strange messages to root, possibly SA related?
Gene Heskett
gene.heskett at verizon.net
Tue Nov 14 11:59:34 UTC 2006
On Tuesday 14 November 2006 06:19, Paul Howarth wrote:
>Gene Heskett wrote:
>> Greetings;
>>
>> My logs now contain megabytes of selinux spew. I've disabled it for
>> the time being, and have forgotten how one goes about having it
>> regenerate its 'this is ok' list, can someone refresh me on that?
>
>Could you post a few samples of this spew?
>
>Paul.
Sure, its quiet now since I've disabled it, but before I did, I had this
on an every 90 second or so basis:
============================================
Nov 11 01:54:52 coyote kernel: audit(1163228092.870:182): avc: denied {
getattr } for pid=4236 comm="fetchmail" name=".fetchmailrc" dev=dm-0
ino=29032467 scontext=syste
m_u:system_r:fetchmail_t:s0 tcontext=root:object_r:user_home_t:s0
tclass=file
Nov 11 01:54:54 coyote kernel: audit(1163228094.106:183): avc: denied {
ioctl } for pid=5633 comm="sh" name="[22634]" dev=pipefs ino=22634
scontext=system_u:system_r:fe
tchmail_t:s0 tcontext=system_u:system_r:fetchmail_t:s0 tclass=fifo_file
Nov 11 01:54:54 coyote kernel: audit(1163228094.106:184): avc: denied {
search } for pid=5633 comm="sh" name="sbin" dev=dm-0 ino=36864001
scontext=system_u:system_r:fet
chmail_t:s0 tcontext=system_u:object_r:sbin_t:s0 tclass=dir
Nov 11 01:54:54 coyote kernel: audit(1163228094.114:185): avc: denied {
getattr } for pid=4236 comm="fetchmail" name="[22634]" dev=pipefs
ino=22634 scontext=system_u:sy
stem_r:fetchmail_t:s0 tcontext=system_u:system_r:fetchmail_t:s0
tclass=fifo_file
Nov 11 01:54:54 coyote kernel: audit(1163228094.114:186): avc: denied {
write } for pid=4236 comm="fetchmail" name="[22634]" dev=pipefs
ino=22634 scontext=system_u:syst
em_r:fetchmail_t:s0 tcontext=system_u:system_r:fetchmail_t:s0
tclass=fifo_file
Nov 11 01:54:54 coyote kernel: audit(1163228094.114:187): avc: denied {
read } for pid=5633 comm="procmail" name="[22634]" dev=pipefs ino=22634
scontext=system_u:system
_r:fetchmail_t:s0 tcontext=system_u:system_r:fetchmail_t:s0
tclass=fifo_file
Nov 11 01:54:54 coyote kernel: audit(1163228094.114:188): avc: denied {
read } for pid=5633 comm="procmail" name=".procmailrc" dev=dm-0
ino=29032466 scontext=system_u:s
ystem_r:fetchmail_t:s0 tcontext=root:object_r:user_home_t:s0 tclass=file
Nov 11 01:54:54 coyote kernel: audit(1163228094.126:189): avc: denied {
getattr } for pid=5639 comm="bash" name="formail" dev=dm-0 ino=6925589
scontext=system_u:system_
r:fetchmail_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
Nov 11 01:54:54 coyote kernel: audit(1163228094.134:190): avc: denied {
search } for pid=5643 comm="spamc" name="mail" dev=dm-0 ino=24609414
scontext=system_u:system_r:
fetchmail_t:s0 tcontext=system_u:object_r:etc_mail_t:s0 tclass=dir
Nov 11 02:10:53 coyote ntpd[2917]: synchronized to LOCAL(0), stratum 10
Nov 11 02:19:31 coyote ntpd[2917]: synchronized to 193.11.184.180, stratum
2
Nov 11 02:19:35 coyote kernel: audit(1163229575.203:191): avc: denied {
execute } for pid=5769 comm="procmail" name="spamc" dev=dm-0 ino=6935366
scontext=system_u:syste
m_r:fetchmail_t:s0 tcontext=system_u:object_r:spamc_exec_t:s0 tclass=file
Nov 11 02:19:35 coyote kernel: audit(1163229575.203:192): avc: denied {
execute_no_trans } for pid=5769 comm="procmail" name="spamc" dev=dm-0
ino=6935366 scontext=syste
m_u:system_r:fetchmail_t:s0 tcontext=system_u:object_r:spamc_exec_t:s0
tclass=file
Nov 11 02:19:35 coyote kernel: audit(1163229575.203:193): avc: denied {
read } for pid=5769 comm="procmail" name="spamc" dev=dm-0 ino=6935366
scontext=system_u:system_r
:fetchmail_t:s0 tcontext=system_u:object_r:spamc_exec_t:s0 tclass=file
Nov 11 03:01:03 coyote kernel: audit(1163232063.108:194): avc: denied {
append } for pid=4236 comm="fetchmail" name="fetchmail.log" dev=dm-0
ino=19170983 scontext=syste
m_u:system_r:fetchmail_t:s0 tcontext=root:object_r:var_log_t:s0
tclass=file
Nov 11 03:01:04 coyote kernel: audit(1163232064.500:195): avc: denied {
read } for pid=5923 comm="fetchmail" name="sh" dev=dm-0 ino=33128453
scontext=system_u:system_r:
fetchmail_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file
Nov 11 03:01:04 coyote kernel: audit(1163232064.504:196): avc: denied {
execute } for pid=5923 comm="sh" name="procmail" dev=dm-0 ino=6933056
scontext=system_u:system_r
:fetchmail_t:s0 tcontext=system_u:object_r:procmail_exec_t:s0 tclass=file
Nov 11 03:01:04 coyote kernel: audit(1163232064.504:197): avc: denied {
execute_no_trans } for pid=5923 comm="sh" name="procmail" dev=dm-0
ino=6933056 scontext=system_u
:system_r:fetchmail_t:s0 tcontext=system_u:object_r:procmail_exec_t:s0
tclass=file
Nov 11 03:01:04 coyote kernel: audit(1163232064.504:198): avc: denied {
read } for pid=5923 comm="sh" name="procmail" dev=dm-0 ino=6933056
scontext=system_u:system_r:fe
tchmail_t:s0 tcontext=system_u:object_r:procmail_exec_t:s0 tclass=file
Nov 11 03:01:04 coyote kernel: audit(1163232064.508:199): avc: denied {
send_msg } for pid=5927 comm="spamc" saddr=127.0.0.1 src=43491
daddr=127.0.0.1 dest=783 netif=lo
scontext=system_u:system_r:fetchmail_t:s0
tcontext=system_u:object_r:spamd_port_t:s0 tclass=tcp_socket
Nov 11 03:01:04 coyote kernel: audit(1163232064.508:200): avc: denied {
recv_msg } for pid=5927 comm="spamc" saddr=127.0.0.1 src=783
daddr=127.0.0.1 dest=43491 netif=lo
scontext=system_u:system_r:fetchmail_t:s0
tcontext=system_u:object_r:spamd_port_t:s0 tclass=tcp_socket
Nov 11 03:06:06 coyote kernel: audit(1163232366.401:201): avc: denied {
create } for pid=5967 comm="procmail"
name="_PdB.uRYVFB.coyote.coyote.den" scontext=system_u:sys
================================================= etc etc
And also, megabytes of this:
====================================================
Nov 11 16:36:46 coyote kernel: floppy driver state
Nov 11 16:36:46 coyote kernel: -------------------
Nov 11 16:36:46 coyote kernel: now=14338769 last interrupt=14337784
diff=985 last called handler=ef600df1
Nov 11 16:36:46 coyote kernel: timeout_message=floppy start
Nov 11 16:36:46 coyote kernel: last output bytes:
Nov 11 16:36:46 coyote kernel: 0 90 14337784
Nov 11 16:36:46 coyote kernel: 13 90 14337784
Nov 11 16:36:46 coyote kernel: 0 90 14337784
Nov 11 16:36:46 coyote kernel: 1a 90 14337784
Nov 11 16:36:46 coyote kernel: 0 90 14337784
Nov 11 16:36:46 coyote kernel: 3 90 14337784
Nov 11 16:36:46 coyote kernel: c1 90 14337784
Nov 11 16:36:46 coyote kernel: 9 90 14337784
Nov 11 16:36:46 coyote kernel: 7 80 14337784
Nov 11 16:36:46 coyote kernel: 1 90 14337784
Nov 11 16:36:46 coyote kernel: 8 82 14337784
Nov 11 16:36:46 coyote kernel: e6 80 14338024
Nov 11 16:36:46 coyote kernel: 1 90 14338024
Nov 11 16:36:46 coyote kernel: 0 90 14338024
Nov 11 16:36:46 coyote kernel: 0 90 14338024
Nov 11 16:36:46 coyote kernel: 1 90 14338024
Nov 11 16:36:46 coyote kernel: 2 90 14338024
Nov 11 16:36:46 coyote kernel: 9 90 14338024
Nov 11 16:36:46 coyote kernel: 2a 90 14338024
Nov 11 16:36:46 coyote kernel: ff 90 14338024
Nov 11 16:36:46 coyote kernel: last result at 14337784
Nov 11 16:36:46 coyote kernel: last redo_fd_request at 14337779
Nov 11 16:36:46 coyote kernel: 21 0
Nov 11 16:36:46 coyote kernel: status=70
Nov 11 16:36:46 coyote kernel: fdc_busy=1
Nov 11 16:36:46 coyote kernel: do_floppy=ef5fd3d9
Nov 11 16:36:46 coyote kernel: fd_timer.function=ef5fdfa3
Nov 11 16:36:46 coyote kernel: cont=ef606c34
Nov 11 16:36:46 coyote kernel: current_req=c7346684
Nov 11 16:36:46 coyote kernel: command_status=-1
Nov 11 16:36:46 coyote kernel:
Nov 11 16:36:46 coyote kernel: floppy1: floppy timeout called
Nov 11 16:36:46 coyote kernel: end_request: I/O error, dev fd1, sector 0
Nov 11 16:36:49 coyote kernel:
Nov 11 16:36:49 coyote kernel: floppy driver state
Nov 11 16:36:49 coyote kernel: -------------------
Nov 11 16:36:49 coyote kernel: now=14339519 last interrupt=14338770
diff=749 last called handler=ef600df1
Nov 11 16:36:49 coyote kernel: timeout_message=floppy start
Nov 11 16:36:49 coyote kernel: last output bytes:
Nov 11 16:36:49 coyote kernel: 0 90 14338769
Nov 11 16:36:49 coyote kernel: 13 90 14338769
Nov 11 16:36:49 coyote kernel: 0 90 14338769
Nov 11 16:36:49 coyote kernel: 1a 90 14338769
Nov 11 16:36:49 coyote kernel: 0 90 14338769
Nov 11 16:36:49 coyote kernel: 3 90 14338769
Nov 11 16:36:49 coyote kernel: c1 90 14338769
Nov 11 16:36:49 coyote kernel: 9 90 14338769
=======================================
There is no disk in either floppy, hasn't been in weeks
and these too:
========================================
Nov 9 09:23:43 coyote gdm[3768]: GDM already running. Aborting!
Nov 9 09:23:43 coyote pcscd: winscard.c:219:SCardConnect() Reader E-Gate
0 0 Not Found
Nov 9 09:23:43 coyote last message repeated 9 times
Nov 9 09:23:43 coyote gdm[3811]: GDM already running. Aborting!
Nov 9 09:23:43 coyote gdm[3867]: GDM already running. Aborting!
Nov 9 09:23:43 coyote gdm[3904]: GDM already running. Aborting!
Nov 9 09:23:43 coyote gdm[3939]: GDM already running. Aborting!
Nov 9 09:23:43 coyote gdm[3974]: GDM already running. Aborting!
Nov 9 09:23:43 coyote gdm[4009]: GDM already running. Aborting!
Nov 9 09:23:44 coyote gdm[4044]: GDM already running. Aborting!
Nov 9 09:23:44 coyote gdm[4079]: GDM already running. Aborting!
Nov 9 09:23:44 coyote gdm[4114]: GDM already running. Aborting!
Nov 9 09:23:44 coyote kernel: agpgart: Found an AGP 3.0 compliant device
at 0000:00:00.0.
Nov 9 09:23:44 coyote kernel: agpgart: Putting AGP V3 device at
0000:00:00.0 into 4x mode
Nov 9 09:23:44 coyote kernel: agpgart: Putting AGP V3 device at
0000:02:00.0 into 4x mode
Nov 9 09:23:44 coyote gdm[4149]: GDM already running. Aborting!
Nov 9 09:23:45 coyote gdm[4184]: GDM already running. Aborting!
Nov 9 09:23:45 coyote gdm[4219]: GDM already running. Aborting!
Nov 9 09:23:45 coyote kernel: [drm] Setting GART location based on new
memory map
Nov 9 09:23:45 coyote kernel: [drm] Loading R200 Microcode
Nov 9 09:23:45 coyote kernel: [drm] writeback test succeeded in 1 usecs
Nov 9 09:23:45 coyote gdm[4254]: GDM already running. Aborting!
Nov 9 09:23:45 coyote gdm[4290]: GDM already running. Aborting!
Nov 9 09:23:45 coyote gdm[4325]: GDM already running. Aborting!
Nov 9 09:23:45 coyote gdm[4360]: GDM already running. Aborting!
Nov 9 09:23:45 coyote gdm[4395]: GDM already running. Aborting!
Nov 9 09:23:45 coyote gdm[4430]: GDM already running. Aborting!
Nov 9 09:23:45 coyote gdm[4465]: GDM already running. Aborting!
Nov 9 09:23:46 coyote gdm[4500]: GDM already running. Aborting!
Nov 9 09:23:46 coyote gdm[4535]: GDM already running. Aborting!
Nov 9 09:23:46 coyote gdm[4570]: GDM already running. Aborting!
Nov 9 09:23:46 coyote gdm[4605]: GDM already running. Aborting!
Nov 9 09:23:46 coyote gdm[4640]: GDM already running. Aborting!
Nov 9 09:23:46 coyote gdm[4675]: GDM already running. Aborting!
Nov 9 09:23:46 coyote gdm[4710]: GDM already running. Aborting!
Nov 9 09:23:46 coyote gdm[4745]: GDM already running. Aborting!
Nov 9 09:23:47 coyote gdm[4780]: GDM already running. Aborting!
Nov 9 09:23:47 coyote gdm[4815]: GDM already running. Aborting!
Nov 9 09:23:47 coyote gdm[4850]: GDM already running. Aborting!
Nov 9 09:23:47 coyote gdm[4885]: GDM already running. Aborting!
Nov 9 09:23:47 coyote gdm[4920]: GDM already running. Aborting!
Nov 9 09:23:47 coyote gdm[4955]: GDM already running. Aborting!
Nov 9 09:23:47 coyote gdm[4991]: GDM already running. Aborting!
Nov 9 09:23:48 coyote gdm[5035]: GDM already running. Aborting!
Nov 9 09:23:48 coyote gdm[5070]: GDM already running. Aborting!
Nov 9 09:23:49 coyote gdm[5105]: GDM already running. Aborting!
Nov 9 09:23:49 coyote gdm[5140]: GDM already running. Aborting!
Nov 9 09:23:49 coyote gdm[5175]: GDM already running. Aborting!
Nov 9 09:23:49 coyote gdm[5210]: GDM already running. Aborting!
Nov 9 09:23:49 coyote gdm[5245]: GDM already running. Aborting!
Nov 9 09:23:49 coyote gdm[5280]: GDM already running. Aborting!
Nov 9 09:23:49 coyote gdm[5315]: GDM already
running. Aborting!
Nov 9 09:23:49 coyote gdm[5350]: GDM already running. Aborting!
Nov 9 09:23:49 coyote gdm[5385]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5420]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5455]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5490]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5525]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5560]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5595]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5630]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5665]: GDM already running. Aborting!
Nov 9 09:23:50 coyote gdm[5700]: GDM already running. Aborting!
Nov 9 09:23:51 coyote gdm[5735]: GDM already running. Aborting!
Nov 9 09:23:51 coyote gdm[5770]: GDM already running. Aborting!
Nov 9 09:23:51 coyote gdm[5805]: GDM already running. Aborting!
Nov 9 09:23:51 coyote gdm[5840]: GDM already running. Aborting!
Nov 9 09:23:51 coyote gdm[5875]: GDM already running. Aborting!
Nov 9 09:23:51 coyote gdm[5910]: GDM already running. Aborting!
Nov 9 09:23:51 coyote gdm[5945]: GDM already running. Aborting!
Nov 9 09:23:51 coyote gdm[5980]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6015]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6050]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6085]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6120]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6155]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6190]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6225]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6260]: GDM already running. Aborting!
Nov 9 09:23:52 coyote gdm[6295]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6330]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6365]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6400]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6435]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6470]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6505]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6540]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6575]: GDM already running. Aborting!
Nov 9 09:23:53 coyote gdm[6610]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6645]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6680]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6715]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6750]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6785]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6820]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6855]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6890]: GDM already running. Aborting!
Nov 9 09:23:54 coyote gdm[6925]: GDM already running. Aborting!
Nov 9 09:23:55 coyote gdm[6960]: GDM already running. Aborting!
Nov 9 09:23:55 coyote gdm[6995]: GDM already running. Aborting!
Nov 9 09:23:55 coyote gdm[7030]: GDM already running. Aborting!
Nov 9 09:23:55 coyote gdm[7065]: GDM already running. Aborting!
Nov 9 09:23:55 coyote gdm[7100]: GDM already running. Aborting!
========================================
A newer kernel was installed by yumex last night and I'll reboot to it
sometime this morning. Where do I find the proceedure to re-enable it
after touching some file in / so it resets things properly?
Thanks.
--
Cheers, Gene
More information about the users
mailing list