Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 147658 Details for
Bug 222498
various AVCs with setroubleshootd
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
Enforcing mode audit log
log-enforcing.txt (text/plain), 14.41 KB, created by
Tom London
on 2007-02-08 15:46:29 UTC
(
hide
)
Description:
Enforcing mode audit log
Filename:
MIME Type:
Creator:
Tom London
Created:
2007-02-08 15:46:29 UTC
Size:
14.41 KB
patch
obsolete
>type=DAEMON_START msg=audit(1170947255.113:8181) auditd start, ver=1.4, format=raw, auid=4294967295 pid=2228 res=success, auditd pid=2228 >type=CONFIG_CHANGE msg=audit(1170947255.213:5): audit_enabled=1 old=0 by auid=4294967295 subj=system_u:system_r:auditd_t:s0 >type=CONFIG_CHANGE msg=audit(1170947255.734:6): audit_backlog_limit=256 old=64 by auid=4294967295 subj=system_u:system_r:auditctl_t:s0 >type=AVC msg=audit(1170947269.965:7): avc: denied { execute } for pid=2415 comm="sh" name="ldconfig" dev=dm-0 ino=11337776 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1170947269.965:7): arch=40000003 syscall=11 success=no exit=-13 a0=8a7fdd8 a1=8a7fe58 a2=8a7f330 a3=0 items=0 ppid=2414 pid=2415 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.002:8): avc: denied { execute } for pid=2415 comm="sh" name="ldconfig" dev=dm-0 ino=11337776 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.002:8): arch=40000003 syscall=33 success=no exit=-13 a0=8a7fdd8 a1=1 a2=11 a3=8a7fdd8 items=0 ppid=2414 pid=2415 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.003:9): avc: denied { read } for pid=2415 comm="sh" name="ldconfig" dev=dm-0 ino=11337776 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.003:9): arch=40000003 syscall=33 success=no exit=-13 a0=8a7fdd8 a1=4 a2=0 a3=8a7fdd8 items=0 ppid=2414 pid=2415 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.109:10): avc: denied { execute_no_trans } for pid=2418 comm="ldd" name="ld-2.5.90.so" dev=dm-0 ino=7209194 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ld_so_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.109:10): arch=40000003 syscall=11 success=no exit=-13 a0=8f82308 a1=8f82988 a2=8f88d48 a3=40 items=0 ppid=2417 pid=2418 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="ldd" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC_PATH msg=audit(1170947270.109:10): path="/lib/ld-2.5.90.so" >type=AVC msg=audit(1170947270.110:11): avc: denied { write } for pid=2331 comm="setroubleshootd" name="tmp" dev=dm-0 ino=2686977 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir >type=SYSCALL msg=audit(1170947270.110:11): arch=40000003 syscall=5 success=no exit=-13 a0=9f10c40 a1=280c2 a2=180 a3=280c2 items=0 ppid=1 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.111:12): avc: denied { write } for pid=2331 comm="setroubleshootd" name="tmp" dev=dm-0 ino=65540 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir >type=SYSCALL msg=audit(1170947270.111:12): arch=40000003 syscall=5 success=no exit=-13 a0=9f19ac0 a1=280c2 a2=180 a3=280c2 items=0 ppid=1 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.153:13): avc: denied { write } for pid=2331 comm="setroubleshootd" name="tmp" dev=dm-0 ino=65540 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir >type=SYSCALL msg=audit(1170947270.153:13): arch=40000003 syscall=5 success=no exit=-13 a0=9f19ac0 a1=280c2 a2=180 a3=280c2 items=0 ppid=1 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.167:14): avc: denied { unlink } for pid=2331 comm="setroubleshootd" name="Sn5U2x" dev=dm-0 ino=98856 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.167:14): arch=40000003 syscall=10 success=no exit=-13 a0=9f10c40 a1=1 a2=4edba0b4 a3=9e1a1b0 items=0 ppid=1 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.172:15): avc: denied { execute } for pid=2420 comm="sh" name="ldconfig" dev=dm-0 ino=11337776 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.172:15): arch=40000003 syscall=11 success=no exit=-13 a0=8443dd8 a1=8443e58 a2=8443330 a3=0 items=0 ppid=2419 pid=2420 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.173:16): avc: denied { execute } for pid=2420 comm="sh" name="ldconfig" dev=dm-0 ino=11337776 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.173:16): arch=40000003 syscall=33 success=no exit=-13 a0=8443dd8 a1=1 a2=11 a3=8443dd8 items=0 ppid=2419 pid=2420 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.173:17): avc: denied { read } for pid=2420 comm="sh" name="ldconfig" dev=dm-0 ino=11337776 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.173:17): arch=40000003 syscall=33 success=no exit=-13 a0=8443dd8 a1=4 a2=0 a3=8443dd8 items=0 ppid=2419 pid=2420 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.186:18): avc: denied { execute_no_trans } for pid=2423 comm="ldd" name="ld-2.5.90.so" dev=dm-0 ino=7209194 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ld_so_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.186:18): arch=40000003 syscall=11 success=no exit=-13 a0=8c8b308 a1=8c8b988 a2=8c91d48 a3=40 items=0 ppid=2422 pid=2423 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="ldd" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC_PATH msg=audit(1170947270.186:18): path="/lib/ld-2.5.90.so" >type=AVC msg=audit(1170947270.188:19): avc: denied { write } for pid=2331 comm="setroubleshootd" name="tmp" dev=dm-0 ino=2686977 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir >type=SYSCALL msg=audit(1170947270.188:19): arch=40000003 syscall=5 success=no exit=-13 a0=9f10110 a1=280c2 a2=180 a3=280c2 items=0 ppid=1 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.188:20): avc: denied { write } for pid=2331 comm="setroubleshootd" name="tmp" dev=dm-0 ino=65540 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir >type=SYSCALL msg=audit(1170947270.188:20): arch=40000003 syscall=5 success=no exit=-13 a0=9f19ac0 a1=280c2 a2=180 a3=280c2 items=0 ppid=1 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.188:21): avc: denied { write } for pid=2331 comm="setroubleshootd" name="tmp" dev=dm-0 ino=65540 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir >type=SYSCALL msg=audit(1170947270.188:21): arch=40000003 syscall=5 success=no exit=-13 a0=9f19ac0 a1=280c2 a2=180 a3=280c2 items=0 ppid=1 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1170947270.189:22): avc: denied { unlink } for pid=2331 comm="setroubleshootd" name="ray6Tc" dev=dm-0 ino=98857 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file >type=SYSCALL msg=audit(1170947270.189:22): arch=40000003 syscall=10 success=no exit=-13 a0=9efb6c8 a1=1 a2=4edba0b4 a3=9e1a1b0 items=0 ppid=1 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=LABEL_LEVEL_CHANGE msg=audit(1170947285.813:23): user pid=2656 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=HP5MP uri=hp:/par/HP_LaserJet_5MP?device=/dev/parport0 banners=none,none range=s0: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1170947285.882:24): user pid=2656 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_LaserJet_1300 uri=hal:///org/freedesktop/Hal/devices/usb_device_3f0_1017_00CNCB954325_if0_printer_noserial banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1170947285.905:25): user pid=2656 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Innopath uri=file:/dev/null banners=none,none range=s0: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1170947285.906:26): user pid=2656 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Local uri=file:/dev/null banners=none,none range=s0: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=AVC msg=audit(1170947292.707:27): avc: denied { getattr } for pid=3031 comm="hald" name="fdi-cache" dev=dm-0 ino=2031634 scontext=system_u:system_r:hald_t:s0 tcontext=user_u:object_r:var_t:s0 tclass=file >type=SYSCALL msg=audit(1170947292.707:27): arch=40000003 syscall=195 success=no exit=-13 a0=807ebef a1=bfde1788 a2=4d489ff4 a3=0 items=0 ppid=3030 pid=3031 auid=4294967295 uid=68 gid=68 euid=68 suid=68 fsuid=68 egid=68 sgid=68 fsgid=68 tty=(none) comm="hald" exe="/usr/sbin/hald" subj=system_u:system_r:hald_t:s0 key=(null) >type=AVC_PATH msg=audit(1170947292.707:27): path="/var/cache/hald/fdi-cache" >type=AVC msg=audit(1170947292.836:28): avc: denied { getattr } for pid=3033 comm="hald-generate-f" name="fdi-cache" dev=dm-0 ino=2031634 scontext=system_u:system_r:hald_t:s0 tcontext=user_u:object_r:var_t:s0 tclass=file >type=SYSCALL msg=audit(1170947292.836:28): arch=40000003 syscall=195 success=no exit=-13 a0=804b266 a1=bfa632d0 a2=4d489ff4 a3=3 items=0 ppid=3032 pid=3033 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hald-generate-f" exe="/usr/libexec/hald-generate-fdi-cache" subj=system_u:system_r:hald_t:s0 key=(null) >type=AVC_PATH msg=audit(1170947292.836:28): path="/var/cache/hald/fdi-cache" >type=USER_ERR msg=audit(1170947296.557:29): user pid=3157 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: bad_ident acct=? : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=? res=failed)' >type=USER_AUTH msg=audit(1170947310.076:30): user pid=3235 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: authentication acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=success)' >type=USER_ACCT msg=audit(1170947310.077:31): user pid=3235 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: accounting acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=success)' >type=CRED_ACQ msg=audit(1170947310.078:32): user pid=3235 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: setcred acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=success)' >type=LOGIN msg=audit(1170947310.080:33): login pid=3235 uid=0 old auid=4294967295 new auid=500 >type=USER_START msg=audit(1170947310.159:34): user pid=3235 uid=0 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: session open acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=success)' >type=USER_LOGIN msg=audit(1170947310.161:35): user pid=3235 uid=0 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/sbin/gdm-binary" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=:0 res=success)' >type=USER_AVC msg=audit(1170947310.307:36): user pid=2493 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.ConsoleKit.Manager member=OpenSessionWithParameters dest=org.freedesktop.ConsoleKit spid=3235 tpid=2766 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:initrc_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)' >type=USER_AUTH msg=audit(1170947372.654:37): user pid=3555 uid=500 auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: authentication acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=USER_ACCT msg=audit(1170947372.655:38): user pid=3555 uid=500 auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: accounting acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=USER_START msg=audit(1170947373.793:39): user pid=3555 uid=500 auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: session open acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=CRED_ACQ msg=audit(1170947373.794:40): user pid=3555 uid=500 auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: setcred acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=147658">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 222498
:
145495
| 147658 |
147659
|
148053
|
148176
|
148200
|
148734