audit avc F16

Frank Murphy frankly3d at gmail.com
Sun Apr 1 13:12:59 UTC 2012


Currently auditd fails to start on a particular guest.

service auditd restart
Redirecting to /bin/systemctl  restart auditd.service
[  199.986682] type=1400 audit(1333285442.114:6): avc:  denied  { 
dac_override } for  pid=1409 comm="auditd" capability=1 
scontext=system_u:system_r:auditd_t:s0 
tcontext=system_u:system_r:auditd_t:s0 tclass=capability
[  199.988842] type=1400 audit(1333285442.116:7): avc:  denied  { 
dac_read_search } for  pid=1409 comm="auditd" capability=2 
scontext=system_u:system_r:auditd_t:s0 
tcontext=system_u:system_r:auditd_t:s0 tclass=capability
Job failed. See system logs and 'systemctl status' for details.


systemctl status auditd.service
gives nothing extra to above.


-- 
Regards,
Frank
"Jack of all, fubars"


More information about the selinux mailing list