postmap command avc: denied messages

Daniel J Walsh dwalsh at redhat.com
Tue Apr 11 21:51:05 UTC 2006 

J. K. Cliburn wrote:
> First, should I file a bugzilla for this?
>
> Second, is there a workaround?  Oddly, it didn't seem to impede the
> completion of the postmap command.
>   
Are you running in permissive mode?

These messages probably would not appear in enforcing mode and there 
fore can be ignored.
> Apr 10 12:17:10 osprey kernel: audit(1144689430.970:8): avc:  denied  { read wri
> te } for  pid=4617 comm="postmap" name="0" dev=devpts ino=2 scontext=user_u:syst
> em_r:postfix_map_t:s0-s0:c0.c255 tcontext=user_u:object_r:devpts_t:s0 tclass=chr
> _file
> Apr 10 12:17:10 osprey kernel: audit(1144689430.970:9): avc:  denied  { read wri
> te } for  pid=4617 comm="postmap" name="0" dev=devpts ino=2 scontext=user_u:syst
> em_r:postfix_map_t:s0-s0:c0.c255 tcontext=user_u:object_r:devpts_t:s0 tclass=chr
> _file
> Apr 10 12:17:10 osprey kernel: audit(1144689430.970:10): avc:  denied  { read wr
> ite } for  pid=4617 comm="postmap" name="0" dev=devpts ino=2 scontext=user_u:sys
> tem_r:postfix_map_t:s0-s0:c0.c255 tcontext=user_u:object_r:devpts_t:s0 tclass=ch
> r_file
> Apr 10 12:17:10 osprey kernel: audit(1144689430.970:11): avc:  denied  { read wr
> ite } for  pid=4617 comm="postmap" name="0" dev=devpts ino=2 scontext=user_u:sys
> tem_r:postfix_map_t:s0-s0:c0.c255 tcontext=user_u:object_r:devpts_t:s0 tclass=ch
> r_file
> Apr 10 12:17:10 osprey kernel: audit(1144689430.982:12): avc:  denied  { read }
> for  pid=4617 comm="postmap" name="stat" dev=proc ino=4026531853 scontext=user_u
> :system_r:postfix_map_t:s0-s0:c0.c255 tcontext=system_u:object_r:proc_t:s0 tclas
> s=file
> Apr 10 12:17:10 osprey kernel: audit(1144689430.982:13): avc:  denied  { read }
> for  pid=4617 comm="postmap" name="cpuinfo" dev=proc ino=4026531851 scontext=use
> r_u:system_r:postfix_map_t:s0-s0:c0.c255 tcontext=system_u:object_r:proc_t:s0 tc
> lass=file
>
> Thanks,
> Jay
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>

More information about the selinux mailing list