using audit2allow

Jim binarynut at comcast.net
Sat Nov 6 00:52:46 UTC 2010


Fedora 14 /KDE

This is the real Raw Audit Message.

This location that has a bunch of FAQ's which one is for making 
policies,  http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385

Where is there a very good instructions on creating policies.

# audit2allow -w -a node=(removed) type=AVC 
msg=audit(1288923096.835:99): avc:  denied  { write } for  pid=16148 
comm="kdm" name="root" dev=sda1 ino=798 
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir

bash: syntax error near unexpected token `('



This is the second Audit message of the same , SELinux is preventing 
/usr/bin/kdm "write" access on /root


node=(removed) type=SYSCALL msg=audit(1288923096.835:99): arch=40000003 
syscall=5 success=no exit=-13 a0=bfdb0c9b a1=c1 a2=180 a3=1 items=0 
ppid=5003 pid=16148 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 
sgid=0 fsgid=0 tty=(none) ses=7 comm="kdm" exe="/usr/bin/kdm" 
subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)




More information about the users mailing list