SELinux avcs in permissive mode
Felipe Alfaro Solana
felipe.alfaro at gmail.com
Sat Apr 22 08:28:47 UTC 2006
Hi, folks.
I'm running Fedora Core Devel (RawHide) with SELinux enabled in
permissive mode in a Xen domain 0. After booting into runlevel 3 I see
these avcs:
audit(1145694295.644:3): avc: denied { read write } for pid=1490
comm="xenstored" name="console" dev=tmpfs ino=812
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:console_device_t:s0 tclass=chr_file
audit(1145694295.788:4): avc: denied { read write } for pid=1493
comm="xenconsoled" name="console" dev=tmpfs ino=812
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:console_device_t:s0 tclass=chr_file
audit(1145694299.076:5): SELinux: unrecognized netlink message
type=28265 for sclass=43
audit(1145694302.696:8): avc: denied { read write } for pid=1621
comm="mingetty" name="utmp" dev=dm-0 ino=1310727
scontext=system_u:system_r:getty_t:s0
tcontext=system_u:object_r:init_var_run_t:s0 tclass=file
audit(1145694302.696:9): avc: denied { lock } for pid=1621
comm="mingetty" name="utmp" dev=dm-0 ino=1310727
scontext=system_u:system_r:getty_t:s0
tcontext=system_u:object_r:init_var_run_t:s0 tclass=file
Any comments on this?
Thanks!
More information about the selinux
mailing list