[HEADS-UP] Please test kdbus in Rawhide!
Orion Poplawski
orion at cora.nwra.com
Thu Jul 30 22:59:09 UTC 2015
On 07/30/2015 04:54 PM, Orion Poplawski wrote:
> On 07/30/2015 11:57 AM, Lennart Poettering wrote:
>> Heya!
>>
>> I'd like to ask everybody to test kdbus on Rawhide. Josh thankfully
>> added it to the Rawhide kernel packages, and our systemd RPMs come
>> with built-in support, too now. If you are running an up-to-date
>> Rawhide system adding "kdbus=1" to your kernel command line is hence
>> everything you need to run kdbus instead of dbus-daemon. (No
>> additional RPMs need to be installed.) If you do, things should just
>> work the same way as before, if we did everything right. By adding or
>> dropping "kdbus=1" to/from the command line you can enable kdbus or
>> revert back to dbus1 on each individual boot.
>
> What I see:
>
Also plenty of AVC denials. Looks like there's no label yet for the kdbus
filesystem?
Jul 30 16:31:33 vmrawhide audit: AVC avc: denied { read write } for pid=698
comm="systemd-logind" name="bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:33 vmrawhide audit: AVC avc: denied { open } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:33 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:34 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:40 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:45 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:45 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:45 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:49 vmrawhide audit: AVC avc: denied { read write } for
pid=1184 comm="sddm-helper" name="bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:49 vmrawhide audit: AVC avc: denied { open } for pid=1184
comm="sddm-helper" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:49 vmrawhide audit: AVC avc: denied { ioctl } for pid=1184
comm="sddm-helper" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:49 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:33:03 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:41:28 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:02 vmrawhide audit: AVC avc: denied { read write } for
pid=5541 comm="sshd" name="bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:02 vmrawhide audit: AVC avc: denied { open } for pid=5541
comm="sshd" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:02 vmrawhide audit: AVC avc: denied { ioctl } for pid=5541
comm="sshd" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:02 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:03 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:03 vmrawhide audit: AVC avc: denied { read write } for
pid=5541 comm="sshd" name="control" dev="kdbusfs" ino=2
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:03 vmrawhide audit: AVC avc: denied { open } for pid=5541
comm="sshd" path="/sys/fs/kdbus/control" dev="kdbusfs" ino=2
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:03 vmrawhide audit: AVC avc: denied { ioctl } for pid=5541
comm="sshd" path="/sys/fs/kdbus/control" dev="kdbusfs" ino=2
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:35 vmrawhide audit: AVC avc: denied { read write } for
pid=5541 comm="sshd" name="bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:35 vmrawhide audit: AVC avc: denied { open } for pid=5541
comm="sshd" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:35 vmrawhide audit: AVC avc: denied { ioctl } for pid=5541
comm="sshd" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:35 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:44 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:52:59 vmrawhide audit: AVC avc: denied { ioctl } for pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 http://www.nwra.com
More information about the devel
mailing list