pam_console_t wants access to device_t:chr_file ?
Daniel J Walsh
dwalsh at redhat.com
Sat Jul 8 19:41:59 UTC 2006
Tom London wrote:
> Running targeted/enforcing, latest Rawhide.
>
> Noticed this in /var/log/messages, before auditd is started I guess:
>
> Jun 29 06:43:48 localhost kernel: audit(1151588567.562:102): avc:
> denied { getattr } for pid=1526 comm="pam_console_app"
> name="usbdev5.5_ep02" dev=tmpfs ino=5143
> scontext=system_u:system_r:pam_console_t:s0
> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
> \
The problem is usbdev5.5_ep02 is not labeled correctly. Is this a real
device? What kind of device is is?
> Jun 29 06:43:48 localhost kernel: audit(1151588567.562:103): avc:
> denied { getattr } for pid=1526 comm="pam_console_app"
> name="usbdev5.5_ep81" dev=tmpfs ino=5120
> scontext=system_u:system_r:pam_console_t:s0
> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
> Jun 29 06:43:48 localhost kernel: audit(1151588567.562:104): avc:
> denied { getattr } for pid=1526 comm="pam_console_app"
> name="usbdev5.5_ep00" dev=tmpfs ino=5068
> scontext=system_u:system_r:pam_console_t:s0
> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
>
> << actually many, many copies of these....>>
>
> tom
More information about the selinux
mailing list