making a file context change work for initrc_t and unconfined_t
Maria Iano
maria at iano.org
Thu Feb 2 22:58:48 UTC 2012
On Feb 1, 2012, at 4:53 PM, Dominick Grift wrote:
> On Wed, 2012-02-01 at 15:05 -0500, Maria Iano wrote:
>> On Feb 1, 2012, at 1:32 PM, Dominick Grift wrote:
>>
>>> On Tue, 2012-01-31 at 17:33 -0500, Maria Iano wrote:
>>>> I have a RHEL 6.2 server running LikewiseOpen. It appears to me
>>>> that I
>>>> will take care of a large number of denials if I can change the
>>>> type
>>>> of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.
>>>>
>>>> I added the file context rule with semanage, and used restorecon to
>>>> change it to lsassd_var_socket_t as desired. But later I found
>>>> that /
>>>> var/lib/likewise/.lsassd had type var_lib_t again. I assume that is
>>>> because the likewise processes run as initrc_t.
>>>
>>> Why are the likewise processes running in initrc_t?
>>>
>>> Are the likewise executable files in their proper location:
>>>
>>> /usr/sbin/dcerpcd --
>>> gen_context(system_u:object_r:dcerpcd_exec_t,s0)
>>> /usr/sbin/eventlogd --
>>> gen_context(system_u:object_r:eventlogd_exec_t,s0)
>>> /usr/sbin/lsassd --
>>> gen_context(system_u:object_r:lsassd_exec_t,s0)
>>> /usr/sbin/lwiod -- gen_context(system_u:object_r:lwiod_exec_t,s0)
>>> /usr/sbin/lwregd --
>>> gen_context(system_u:object_r:lwregd_exec_t,s0)
>>> /usr/sbin/lwsmd -- gen_context(system_u:object_r:lwsmd_exec_t,s0)
>>> /usr/sbin/netlogond --
>>> gen_context(system_u:object_r:netlogond_exec_t,s0)
>>> /usr/sbin/srvsvcd --
>>> gen_context(system_u:object_r:srvsvcd_exec_t,s0)
>>>
>>>> I'd like to change the policy and tell it that services running in
>>>> either initrc_t or unconfined_t domains should create the file /
>>>> var/
>>>> lib/likewise/.lsassd with type lsassd_var_socket_t. (A command line
>>>> tool lwsm for managing the processes runs in unconfined_t so I'd
>>>> like
>>>> to include that domain to be safe. ) How can I go about doing
>>>> that in
>>>> RHEL 6 (or can I)?
>>>
>>> That is not possible but if you label /var/lib/likewise:
>>>
>>> semanage fcontext -a -t likewise_var_lib_t "/var/lib/likewise(/.*)?"
>>>
>>> And configure restorecond to watch /var/lib/likewise then the file
>>> will
>>> be reset to the proper type when restorecond notices that its
>>> mislabeled.
>>>
>>> The policy for likewise was written by the people of likewise. I
>>> helped
>>> with it a bit. I think we collaborated on the selinux maillist but i
>>> could not find the thread about it in short noticed. (i was looking
>>> for
>>> the e-mail address of the likewise policy author so that i can ask
>>> him
>>> to see if the policy is still up-to-date)
>>>
>>> It may be that the policy is not maintained optimally.
>>>
>>> Maybe you can help us revisit it?
>>
>> Those files are all under /opt/likewise/sbin on this system (although
>> there is no srvsvcd):
>> /opt/likewise/sbin/dcerpcd
>> /opt/likewise/sbin/eventlogd
>> /opt/likewise/sbin/lsassd
>> /opt/likewise/sbin/lwiod
>> /opt/likewise/sbin/lwregd
>> /opt/likewise/sbin/lwsmd
>> /opt/likewise/sbin/netlogond
>>
>> Also the directories corresponding to /etc/likewise-open and /var/
>> lib/
>> likewise-open are actually /etc/likewise and /var/lib/likewise on my
>> system.
>>
>> My system is RHEL 6.2 and I installed LikewiseOpen by downloading
>> LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh, making it executable,
>> and
>> typing:
>> ./LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh install
>>
>> So I think it is installed with all the defaults.
>>
>> I would be very happy to help. I would really like for selinux and
>> likewise to coexist comfortably.
>
> Why that's great
>
> Here is a list with all file contexts for likewise files:
>
> http://git.fedorahosted.org/git/?p=selinux-policy.git;a=blob;f=policy/modules/services/likewise.fc;h=57491fc406f6d309b258f6be978524a0b916d531;hb=6a8b33a937d800e1f7ec5a148b73abedc1ea4f09
>
> Basically what i would do if i were you is add file context
> specifications using "semanage fcontext" or a custom .fc file of all
> the
> entries in there matching files on your system:
>
> example:
>
> /usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)
>
> would be:
>
> semanage fcontext -a -t lsassd_exec_t -f -- "/opt/likewise/sbin/
> lsassd"
>
> and:
>
> /var/lib/likewise-open/\.lsassd -s
> gen_context(system_u:object_r:lsassd_var_socket_t,s0)
>
> would be:
>
> semanage fcontext -a -t lsassd_var_socket_t -f -s
> "/var/lib/likewise-open/\.lsassd"
>
> When all is added you can use matchpathcon to verify whether the type
> matches what youve specified. Example:
>
> matchpathcon /opt/likewise/sbin/lsassd
>
> and if that is verified to be correct actually apply the contexts by
> running for example:
>
> restorecon -R -v /opt/likewise/sbin/lsassd
>
> Then you should try it out, collect any AVC denials that you are
> seeing
> and enclose those so that we can analyze them and fix bugs where
> possible.
>
> If you have any questions or comments do not hesitate to ask.
>
> I am looking forward to your reply.
On a CentOS 6.2 system which had never had likewise installed, I ran
the corresponding semanage commands to these file contexts:
/etc/likewise(/.*)?
gen_context(system_u:object_r:likewise_etc_t,s0)
/etc/likewise/.pstore.lock --
gen_context(system_u:object_r:likewise_pstore_lock_t,s0)
/etc/likewise/likewise-krb5-ad.conf --
gen_context(system_u:object_r:likewise_krb5_ad_t,s0)
/etc/rc\.d/init\.d/likewise --
gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
/etc/rc\.d/init\.d/lwsmd --
gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
/etc/rc\.d/init\.d/netlogond --
gen_context(system_u:object_r:likewise_initrc_exec_t,s0)
/opt/likewise/sbin/dcerpcd --
gen_context(system_u:object_r:dcerpcd_exec_t,s0)
/opt/likewise/sbin/eventlogd --
gen_context(system_u:object_r:eventlogd_exec_t,s0)
/opt/likewise/sbin/lsassd --
gen_context(system_u:object_r:lsassd_exec_t,s0)
/opt/likewise/sbin/lwiod --
gen_context(system_u:object_r:lwiod_exec_t,s0)
/opt/likewise/sbin/lwregd --
gen_context(system_u:object_r:lwregd_exec_t,s0)
/opt/likewise/sbin/lwsmd --
gen_context(system_u:object_r:lwsmd_exec_t,s0)
/opt/likewise/sbin/netlogond --
gen_context(system_u:object_r:netlogond_exec_t,s0)
/var/lib/likewise(/.*)?
gen_context(system_u:object_r:likewise_var_lib_t,s0)
/var/lib/likewise/\.lsassd -s
gen_context(system_u:object_r:lsassd_var_socket_t,s0)
/var/lib/likewise/\.lwiod -s
gen_context(system_u:object_r:lwiod_var_socket_t,s0)
/var/lib/likewise/\.regsd -s
gen_context(system_u:object_r:lwregd_var_socket_t,s0)
/var/lib/likewise/\.lwsm -s
gen_context(system_u:object_r:lwsmd_var_socket_t,s0)
/var/lib/likewise/\.netlogond -s
gen_context(system_u:object_r:netlogond_var_socket_t,s0)
/var/lib/likewise/\.ntlmd -s
gen_context(system_u:object_r:lsassd_var_socket_t,s0)
/var/lib/likewise/krb5-affinity.conf --
gen_context(system_u:object_r:netlogond_var_lib_t, s0)
/var/lib/likewise/krb5ccr_lsass --
gen_context(system_u:object_r:lsassd_var_lib_t, s0)
/var/lib/likewise/LWNetsd\.err --
gen_context(system_u:object_r:netlogond_var_lib_t,s0)
/var/lib/likewise/lsasd\.err --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/regsd\.err --
gen_context(system_u:object_r:lwregd_var_lib_t,s0)
/var/lib/likewise/db -d
gen_context(system_u:object_r:likewise_var_lib_t,s0)
/var/lib/likewise/db/lwi_events.db --
gen_context(system_u:object_r:eventlogd_var_lib_t,s0)
/var/lib/likewise/db/sam\.db --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/lsass-adcache\.db --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/lsass-adstate\.filedb --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/registry\.db --
gen_context(system_u:object_r:lwregd_var_lib_t,s0)
/var/lib/likewise/rpc -d
gen_context(system_u:object_r:likewise_var_lib_t,s0)
/var/lib/likewise/rpc/epmapper -s
gen_context(system_u:object_r:dcerpcd_var_socket_t, s0)
/var/lib/likewise/rpc/lsass -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)
/var/lib/likewise/rpc/socket -s
gen_context(system_u:object_r:eventlogd_var_socket_t, s0)
/var/lib/likewise/run -d
gen_context(system_u:object_r:likewise_var_lib_t,s0)
/var/lib/likewise/run/rpcdep.dat --
gen_context(system_u:object_r:dcerpcd_var_lib_t, s0)
I then installed LikewiseOpen with LikewiseOpen-6.1.0.8729-linux-
x86_64-rpm.sh. I joined the computer to the AD domain and rebooted.
The first two denials were due to incorrect labeling of /var/lib/
likewise/db/registry.db and /var/lib/likewise/db/sam.db. Both were
labeled as unconfined_u:object_r:likewise_var_lib_t:s0. They should be
unconfined_u:object_r:lwregd_var_lib_t:s0 and
unconfined_u:object_r:lsassd_var_lib_t:s0 respectively. I ran
restorecon on both and have not had any of those type of denials
since. So far they have retained their correct context through a
reboot, so perhaps it's just something that doesn't work correctly
during the installation.
I've attached the remaining AVCs to this message, but since I'm not
sure the mailing list will allow that through I'll also paste them in
below. I removed duplicates. Also there were a large number of entries
where lsassd tried to getattr for many different /proc/xxxx but I only
included one. It didn't just try to do that for likewise processes,
but every process running at the time (or maybe almost every). I can
forward all of those as well if you'd like.
Here is the list:
type=AVC msg=audit(1328198424.686:20): avc: denied { write } for
pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=393091
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:netlogond_var_socket_t:s0 tclass=sock_file
type=AVC msg=audit(1328198424.686:20): avc: denied { connectto }
for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond"
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328198424.686:20): arch=c000003e syscall=42
success=yes exit=0 a0=a a1=7fdbec624450 a2=6e a3=10 items=0 ppid=1108
pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/
likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)
type=AVC msg=audit(1328203534.556:16): avc: denied { getattr } for
pid=1141 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf"
dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.556:16): arch=c000003e syscall=4
success=yes exit=0 a0=7f5e28001488 a1=7f5e33ffc8d0 a2=7f5e33ffc8d0
a3=0 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)
type=AVC msg=audit(1328203534.536:14): avc: denied { getattr } for
pid=1141 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf"
dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.536:14): arch=c000003e syscall=4
success=yes exit=0 a0=7f5e28001368 a1=7f5e33ffc8d0 a2=7f5e33ffc8d0
a3=7f5e33ffc650 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwsmd" exe="/opt/likewise/sbin/lwsmd"
subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198424.023:16): avc: denied { getattr } for
pid=1142 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf"
dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.023:16): arch=c000003e syscall=4
success=yes exit=0 a0=7f4894001488 a1=7f48ad2548d0 a2=7f48ad2548d0
a3=0 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)
type=AVC msg=audit(1328198423.995:14): avc: denied { getattr } for
pid=1142 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf"
dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.995:14): arch=c000003e syscall=4
success=yes exit=0 a0=7f4894001368 a1=7f48ad2548d0 a2=7f48ad2548d0
a3=7f48ad254650 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwsmd" exe="/opt/likewise/sbin/lwsmd"
subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203534.221:9): avc: denied { getattr } for
pid=1143 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db"
dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.221:9): arch=c000003e syscall=4
success=yes exit=0 a0=40bc68 a1=7fff7f6d2520 a2=7fff7f6d2520
a3=7fff7f6d22a0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)
type=AVC msg=audit(1328198423.667:9): avc: denied { getattr } for
pid=1144 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db"
dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.667:9): arch=c000003e syscall=4
success=yes exit=0 a0=40bc68 a1=7fff6b605a50 a2=7fff6b605a50
a3=7fff6b6057d0 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)
type=AVC msg=audit(1328200531.030:128): avc: denied { getattr } for
pid=1486 comm="lsassd" path="/proc/1043" dev=proc ino=10798
scontext=system_u:system_r:lsassd_t:s0
tcontext=system_u:system_r:auditd_t:s0 tclass=dir
type=SYSCALL msg=audit(1328200531.030:128): arch=c000003e syscall=4
success=yes exit=0 a0=7f88fc004bb0 a1=7f88e9ff5cf0 a2=7f88e9ff5cf0
a3=fffffffc items=0 ppid=1108 pid=1486 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lsassd" exe="/opt/likewise/sbin/lsassd"
subj=system_u:system_r:lsassd_t:s0 key=(null)
type=AVC msg=audit(1328198350.870:21214): avc: denied { getattr }
for pid=1912 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf"
dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.870:21214): arch=c000003e syscall=4
success=yes exit=0 a0=7f2790001828 a1=7f27a25718c0 a2=7f27a25718c0
a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)
type=AVC msg=audit(1328198350.864:21212): avc: denied { getattr }
for pid=1912 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf"
dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.864:21212): arch=c000003e syscall=4
success=yes exit=0 a0=7f2790000e08 a1=7f27a25718c0 a2=7f27a25718c0
a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)
type=AVC msg=audit(1328203469.517:203): avc: denied { getattr } for
pid=2428 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf"
dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:203): arch=c000003e syscall=4
success=yes exit=0 a0=7f48980018f8 a1=7f48adc558c0 a2=7f48adc558c0
a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)
type=AVC msg=audit(1328203469.508:201): avc: denied { getattr } for
pid=2428 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf"
dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.508:201): arch=c000003e syscall=4
success=yes exit=0 a0=7f4898000a18 a1=7f48adc558c0 a2=7f48adc558c0
a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)
type=AVC msg=audit(1328198423.037:5): avc: denied { lock } for
pid=1108 comm="lwsmd" path="/var/lib/likewise/.lwsmd-lock" dev=dm-0
ino=395380 scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.037:5): arch=c000003e syscall=72
success=yes exit=0 a0=3 a1=6 a2=7fff74251500 a3=7fff74251280 items=0
ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198424.260:19): avc: denied { lock } for
pid=1151 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db"
dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.260:19): arch=c000003e syscall=72
success=yes exit=0 a0=9 a1=6 a2=7f2341dd20f0 a3=7f2341dd1e60 items=0
ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/
opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0
key=(null)
type=AVC msg=audit(1328198423.032:4): avc: denied { write } for
pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380
scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198423.032:4): avc: denied { open } for
pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380
scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.032:4): arch=c000003e syscall=2
success=yes exit=3 a0=4081ff a1=241 a2=80 a3=7fff74251280 items=0
ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198423.043:6): avc: denied { read } for
pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.043:6): avc: denied { open } for
pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.043:6): arch=c000003e syscall=2
success=yes exit=7 a0=361cb6372e a1=80000 a2=1fffdd09458b
a3=7fff74251200 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwsmd" exe="/opt/likewise/sbin/lwsmd"
subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198423.343:8): avc: denied { read } for
pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwregd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.343:8): avc: denied { open } for
pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwregd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.343:8): arch=c000003e syscall=2
success=yes exit=5 a0=361cb6372e a1=80000 a2=1ffffbf31283
a3=7fffefcc4590 items=0 ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwregd" exe="/opt/likewise/sbin/lwregd"
subj=system_u:system_r:lwregd_t:s0 key=(null)
type=AVC msg=audit(1328203534.538:15): avc: denied { read } for
pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203534.538:15): avc: denied { open } for
pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.538:15): arch=c000003e syscall=2
success=yes exit=11 a0=7f5e28001368 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203534.557:17): avc: denied { read } for
pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203534.557:17): avc: denied { open } for
pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.557:17): arch=c000003e syscall=2
success=yes exit=11 a0=7f5e28001488 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198423.996:15): avc: denied { read } for
pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198423.996:15): avc: denied { open } for
pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.996:15): arch=c000003e syscall=2
success=yes exit=11 a0=7f4894001368 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198424.027:17): avc: denied { read } for
pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198424.027:17): avc: denied { open } for
pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.027:17): arch=c000003e syscall=2
success=yes exit=11 a0=7f4894001488 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203534.223:10): avc: denied { read } for
pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.223:10): avc: denied { open } for
pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.223:10): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdfdb4acf
a3=7fff7f6d25e0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)
type=AVC msg=audit(1328198423.672:10): avc: denied { read } for
pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.672:10): avc: denied { open } for
pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.672:10): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdad8181b
a3=7fff6b605b10 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)
type=AVC msg=audit(1328203534.286:11): avc: denied { read } for
pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.286:11): avc: denied { open } for
pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.286:11): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc0433b53
a3=7fff010ce7b0 items=0 ppid=1108 pid=1150 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="netlogond" exe="/opt/likewise/sbin/netlogond"
subj=system_u:system_r:netlogond_t:s0 key=(null)
type=AVC msg=audit(1328198424.259:18): avc: denied { read write }
for pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0
ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198424.259:18): avc: denied { open } for
pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0 ino=395386
scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.259:18): arch=c000003e syscall=2
success=yes exit=9 a0=7f231c0013e0 a1=42 a2=1a4 a3=7f2341dd2030
items=0 ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)
type=AVC msg=audit(1328198423.748:11): avc: denied { read } for
pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.748:11): avc: denied { open } for
pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.748:11): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffca9448f3
a3=7fff2a511e30 items=0 ppid=1108 pid=1152 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="netlogond" exe="/opt/likewise/sbin/netlogond"
subj=system_u:system_r:netlogond_t:s0 key=(null)
type=AVC msg=audit(1328198423.936:12): avc: denied { read } for
pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.936:12): avc: denied { open } for
pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.936:12): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc42643f7
a3=7fff10990980 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwiod" exe="/opt/likewise/sbin/lwiod"
subj=system_u:system_r:lwiod_t:s0 key=(null)
type=AVC msg=audit(1328198350.869:21213): avc: denied { read } for
pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198350.869:21213): avc: denied { open } for
pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.869:21213): arch=c000003e syscall=2
success=yes exit=4 a0=7f2790000e08 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198350.873:21215): avc: denied { read } for
pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198350.873:21215): avc: denied { open } for
pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.873:21215): arch=c000003e syscall=2
success=yes exit=4 a0=7f2790001828 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203469.517:202): avc: denied { read } for
pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203469.517:202): avc: denied { open } for
pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:202): arch=c000003e syscall=2
success=yes exit=4 a0=7f4898000a18 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203469.518:204): avc: denied { read } for
pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203469.518:204): avc: denied { open } for
pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.518:204): arch=c000003e syscall=2
success=yes exit=4 a0=7f48980018f8 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198424.259:18): avc: denied { read write }
for pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0
ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198424.259:18): avc: denied { open } for
pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0 ino=395386
scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.259:18): arch=c000003e syscall=2
success=yes exit=9 a0=7f231c0013e0 a1=42 a2=1a4 a3=7f2341dd2030
items=0 ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)
type=AVC msg=audit(1328198423.043:6): avc: denied { read } for
pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.043:6): avc: denied { open } for
pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.043:6): arch=c000003e syscall=2
success=yes exit=7 a0=361cb6372e a1=80000 a2=1fffdd09458b
a3=7fff74251200 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwsmd" exe="/opt/likewise/sbin/lwsmd"
subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198423.343:8): avc: denied { read } for
pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwregd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.343:8): avc: denied { open } for
pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwregd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.343:8): arch=c000003e syscall=2
success=yes exit=5 a0=361cb6372e a1=80000 a2=1ffffbf31283
a3=7fffefcc4590 items=0 ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwregd" exe="/opt/likewise/sbin/lwregd"
subj=system_u:system_r:lwregd_t:s0 key=(null)
type=AVC msg=audit(1328203534.538:15): avc: denied { read } for
pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203534.538:15): avc: denied { open } for
pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.538:15): arch=c000003e syscall=2
success=yes exit=11 a0=7f5e28001368 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203534.557:17): avc: denied { read } for
pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203534.557:17): avc: denied { open } for
pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.557:17): arch=c000003e syscall=2
success=yes exit=11 a0=7f5e28001488 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198423.996:15): avc: denied { read } for
pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198423.996:15): avc: denied { open } for
pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.996:15): arch=c000003e syscall=2
success=yes exit=11 a0=7f4894001368 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198424.027:17): avc: denied { read } for
pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198424.027:17): avc: denied { open } for
pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.027:17): arch=c000003e syscall=2
success=yes exit=11 a0=7f4894001488 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203534.223:10): avc: denied { read } for
pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.223:10): avc: denied { open } for
pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.223:10): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdfdb4acf
a3=7fff7f6d25e0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)
type=AVC msg=audit(1328198423.672:10): avc: denied { read } for
pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.672:10): avc: denied { open } for
pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.672:10): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdad8181b
a3=7fff6b605b10 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)
type=AVC msg=audit(1328203534.286:11): avc: denied { read } for
pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.286:11): avc: denied { open } for
pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.286:11): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc0433b53
a3=7fff010ce7b0 items=0 ppid=1108 pid=1150 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="netlogond" exe="/opt/likewise/sbin/netlogond"
subj=system_u:system_r:netlogond_t:s0 key=(null)
type=AVC msg=audit(1328198423.748:11): avc: denied { read } for
pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.748:11): avc: denied { open } for
pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.748:11): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffca9448f3
a3=7fff2a511e30 items=0 ppid=1108 pid=1152 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="netlogond" exe="/opt/likewise/sbin/netlogond"
subj=system_u:system_r:netlogond_t:s0 key=(null)
type=AVC msg=audit(1328198423.936:12): avc: denied { read } for
pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.936:12): avc: denied { open } for
pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.936:12): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc42643f7
a3=7fff10990980 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwiod" exe="/opt/likewise/sbin/lwiod"
subj=system_u:system_r:lwiod_t:s0 key=(null)
type=AVC msg=audit(1328198350.869:21213): avc: denied { read } for
pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198350.869:21213): avc: denied { open } for
pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.869:21213): arch=c000003e syscall=2
success=yes exit=4 a0=7f2790000e08 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198350.873:21215): avc: denied { read } for
pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198350.873:21215): avc: denied { open } for
pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.873:21215): arch=c000003e syscall=2
success=yes exit=4 a0=7f2790001828 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203469.517:202): avc: denied { read } for
pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203469.517:202): avc: denied { open } for
pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:202): arch=c000003e syscall=2
success=yes exit=4 a0=7f4898000a18 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328203469.518:204): avc: denied { read } for
pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203469.518:204): avc: denied { open } for
pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.518:204): arch=c000003e syscall=2
success=yes exit=4 a0=7f48980018f8 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198423.053:7): avc: denied { setpgid } for
pid=1112 comm="lwsmd" scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:system_r:lwsmd_t:s0 tclass=process
type=SYSCALL msg=audit(1328198423.053:7): arch=c000003e syscall=109
success=yes exit=0 a0=458 a1=458 a2=458 a3=361d017240 items=0
ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198423.945:13): avc: denied { setrlimit }
for pid=1164 comm="lwiod" scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:lwiod_t:s0 tclass=process
type=AVC msg=audit(1328198423.945:13): avc: denied { sys_resource }
for pid=1164 comm="lwiod" capability=24
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:lwiod_t:s0 tclass=capability
type=SYSCALL msg=audit(1328198423.945:13): arch=c000003e syscall=160
success=yes exit=0 a0=7 a1=7fff10990e60 a2=7fff10990e10
a3=7fff10990b50 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwiod" exe="/opt/likewise/sbin/lwiod"
subj=system_u:system_r:lwiod_t:s0 key=(null)
type=AVC msg=audit(1328198423.945:13): avc: denied { setrlimit }
for pid=1164 comm="lwiod" scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:lwiod_t:s0 tclass=process
type=AVC msg=audit(1328198423.945:13): avc: denied { sys_resource }
for pid=1164 comm="lwiod" capability=24
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:lwiod_t:s0 tclass=capability
type=SYSCALL msg=audit(1328198423.945:13): arch=c000003e syscall=160
success=yes exit=0 a0=7 a1=7fff10990e60 a2=7fff10990e10
a3=7fff10990b50 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwiod" exe="/opt/likewise/sbin/lwiod"
subj=system_u:system_r:lwiod_t:s0 key=(null)
type=AVC msg=audit(1328198423.032:4): avc: denied { write } for
pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380
scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198423.032:4): avc: denied { open } for
pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380
scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.032:4): arch=c000003e syscall=2
success=yes exit=3 a0=4081ff a1=241 a2=80 a3=7fff74251280 items=0
ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)
type=AVC msg=audit(1328198424.686:20): avc: denied { write } for
pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=393091
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:netlogond_var_socket_t:s0 tclass=sock_file
type=AVC msg=audit(1328198424.686:20): avc: denied { connectto }
for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond"
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328198424.686:20): arch=c000003e syscall=42
success=yes exit=0 a0=a a1=7fdbec624450 a2=6e a3=10 items=0 ppid=1108
pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/
likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)
type=AVC msg=audit(1328203535.270:20): avc: denied { write } for
pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=394189
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:netlogond_var_socket_t:s0 tclass=sock_file
type=AVC msg=audit(1328203535.270:20): avc: denied { connectto }
for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond"
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328203535.270:20): arch=c000003e syscall=42
success=yes exit=0 a0=a a1=7fa6e0f14450 a2=6e a3=10 items=0 ppid=1108
pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/
likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: likewise-avcs.txt
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20120202/8a5c1deb/attachment-0001.txt>
-------------- next part --------------
More information about the selinux
mailing list