Syslog and Selinux

Bob Chiodini Robert.Chiodini-1 at ksc.nasa.gov
Fri Aug 27 13:28:49 UTC 2004 

Good Morning,

I have not seen anything logged to the syslog (/var/log/messages) since
the 24th.  I did not see anything searching the archives, but the search
might not be working.

 The following error appears trying to start syslogd:

Starting system logger: syslogd: error while loading shared libraries:
libc.so.6: failed to map segment from shared object: Permission denied

at the console:

 audit(1093612883.714:0): avc:  denied  { execute } for  pid=35
82 path=/lib/tls/libc-2.3.3.so dev=hda2 ino=3993575 scontext=root:system_r:syslo
gd_t tcontext=root:object_r:lib_t tclass=file
audit(1093612883.718:0): avc:  denied  { execute } for  pid=3583 path=/lib/tls/l
ibc-2.3.3.so dev=hda2 ino=3993575 scontext=root:system_r:syslogd_t tcontext=root
:object_r:lib_t tclass=file
audit(1093612883.723:0): avc:  denied  { execute } for  pid=3585 path=/lib/tls/l
ibc-2.3.3.so dev=hda2 ino=3993575 scontext=root:system_r:syslogd_t tcontext=root
:object_r:lib_t tclass=file

FYI:  Pid 35 is pdflush

I also noticed that portmapper gets a similar error:

Starting portmap: portmap: error while loading shared libraries:
libnsl.so.1: failed to map segment from shared object: Permission denied

at the console:

service portmap restart
Stopping portmap: audit(1093613082.145:0): avc:  denied  { execute } for  pid=36
11 path=/lib/tls/libc-2.3.3.so dev=hda2 ino=3993575 scontext=root:system_r:syslo
gd_t tcontext=root:object_r:lib_t tclass=file
                                                           [FAILED]
Starting portmap: audit(1093613082.155:0): avc:  denied  { read write } for  pid
=3615 exe=/sbin/portmap path=/dev/tty1 dev=hda2 ino=4115095 scontext=root:system
_r:portmap_t tcontext=root:object_r:tty_device_t tclass=chr_file
audit(1093613082.155:0): avc:  denied  { execute } for  pid=3615 path=/lib/libns
l-2.3.3.so dev=hda2 ino=3993654 scontext=root:system_r:portmap_t tcontext=root:o
bject_r:lib_t tclass=file
audit(1093613082.159:0): avc:  denied  { execute } for  pid=3616 path=/lib/tls/l
ibc-2.3.3.so dev=hda2 ino=3993575 scontext=root:system_r:syslogd_t tcontext=root
:object_r:lib_t tclass=file
portmap: error while loading shared libraries: libnsl.so.1: failed to map segmen
t from shared object: Permission denied
audit(1093613082.163:0): avc:  denied  { execute } for  pid=3618 path=/lib/tls/l
ibc-2.3.3.so dev=hda2 ino=3993575 scontext=root:system_r:syslogd_t tcontext=root
:object_r:lib_t tclass=file
                                                           [FAILED]
In this instance pid 36 is pdflush.

Any help would be appreciated.

Bob...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/test/attachments/20040827/40b01aad/attachment.bin

More information about the test mailing list