.460:21): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.460:22): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.460:23): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.461:24): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.461:25): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.461:26): avc: denied { getattr } for pid=2404
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.471:27): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.508:28): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.510:29): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.522:30): avc: denied { getattr } for pid=2404
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.708:31): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.720:32): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.724:33): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.724:34): avc: denied { getattr } for pid=2404
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.725:35): avc: denied { getattr } for pid=2404
comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.782:36): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238154706.783:37): avc: denied { search } for pid=2404
comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
type=AVC msg=audit(1238155282.150:61): avc: denied { read write } for pid=3671
comm="semanage" path="socket:[18111]" dev=sockfs ino=18111
scontext=unconfined_u:unconfined_r:semanage_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238155282.150:61): avc: denied { read write } for pid=3671
comm="semanage" path="socket:[18111]" dev=sockfs ino=18111
scontext=unconfined_u:unconfined_r:semanage_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238155401.283:63): avc: denied { read write } for pid=3738
comm="restorecon" path="socket:[18111]" dev=sockfs ino=18111
scontext=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=AVC msg=audit(1238155401.283:63): avc: denied { read write } for pid=3738
comm="restorecon" path="socket:[18111]" dev=sockfs ino=18111
scontext=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
[root@riohigh ~]#
[root@riohigh ~]# id -Z
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[root@riohigh ~]#
[olivares@riohigh ~]$ id -Z
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[olivares@riohigh ~]$
running the last one and seeing what will happen?
Thanks Robert for pointing out that the problems do exist and for helping out :)
Thank you Daniel for helping out in looking for fixes to this problem :)
Regards,
Antonio
10:50 a.m.
Daniel J Walsh wrote:
On 03/26/2009 11:43 AM, Robert Nichols wrote:
> I can confirm the same behavior when trying to run "crontab -l" or
> "crontab -e"
> both as non-root and root user.
>
> Authentication service cannot retrieve authentication info
> You (rnichols) are not allowed to access to (crontab) because of pam
> configuration.
>
> OR
>
> Authentication service cannot retrieve authentication info
> You (root) are not allowed to access to (crontab) because of pam
> configuration.
>
> The problem goes away when running in permissive mode. Regardless of
> permissive
> vs. enforcing mode, no AVCs are logged. No changes have been made to the
> rawhide SELinux or PAM configurations. I do see this message logged in
> /var/log/secure for each unsuccessful attempt:
>
> crontab: pam_unix(crond:account): helper binary execve failed:
> Permission denied
>
> selinux-policy-3.6.8-3.fc11.noarch
> selinux-policy-targeted-3.6.8-3.fc11.noarch
> authconfig-5.4.7-2.fc11.i586
>
Do you see an SELINUX_ERR in /var/log/audit/audit.log?
WHat does id -Z show?
Could you try
# semodule -DB
Then look for avcs about cron.
I see this SELINUX_ERR in audit.log for each attempt:
type=SELINUX_ERR msg=audit(1238166172.444:23): security_compute_sid: invalid context
unconfined_u:unconfined_r:chkpwd_t:s0-s0:c0.c1023 for
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=system_u:object_r:chkpwd_exec_t:s0 tclass=process
After "semodule -DB", I still don't see any AVCs from cron. With or
without the dontaudits removed, running "grep cron audit.log" shows
these 3 lines for each attempt:
type=SELINUX_ERR msg=audit(1238167945.826:1307): security_compute_sid: invalid context
unconfined_u:unconfined_r:chkpwd_t:s0-s0:c0.c1023 for
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=system_u:object_r:chkpwd_exec_t:s0 tclass=process
type=SYSCALL msg=audit(1238167945.826:1307): arch=40000003 syscall=11 success=no
exit=-13 a0=119d98 a1=bffd1030
a2=11c8e8 a3=119db4 items=0 ppid=3890 pid=3891 auid=500 uid=0 gid=500 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0
tty=pts1 ses=1 comm="crontab" exe="/usr/bin/crontab"
subj=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
key=(null)
type=USER_ACCT msg=audit(1238167945.829:1308): user pid=3890 uid=500 auid=500 ses=1
subj=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023 msg='op=PAM:accounting
acct="rnichols"
exe="/usr/bin/crontab" (hostname=?, addr=?, terminal=cron res=failed)'
(Now running "semodule -B" to restore peace to my system!)
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
1:37 p.m.
On 03/25/2009 07:03 PM, Antonio Olivares wrote:
Dear all,
I have resolved one problem(Not getting internet at startup by default), but have not
fixed the crontab one and other(s):
This one does not go away :(
Summary:
SELinux is preventing crontab (admin_crontab_t) "read write" unconfined_t.
Detailed Description:
SELinux denied access requested by crontab. It is not expected that this access
is required by crontab and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0
.c1023
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects socket [ unix_stream_socket ]
Source crontab
Source Path /usr/bin/crontab
Port<Unknown>
Host riohigh
Source RPM Packages cronie-1.2-7.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 177
First Seen Mon 02 Mar 2009 07:11:37 PM CST
Last Seen Wed 25 Mar 2009 04:57:03 PM CST
Local ID 3883b140-4d39-40f5-9262-ce2c4c4e2e16
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53528]" dev=sockfs ino=53528
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=AVC msg=audit(1238021823.376:68): avc: denied { read write } for
pid=4331 comm="crontab" path="socket:[53148]" dev=sockfs ino=53148
scontext=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
node=riohigh type=SYSCALL msg=audit(1238021823.376:68): arch=40000003 syscall=11
success=yes exit=0 a0=9fcb5c8 a1=9fcbd10 a2=9fb5ae0 a3=9fcbd10 items=0 ppid=4295 pid=4331
auid=500 uid=500 gid=500 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=2
comm="crontab" exe="/usr/bin/crontab"
subj=unconfined_u:unconfined_r:admin_crontab_t:s0-s0:c0.c1023 key=(null)
I can't modify my crontab file:
[olivares@riohigh ~]$ crontab -l
Authentication service cannot retrieve authentication info
You (olivares) are not allowed to access to (crontab) because of pam configuration.
[olivares@riohigh ~]$
if I disable selinux, I can modify it and view it, but not with selinux enabled.
I got greeted with the following:
Summary:
SELinux is preventing access to files with the default label, default_t.
Detailed Description:
SELinux permission checks on files labeled default_t are being denied. These
files/directories have the default label on them. This can indicate a labeling
problem, especially if the files being referred to are not top level
directories. Any files/directories under standard system directories, /usr,
/var. /dev, /tmp, ..., should not be labeled with the default label. The default
label is for files/directories which do not have a label on a parent directory.
So if you create a new directory in / you might legitimately get this label.
Allowing Access:
If you want a confined domain to use these files you will probably need to
relabel the file/directory with chcon. In some cases it is just easier to
relabel the system, to relabel execute: "touch /.autorelabel; reboot"
Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:default_t:s0
Target Objects /.kde [ dir ]
Source kde4-config
Source Path /usr/bin/kde4-config
Port<Unknown>
Host riohigh
Source RPM Packages kdelibs-4.2.1-4.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name default
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 7
First Seen Wed 25 Mar 2009 04:38:14 PM CST
Last Seen Wed 25 Mar 2009 04:38:14 PM CST
Local ID d3d42e40-6a28-48cf-8717-b85579c55bad
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238020694.487:40): avc: denied { getattr } for
pid=2434 comm="kde4-config" path="/.kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
node=riohigh type=SYSCALL msg=audit(1238020694.487:40): arch=40000003 syscall=196
success=no exit=-13 a0=bfc3730b a1=bfc37258 a2=a12ff4 a3=a036c59 items=0 ppid=2433
pid=2434 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=4294967295 comm="kde4-config"
exe="/usr/bin/kde4-config" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023
key=(null)
Summary:
SELinux is preventing access to files with the default label, default_t.
Detailed Description:
SELinux permission checks on files labeled default_t are being denied. These
files/directories have the default label on them. This can indicate a labeling
problem, especially if the files being referred to are not top level
directories. Any files/directories under standard system directories, /usr,
/var. /dev, /tmp, ..., should not be labeled with the default label. The default
label is for files/directories which do not have a label on a parent directory.
So if you create a new directory in / you might legitimately get this label.
Allowing Access:
If you want a confined domain to use these files you will probably need to
relabel the file/directory with chcon. In some cases it is just easier to
relabel the system, to relabel execute: "touch /.autorelabel; reboot"
Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:default_t:s0
Target Objects .kde [ dir ]
Source kde4-config
Source Path /usr/bin/kde4-config
Port<Unknown>
Host riohigh
Source RPM Packages kdelibs-4.2.1-4.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.8-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name default
Host Name riohigh
Platform Linux riohigh 2.6.29-0.258.2.3.rc8.git2.fc11.i586
#1 SMP Tue Mar 24 18:37:23 EDT 2009 i686 athlon
Alert Count 23
First Seen Wed 25 Mar 2009 04:38:14 PM CST
Last Seen Wed 25 Mar 2009 04:38:14 PM CST
Local ID 711eec22-2695-4e57-91ad-622e9c5f3b53
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1238020694.489:42): avc: denied { search } for
pid=2434 comm="kde4-config" name=".kde" dev=sda5 ino=14897
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0
tclass=dir
node=riohigh type=SYSCALL msg=audit(1238020694.489:42): arch=40000003 syscall=196
success=no exit=-13 a0=a036c58 a1=bfc37230 a2=a12ff4 a3=a031250 items=0 ppid=2433 pid=2434
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="kde4-config" exe="/usr/bin/kde4-config"
subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
Startup did not take the 20 seconds, it took like 8 to 10 minutes with the relabeling and
still see the same things. Is there an update that will fix this or do I have to disable
selinux or boot in permissive in order to have a working machine.
Please help this is no longer fun as it once was.
Regards,
Antonio
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Update to
selinux-policy-3.6.10-2.fc11
4:59 p.m.
Update to
selinux-policy-3.6.10-2.fc11
Not available :(
[root@riohigh ~]# yum update
adobe-linux-i386 | 951 B 00:00
adobe-linux-i386/primary | 10 kB 00:00
adobe-linux-i386 17/17
rawhide/metalink | 7.1 kB 00:00
rawhide | 3.4 kB 00:00
rawhide/primary_db | 8.0 MB 00:24
Setting up Update Process
No Packages marked for Update
Selinux is going crazy, the setroubleshooter hogs the CPU with a great deal of denials
even in permissive mode. I hope I wake up next Monday and the problem goes away,
hopefully with the release of Fedora 11 Beta :)
nsplugin, pulseaudio and others are also causing lots of trouble, problem is I tried to
write a bug report but was unable to, setroubleshoot deamon died and I could not copy
paste it :(
[olivares@riohigh ~]$ dmesg | grep 'avc'
type=1400 audit(1238189886.196:3): avc: denied { search } for pid=1553
comm="ifconfig" name="selinux" dev=sda5 ino=25722
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:selinux_config_t:s0 tclass=dir
type=1400 audit(1238189886.196:4): avc: denied { read } for pid=1553
comm="ifconfig" name="config" dev=sda5 ino=97197
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.196:5): avc: denied { open } for pid=1553
comm="ifconfig" name="config" dev=sda5 ino=97197
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.196:6): avc: denied { getattr } for pid=1553
comm="ifconfig" path="/etc/selinux/config" dev=sda5 ino=97197
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.197:7): avc: denied { getattr } for pid=1553
comm="ifconfig" name="/" dev=selinuxfs ino=1
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
type=1400 audit(1238189886.197:8): avc: denied { search } for pid=1553
comm="ifconfig" name="/" dev=selinuxfs ino=1
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=dir
type=1400 audit(1238189886.197:9): avc: denied { getattr } for pid=1553
comm="ifconfig" path="/selinux/class" dev=selinuxfs ino=26
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=dir
type=1400 audit(1238189886.197:10): avc: denied { read } for pid=1553
comm="ifconfig" name="mls" dev=selinuxfs ino=12
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=file
type=1400 audit(1238189886.198:11): avc: denied { open } for pid=1553
comm="ifconfig" name="mls" dev=selinuxfs ino=12
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=file
type=1400 audit(1238189892.172:12): avc: denied { rlimitinh } for pid=1815
comm="modprobe" scontext=system_u:system_r:iptables_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=process
type=1400 audit(1238189892.172:13): avc: denied { siginh } for pid=1815
comm="modprobe" scontext=system_u:system_r:iptables_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=process
type=1400 audit(1238189892.172:14): avc: denied { noatsecure } for pid=1815
comm="modprobe" scontext=system_u:system_r:iptables_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=process
Here are some anyway even with enforcing=0(permissive mode) :(
Regards,
Antonio
8:42 a.m.
On 03/27/2009 05:59 PM, Antonio Olivares wrote:
> Update to
>
> selinux-policy-3.6.10-2.fc11
Not available :(
[root@riohigh ~]# yum update
adobe-linux-i386 | 951 B 00:00
adobe-linux-i386/primary | 10 kB 00:00
adobe-linux-i386 17/17
rawhide/metalink | 7.1 kB 00:00
rawhide | 3.4 kB 00:00
rawhide/primary_db | 8.0 MB 00:24
Setting up Update Process
No Packages marked for Update
Selinux is going crazy, the setroubleshooter hogs the CPU with a great deal of denials
even in permissive mode. I hope I wake up next Monday and the problem goes away,
hopefully with the release of Fedora 11 Beta :)
nsplugin, pulseaudio and others are also causing lots of trouble, problem is I tried to
write a bug report but was unable to, setroubleshoot deamon died and I could not copy
paste it :(
[olivares@riohigh ~]$ dmesg | grep 'avc'
type=1400 audit(1238189886.196:3): avc: denied { search } for pid=1553
comm="ifconfig" name="selinux" dev=sda5 ino=25722
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:selinux_config_t:s0 tclass=dir
type=1400 audit(1238189886.196:4): avc: denied { read } for pid=1553
comm="ifconfig" name="config" dev=sda5 ino=97197
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.196:5): avc: denied { open } for pid=1553
comm="ifconfig" name="config" dev=sda5 ino=97197
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.196:6): avc: denied { getattr } for pid=1553
comm="ifconfig" path="/etc/selinux/config" dev=sda5 ino=97197
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:selinux_config_t:s0 tclass=file
type=1400 audit(1238189886.197:7): avc: denied { getattr } for pid=1553
comm="ifconfig" name="/" dev=selinuxfs ino=1
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
type=1400 audit(1238189886.197:8): avc: denied { search } for pid=1553
comm="ifconfig" name="/" dev=selinuxfs ino=1
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=dir
type=1400 audit(1238189886.197:9): avc: denied { getattr } for pid=1553
comm="ifconfig" path="/selinux/class" dev=selinuxfs ino=26
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=dir
type=1400 audit(1238189886.197:10): avc: denied { read } for pid=1553
comm="ifconfig" name="mls" dev=selinuxfs ino=12
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=file
type=1400 audit(1238189886.198:11): avc: denied { open } for pid=1553
comm="ifconfig" name="mls" dev=selinuxfs ino=12
scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=file
type=1400 audit(1238189892.172:12): avc: denied { rlimitinh } for pid=1815
comm="modprobe" scontext=system_u:system_r:iptables_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=process
type=1400 audit(1238189892.172:13): avc: denied { siginh } for pid=1815
comm="modprobe" scontext=system_u:system_r:iptables_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=process
type=1400 audit(1238189892.172:14): avc: denied { noatsecure } for pid=1815
comm="modprobe" scontext=system_u:system_r:iptables_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=process
Here are some anyway even with enforcing=0(permissive mode) :(
Regards,
Antonio
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
This sounds like you
have a mislabeled system. Rawhide has opened
today. see if the update fixes your problems, otherwise try a relabel.
5:20 p.m.
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
This sounds like you have a mislabeled system. Rawhide has
opened
today. see if the update fixes your problems, otherwise try
a relabel.
Now it is not selinux's fault:
[olivares@riohigh Download]$ crontab -l
cron/olivares: Permission denied
[olivares@riohigh Download]$ crontab -e
cron/olivares: Permission denied
[olivares@riohigh Download]$ dmesg | grep 'avc'
type=1400 audit(1238450106.840:4): avc: denied { read } for pid=1716
comm="dmesg" name="ld.so.cache" dev=sda5 ino=68454
scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
Wonder what could it be now?
Thanks,
Antonio
7:26 a.m.
On 03/30/2009 06:20 PM, Antonio Olivares wrote:
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> This sounds like you have a mislabeled system. Rawhide has
> opened
> today. see if the update fixes your problems, otherwise try
> a relabel.
Now it is not selinux's fault:
[olivares@riohigh Download]$ crontab -l
cron/olivares: Permission denied
[olivares@riohigh Download]$ crontab -e
cron/olivares: Permission denied
[olivares@riohigh Download]$ dmesg | grep 'avc'
type=1400 audit(1238450106.840:4): avc: denied { read } for pid=1716
comm="dmesg" name="ld.so.cache" dev=sda5 ino=68454
scontext=system_u:system_r:dmesg_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
Wonder what could it be now?
Thanks,
Antonio
That should be fixed in rawhide policy.
selinux-policy-3.6.10-4.fc11.noarch
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
12:32 a.m.
Daniel J Walsh wrote:
On 03/25/2009 07:03 PM, Antonio Olivares wrote:
> Dear all,
>
> I have resolved one problem(Not getting internet at startup by
> default), but have not fixed the crontab one and other(s):
>
> This one does not go away :(
>
>
> Summary:
>
> SELinux is preventing crontab (admin_crontab_t) "read write"
> unconfined_t.
Update to
selinux-policy-3.6.10-2.fc11
Now that the update logjam has broken, this problem is fixed in
selinux-policy*-3.6.10-4.fc11.
Thanks.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
5503
days inactive
5509
days old
selinux@lists.fedoraproject.org
13 comments
3 participants
participants (3)
-
Antonio Olivares -
Daniel J Walsh -
Robert Nichols