hald AVCs from today's rawhide
Tom London
selinux at gmail.com
Fri Mar 3 15:59:49 UTC 2006
Running today's rawhide, targeted/enforcing.
Noticed the following.
----
type=PATH msg=audit(03/03/2006 07:07:50.170:13) : item=0
name=/proc/sys/vm/ flags=follow,access inode=4026531930 dev=00:03
mode=dir,555 ouid=root ogid=root rdev=00:00
type=CWD msg=audit(03/03/2006 07:07:50.170:13) : cwd=/usr/share/hal/scripts
type=SYSCALL msg=audit(03/03/2006 07:07:50.170:13) : arch=i386
syscall=access success=no exit=-13(Permission denied) a0=8566400 a1=2
a2=2 a3=8565878 items=1 pid=2489 auid=unknown(4294967295) uid=root
gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root
comm=pm-powersave exe=/bin/bash
type=AVC msg=audit(03/03/2006 07:07:50.170:13) : avc: denied { write
} for pid=2489 comm=pm-powersave name=vm dev=proc ino=-268435366
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=dir
----
type=PATH msg=audit(03/03/2006 07:07:51.358:14) : item=0
name=/proc/sys/vm/ flags=follow,access inode=4026531930 dev=00:03
mode=dir,555 ouid=root ogid=root rdev=00:00
type=CWD msg=audit(03/03/2006 07:07:51.358:14) : cwd=/usr/share/hal/scripts
type=SYSCALL msg=audit(03/03/2006 07:07:51.358:14) : arch=i386
syscall=access success=no exit=-13(Permission denied) a0=9d16400 a1=2
a2=2 a3=9d15878 items=1 pid=2520 auid=unknown(4294967295) uid=root
gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root
comm=pm-powersave exe=/bin/bash
type=AVC msg=audit(03/03/2006 07:07:51.358:14) : avc: denied { write
} for pid=2520 comm=pm-powersave name=vm dev=proc ino=-268435366
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=dir
----
tom
--
Tom London
More information about the selinux
mailing list