Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 148053 Details for
Bug 222498
various AVCs with setroubleshootd
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
/var/log/audit/audit.log with setroubleshoot AVCs
log-enforcing.txt (text/plain), 10.39 KB, created by
Tom London
on 2007-02-14 15:20:28 UTC
(
hide
)
Description:
/var/log/audit/audit.log with setroubleshoot AVCs
Filename:
MIME Type:
Creator:
Tom London
Created:
2007-02-14 15:20:28 UTC
Size:
10.39 KB
patch
obsolete
>type=DAEMON_START msg=audit(1171466008.769:8817) auditd start, ver=1.4, format=raw, auid=4294967295 pid=2230 res=success, auditd pid=2230 >type=CONFIG_CHANGE msg=audit(1171466008.869:5): audit_enabled=1 old=0 by auid=4294967295 subj=system_u:system_r:auditd_t:s0 >type=CONFIG_CHANGE msg=audit(1171466009.323:6): audit_backlog_limit=256 old=64 by auid=4294967295 subj=system_u:system_r:auditctl_t:s0 >type=AVC msg=audit(1171466024.281:7): avc: denied { execute } for pid=2427 comm="sh" name="ldconfig" dev=dm-0 ino=11337856 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.281:7): arch=40000003 syscall=11 success=no exit=-13 a0=8384dd8 a1=8384e58 a2=8384330 a3=0 items=0 ppid=2426 pid=2427 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1171466024.338:8): avc: denied { execute } for pid=2427 comm="sh" name="ldconfig" dev=dm-0 ino=11337856 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.338:8): arch=40000003 syscall=33 success=no exit=-13 a0=8384dd8 a1=1 a2=11 a3=8384dd8 items=0 ppid=2426 pid=2427 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1171466024.338:9): avc: denied { read } for pid=2427 comm="sh" name="ldconfig" dev=dm-0 ino=11337856 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.338:9): arch=40000003 syscall=33 success=no exit=-13 a0=8384dd8 a1=4 a2=0 a3=8384dd8 items=0 ppid=2426 pid=2427 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1171466024.723:10): avc: denied { execute_no_trans } for pid=2442 comm="ldd" name="ld-2.5.90.so" dev=dm-0 ino=7209143 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ld_so_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.723:10): arch=40000003 syscall=11 success=no exit=-13 a0=9c3b308 a1=9c3b988 a2=9c41d48 a3=40 items=0 ppid=2441 pid=2442 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="ldd" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC_PATH msg=audit(1171466024.723:10): path="/lib/ld-2.5.90.so" >type=AVC msg=audit(1171466024.938:11): avc: denied { unlink } for pid=2333 comm="setroubleshootd" name="FV9mK1" dev=dm-0 ino=99146 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.938:11): arch=40000003 syscall=10 success=no exit=-13 a0=83ffc40 a1=1 a2=367114 a3=83091b0 items=0 ppid=1 pid=2333 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1171466024.947:12): avc: denied { execute } for pid=2455 comm="sh" name="ldconfig" dev=dm-0 ino=11337856 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.947:12): arch=40000003 syscall=11 success=no exit=-13 a0=81e0dd8 a1=81e0e58 a2=81e0330 a3=0 items=0 ppid=2454 pid=2455 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1171466024.948:13): avc: denied { execute } for pid=2455 comm="sh" name="ldconfig" dev=dm-0 ino=11337856 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.948:13): arch=40000003 syscall=33 success=no exit=-13 a0=81e0dd8 a1=1 a2=11 a3=81e0dd8 items=0 ppid=2454 pid=2455 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1171466024.948:14): avc: denied { read } for pid=2455 comm="sh" name="ldconfig" dev=dm-0 ino=11337856 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.948:14): arch=40000003 syscall=33 success=no exit=-13 a0=81e0dd8 a1=4 a2=0 a3=81e0dd8 items=0 ppid=2454 pid=2455 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC msg=audit(1171466024.968:15): avc: denied { execute_no_trans } for pid=2458 comm="ldd" name="ld-2.5.90.so" dev=dm-0 ino=7209143 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:ld_so_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.968:15): arch=40000003 syscall=11 success=no exit=-13 a0=982d308 a1=982d988 a2=9833d48 a3=40 items=0 ppid=2457 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="ldd" exe="/bin/bash" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=AVC_PATH msg=audit(1171466024.968:15): path="/lib/ld-2.5.90.so" >type=AVC msg=audit(1171466024.970:16): avc: denied { unlink } for pid=2333 comm="setroubleshootd" name="n1Fcjv" dev=dm-0 ino=99147 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=file >type=SYSCALL msg=audit(1171466024.970:16): arch=40000003 syscall=10 success=no exit=-13 a0=83ea6c8 a1=1 a2=367114 a3=83091b0 items=0 ppid=1 pid=2333 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) >type=LABEL_LEVEL_CHANGE msg=audit(1171466036.469:17): user pid=2659 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=HP5MP uri=hp:/par/HP_LaserJet_5MP?device=/dev/parport0 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1171466036.553:18): user pid=2659 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_LaserJet_1300 uri=hal:///org/freedesktop/Hal/devices/usb_device_3f0_1017_00CNCB954325_if0_printer_noserial banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1171466036.583:19): user pid=2659 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Innopath uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1171466036.585:20): user pid=2659 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Local uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=USER_ERR msg=audit(1171466049.726:21): user pid=3218 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: bad_ident acct=? : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=? res=failed)' >type=USER_AUTH msg=audit(1171466063.811:22): user pid=3302 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: authentication acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=failed)' >type=USER_LOGIN msg=audit(1171466063.815:23): user pid=3302 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/sbin/gdm-binary" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=:0 res=failed)' >type=USER_AUTH msg=audit(1171466070.332:24): user pid=3302 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: authentication acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=success)' >type=USER_ACCT msg=audit(1171466070.333:25): user pid=3302 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: accounting acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=success)' >type=CRED_ACQ msg=audit(1171466070.334:26): user pid=3302 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: setcred acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=success)' >type=LOGIN msg=audit(1171466070.338:27): login pid=3302 uid=0 old auid=4294967295 new auid=500 >type=USER_START msg=audit(1171466070.368:28): user pid=3302 uid=0 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: session open acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?, terminal=:0 res=success)' >type=USER_LOGIN msg=audit(1171466070.369:29): user pid=3302 uid=0 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/sbin/gdm-binary" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=:0 res=success)' >type=USER_AVC msg=audit(1171466070.791:30): user pid=2496 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.ConsoleKit.Manager member=OpenSessionWithParameters dest=org.freedesktop.ConsoleKit spid=3302 tpid=2769 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:initrc_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)' >type=USER_AUTH msg=audit(1171466145.893:31): user pid=3681 uid=500 auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: authentication acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=USER_ACCT msg=audit(1171466145.894:32): user pid=3681 uid=500 auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: accounting acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=USER_START msg=audit(1171466145.990:33): user pid=3681 uid=500 auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: session open acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=CRED_ACQ msg=audit(1171466145.990:34): user pid=3681 uid=500 auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: setcred acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=148053">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 222498
:
145495
|
147658
|
147659
| 148053 |
148176
|
148200
|
148734