audit avc F16
Frank Murphy
frankly3d at gmail.com
Sun Apr 1 13:12:59 UTC 2012
Currently auditd fails to start on a particular guest.
service auditd restart
Redirecting to /bin/systemctl restart auditd.service
[ 199.986682] type=1400 audit(1333285442.114:6): avc: denied {
dac_override } for pid=1409 comm="auditd" capability=1
scontext=system_u:system_r:auditd_t:s0
tcontext=system_u:system_r:auditd_t:s0 tclass=capability
[ 199.988842] type=1400 audit(1333285442.116:7): avc: denied {
dac_read_search } for pid=1409 comm="auditd" capability=2
scontext=system_u:system_r:auditd_t:s0
tcontext=system_u:system_r:auditd_t:s0 tclass=capability
Job failed. See system logs and 'systemctl status' for details.
systemctl status auditd.service
gives nothing extra to above.
--
Regards,
Frank
"Jack of all, fubars"
More information about the selinux
mailing list