Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 1982118 Details for
Bug 2229722
SELinux policy blocks FDO servers and FDO client
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh89 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
FDO client avc log
fdo_client_avc.log (text/plain), 366.48 KB, created by
Xiaofeng Wang
on 2023-08-07 13:01:36 UTC
(
hide
)
Description:
FDO client avc log
Filename:
MIME Type:
Creator:
Xiaofeng Wang
Created:
2023-08-07 13:01:36 UTC
Size:
366.48 KB
patch
obsolete
>type=PROCTITLE msg=audit(08/07/23 07:58:01.232:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.232:51) : arch=x86_64 syscall=statx success=yes exit=0 a0=0xffffff9c a1=0x7ffcb2cd7930 a2=0x0 a3=0xfff items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.232:51) : avc: denied { getattr } for pid=1273 comm=fdo-client-linu path=/boot/device-credentials dev="vda3" ino=136 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.233:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.233:52) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffcb2cd7880 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.233:52) : avc: denied { open } for pid=1273 comm=fdo-client-linu path=/boot/device-credentials dev="vda3" ino=136 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.233:52) : avc: denied { read } for pid=1273 comm=fdo-client-linu name=device-credentials dev="vda3" ino=136 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.365:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 07:58:01.365:53) : item=3 name=(null) inode=17528937 dev=fd:01 mode=file,644 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.365:53) : item=2 name=(null) inode=17524694 dev=fd:01 mode=dir,750 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.365:53) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.365:53) : item=0 name=(null) inode=17524694 dev=fd:01 mode=dir,750 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.365:53) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:01.365:53) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffcb2cd5ff8 a2=O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC a3=0x1b6 items=4 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.365:53) : avc: denied { write } for pid=1273 comm=fdo-client-linu path=/etc/sudoers.d/fdouser dev="dm-1" ino=17528937 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.365:53) : avc: denied { create } for pid=1273 comm=fdo-client-linu name=fdouser scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.365:53) : avc: denied { add_name } for pid=1273 comm=fdo-client-linu name=fdouser scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.365:53) : avc: denied { write } for pid=1273 comm=fdo-client-linu name=sudoers.d dev="dm-1" ino=17524694 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.365:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.365:54) : arch=x86_64 syscall=fchmod success=yes exit=0 a0=0xa a1=0600 a2=0x0 a3=0x1b6 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.365:54) : avc: denied { setattr } for pid=1273 comm=fdo-client-linu name=fdouser dev="dm-1" ino=17528937 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.371:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.371:55) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x555d3d794e20 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.371:55) : avc: denied { open } for pid=1273 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=232 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.371:55) : avc: denied { read } for pid=1273 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=232 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.371:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.371:56) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xa a1=0x7fc1fbd02f35 a2=0x7ffcb2cd5cd0 a3=0x1000 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.371:56) : avc: denied { getattr } for pid=1273 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=232 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.371:57) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.371:57) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xa a1=0x1268 a2=0x7ffcb2cd5c5c a3=0x1000 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.371:57) : avc: denied { ioctl } for pid=1273 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=232 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.371:58) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.371:58) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xa a1=0x7ffcb2cd5c30 a2=0x7fc1fbcff4a4 a3=0x1000 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.371:58) : avc: denied { getattr } for pid=1273 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.371:59) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.371:59) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7fc1fc473037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.371:59) : avc: denied { open } for pid=1273 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.371:59) : avc: denied { read } for pid=1273 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.372:60) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 07:58:01.372:60) : item=3 name=(null) inode=1247 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.372:60) : item=2 name=(null) inode=95 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.372:60) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.372:60) : item=0 name=(null) inode=95 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.372:60) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:01.372:60) : arch=x86_64 syscall=openat success=yes exit=13 a0=0xe a1=0x7ffcb2cd4940 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.372:60) : avc: denied { read write open } for pid=1273 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.372:60) : avc: denied { create } for pid=1273 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.372:60) : avc: denied { add_name } for pid=1273 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.372:60) : avc: denied { write } for pid=1273 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=95 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.372:61) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.372:61) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xd a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.372:61) : avc: denied { lock } for pid=1273 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.372:62) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.372:62) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xd a1=0x7fc1fbd02f35 a2=0x7ffcb2cd48d0 a3=0x1000 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.372:62) : avc: denied { getattr } for pid=1273 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.374:63) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:01.374:63) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffcb2cd49c0 a1=0x7ffcb2cd49c0 a2=0x7ffcb2cd48a0 a3=0x0 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.374:63) : avc: denied { unlink } for pid=1273 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.374:63) : avc: denied { remove_name } for pid=1273 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.374:64) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 1 > type=PATH msg=audit(08/07/23 07:58:01.374:64) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.374:64) : item=0 name=/usr/bin/bash inode=8392074 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.374:64) : cwd=/ > type=EXECVE msg=audit(08/07/23 07:58:01.374:64) : argc=9 a0=/usr/bin/bash a1=-e a2=/usr/bin/clevis a3=luks a4=pass a5=-d a6=/dev/vda4 a7=-s a8=1 > type=SYSCALL msg=audit(08/07/23 07:58:01.374:64) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7fc1fb52ddc0 a1=0x555d3d7b7100 a2=0x555d3d65eb50 a3=0x8 items=2 ppid=1273 pid=1304 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.374:64) : avc: denied { map } for pid=1304 comm=clevis path=/usr/bin/bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.374:64) : avc: denied { execute } for pid=1304 comm=fdo-client-linu name=bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.374:64) : avc: denied { execute_no_trans } for pid=1304 comm=fdo-client-linu path=/usr/bin/clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.374:64) : avc: denied { execute } for pid=1304 comm=fdo-client-linu name=clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.377:65) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 1 > type=SYSCALL msg=audit(08/07/23 07:58:01.377:65) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7f5ab3c60e17 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1273 pid=1304 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.377:65) : avc: denied { open } for pid=1304 comm=clevis path=/etc/passwd dev="dm-1" ino=639123 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.377:65) : avc: denied { read } for pid=1304 comm=clevis name=passwd dev="dm-1" ino=639123 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.377:66) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 1 > type=SYSCALL msg=audit(08/07/23 07:58:01.377:66) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x3 a1=0x7f5ab3c5cf35 a2=0x7ffcebc2b9c0 a3=0x1000 items=0 ppid=1273 pid=1304 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.377:66) : avc: denied { getattr } for pid=1304 comm=clevis path=/etc/passwd dev="dm-1" ino=639123 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.386:67) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 1 > type=SYSCALL msg=audit(08/07/23 07:58:01.386:67) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x564e09d7c590 a2=0x7fff99ffde70 a3=0x0 items=0 ppid=1304 pid=1307 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.386:67) : avc: denied { getattr } for pid=1307 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.386:68) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 1 > type=SYSCALL msg=audit(08/07/23 07:58:01.386:68) : arch=x86_64 syscall=access success=yes exit=0 a0=0x564e09d7c590 a1=X_OK a2=0x7fff99ffdd90 a3=0x0 items=0 ppid=1304 pid=1307 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.386:68) : avc: denied { execute } for pid=1307 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.387:69) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 1 > type=SYSCALL msg=audit(08/07/23 07:58:01.387:69) : arch=x86_64 syscall=access success=yes exit=0 a0=0x564e09d7c590 a1=R_OK a2=0x7fff99ffdd90 a3=0x0 items=0 ppid=1304 pid=1307 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.387:69) : avc: denied { read } for pid=1307 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.387:70) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=PATH msg=audit(08/07/23 07:58:01.387:70) : item=0 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.387:70) : cwd=/ > type=EXECVE msg=audit(08/07/23 07:58:01.387:70) : argc=5 a0=cryptsetup a1=isLuks a2=--type a3=luks1 a4=/dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.387:70) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x564e09d7c590 a1=0x564e09d7c700 a2=0x564e09d71730 a3=0x564e09d7cdd0 items=1 ppid=1307 pid=1308 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.387:70) : avc: denied { map } for pid=1308 comm=cryptsetup path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.387:70) : avc: denied { execute_no_trans } for pid=1308 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.387:70) : avc: denied { open } for pid=1308 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.396:71) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.396:71) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0x3 a1=0x7ffe2a2e9760 a2=0x7f7e8675a4a4 a3=0x1000 items=0 ppid=1307 pid=1308 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.396:71) : avc: denied { getattr } for pid=1308 comm=cryptsetup name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.408:72) : proctitle=sed -rn s|^\s+([0-9]+): clevis|\1|p > type=EXECVE msg=audit(08/07/23 07:58:01.408:72) : argc=3 a0=sed a1=-rn a2=s|^\s+([0-9]+): clevis|\1|p > type=SYSCALL msg=audit(08/07/23 07:58:01.408:72) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x564e09e08590 a1=0x564e09e09540 a2=0x564e09e09570 a3=0x8 items=0 ppid=1311 pid=1315 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=sed exe=/usr/bin/sed subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.408:72) : avc: denied { map } for pid=1315 comm=sed path=/usr/bin/sed dev="dm-1" ino=25531310 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.442:73) : proctitle=jose fmt -j- -Og jwe -o- > type=EXECVE msg=audit(08/07/23 07:58:01.442:73) : argc=6 a0=jose a1=fmt a2=-j- a3=-Og a4=jwe a5=-o- > type=SYSCALL msg=audit(08/07/23 07:58:01.442:73) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x564e09d7c820 a1=0x564e09d76fe0 a2=0x564e09e0a250 a3=0x8c2e5f44 items=0 ppid=1319 pid=1320 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=jose exe=/usr/bin/jose subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.442:73) : avc: denied { execute } for pid=1320 comm=jose path=/usr/bin/jose dev="dm-1" ino=16919866 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.442:73) : avc: denied { map } for pid=1320 comm=jose path=/usr/bin/jose dev="dm-1" ino=16919866 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.452:74) : proctitle=jose jwe fmt -i- -c > type=PATH msg=audit(08/07/23 07:58:01.452:74) : item=0 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.452:74) : cwd=/ > type=EXECVE msg=audit(08/07/23 07:58:01.452:74) : argc=5 a0=jose a1=jwe a2=fmt a3=-i- a4=-c > type=SYSCALL msg=audit(08/07/23 07:58:01.452:74) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x564e09e07ba0 a1=0x564e09d76fe0 a2=0x564e09e0a1d0 a3=0x8 items=1 ppid=1319 pid=1321 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=jose exe=/usr/bin/jose subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.452:74) : avc: denied { execute_no_trans } for pid=1321 comm=clevis-luks-pas path=/usr/bin/jose dev="dm-1" ino=16919866 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.508:75) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=PATH msg=audit(08/07/23 07:58:01.508:75) : item=3 name=(null) inode=1258 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.508:75) : item=2 name=(null) inode=95 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.508:75) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.508:75) : item=0 name=(null) inode=95 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.508:75) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:01.508:75) : arch=x86_64 syscall=openat success=yes exit=6 a0=0x7 a1=0x7ffdf173f070 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.508:75) : avc: denied { read write open } for pid=1344 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1258 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.508:75) : avc: denied { create } for pid=1344 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.508:76) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.508:76) : arch=x86_64 syscall=flock success=yes exit=0 a0=0x6 a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.508:76) : avc: denied { lock } for pid=1344 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1258 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.508:77) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.508:77) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x6 a1=0x7f7369b12f35 a2=0x7ffdf173f000 a3=0x1000 items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.508:77) : avc: denied { getattr } for pid=1344 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1258 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.510:78) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.510:78) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffdf173f0f0 a1=0x7ffdf173f0f0 a2=0x7ffdf173efd0 a3=0x0 items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.510:78) : avc: denied { unlink } for pid=1344 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1258 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.531:80) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.531:80) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffdf173f240 a2=0x7ffdf173f160 a3=0x0 items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.531:80) : avc: denied { getattr } for pid=1344 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.532:81) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.532:81) : arch=x86_64 syscall=openat success=yes exit=6 a0=AT_FDCWD a1=0x7ffdf173f240 a2=O_RDWR a3=0x0 items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.532:81) : avc: denied { open } for pid=1344 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.532:81) : avc: denied { read write } for pid=1344 comm=cryptsetup name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.532:82) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.532:82) : arch=x86_64 syscall=openat success=yes exit=7 a0=AT_FDCWD a1=0x7f73699457c2 a2=O_RDONLY a3=0x0 items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.532:82) : avc: denied { open } for pid=1344 comm=cryptsetup path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.532:82) : avc: denied { read } for pid=1344 comm=cryptsetup name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.532:83) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.532:83) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x7 a1=0x7f7369b12f35 a2=0x7ffdf173ef00 a3=0x1000 items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.532:83) : avc: denied { getattr } for pid=1344 comm=cryptsetup path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.532:84) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.532:84) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x6 a1=0xc138fd00 a2=0x559569133a70 a3=0x7ffdf173ddd2 items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.532:84) : avc: denied { ioctl } for pid=1344 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd00 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.532:85) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.532:85) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffdf17404c0 items=0 ppid=1304 pid=1344 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.532:85) : avc: denied { ipc_info } for pid=1344 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.557:86) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.557:86) : arch=x86_64 syscall=openat success=yes exit=4 a0=AT_FDCWD a1=0x7fec709dc037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1377 pid=1378 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.557:86) : avc: denied { open } for pid=1378 comm=cryptsetup path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.557:86) : avc: denied { read } for pid=1378 comm=cryptsetup name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.646:90) : proctitle=clevis-pin-tpm2 encrypt {} > type=SYSCALL msg=audit(08/07/23 07:58:01.646:90) : arch=x86_64 syscall=statx success=yes exit=0 a0=0xffffff9c a1=0x558156bf0c00 a2=0x0 a3=0xfff items=0 ppid=1444 pid=1446 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.646:90) : avc: denied { getattr } for pid=1446 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.650:91) : proctitle=clevis-pin-tpm2 encrypt {} > type=SYSCALL msg=audit(08/07/23 07:58:01.650:91) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7ffd9b7795f0 a2=O_RDWR|O_NONBLOCK a3=0x0 items=0 ppid=1444 pid=1446 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.650:91) : avc: denied { open } for pid=1446 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.650:91) : avc: denied { read write } for pid=1446 comm=clevis-pin-tpm2 name=tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.650:91) : avc: denied { dac_override } for pid=1446 comm=clevis-pin-tpm2 capability=dac_override scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.786:93) : proctitle=mktemp -d > type=PATH msg=audit(08/07/23 07:58:01.786:93) : item=1 name=(null) inode=639161 dev=fd:01 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:tmp_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.786:93) : item=0 name=(null) inode=17525388 dev=fd:01 mode=dir,sticky,777 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:tmp_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.786:93) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:01.786:93) : arch=x86_64 syscall=mkdir success=yes exit=0 a0=0x55582d37bb90 a1=0700 a2=0x6 a3=0xf61e20b285fb9ace items=2 ppid=1361 pid=1571 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=mktemp exe=/usr/bin/mktemp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.786:93) : avc: denied { create } for pid=1571 comm=mktemp name=tmp.PWtqsqTXjO scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.786:93) : avc: denied { add_name } for pid=1571 comm=mktemp name=tmp.PWtqsqTXjO scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.786:93) : avc: denied { write } for pid=1571 comm=mktemp name=tmp dev="dm-1" ino=17525388 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.786:94) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-bind -d /dev/vda4 tpm2 {} -y -k - > type=PATH msg=audit(08/07/23 07:58:01.786:94) : item=3 name=(null) inode=639162 dev=fd:01 mode=file,644 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:tmp_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.786:94) : item=2 name=(null) inode=639161 dev=fd:01 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:tmp_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.786:94) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.786:94) : item=0 name=(null) inode=639161 dev=fd:01 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:tmp_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.786:94) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:01.786:94) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x55ee27cc27c0 a2=O_WRONLY|O_CREAT|O_TRUNC a3=0x1b6 items=4 ppid=1273 pid=1361 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-bin exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.786:94) : avc: denied { write open } for pid=1361 comm=clevis-luks-bin path=/tmp/tmp.PWtqsqTXjO/device dev="dm-1" ino=639162 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.786:94) : avc: denied { create } for pid=1361 comm=clevis-luks-bin name=device scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.820:95) : proctitle=cryptsetup luksHeaderBackup /dev/vda4 --batch-mode --header-backup-file /tmp/tmp.PWtqsqTXjO/vda4.header > type=PATH msg=audit(08/07/23 07:58:01.820:95) : item=3 name=(null) inode=639163 dev=fd:01 mode=file,400 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:tmp_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.820:95) : item=2 name=(null) inode=639161 dev=fd:01 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:tmp_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.820:95) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:01.820:95) : item=0 name=(null) inode=639161 dev=fd:01 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:tmp_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:01.820:95) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:01.820:95) : arch=x86_64 syscall=openat success=yes exit=6 a0=AT_FDCWD a1=0x564b12b60250 a2=O_WRONLY|O_CREAT|O_EXCL a3=0x100 items=4 ppid=1361 pid=1573 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.820:95) : avc: denied { add_name } for pid=1573 comm=cryptsetup name=vda4.header scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.820:95) : avc: denied { write } for pid=1573 comm=cryptsetup name=tmp.PWtqsqTXjO dev="dm-1" ino=639161 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.837:97) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.837:97) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x555d82acd760 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1361 pid=1579 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.837:97) : avc: denied { open } for pid=1579 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=232 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.837:97) : avc: denied { read } for pid=1579 comm=cryptsetup name=vda4 dev="devtmpfs" ino=232 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.837:98) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.837:98) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x3 a1=0x7fefe9865f35 a2=0x7ffebbdeb200 a3=0x1000 items=0 ppid=1361 pid=1579 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.837:98) : avc: denied { getattr } for pid=1579 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=232 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.837:99) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:58:01.837:99) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0x1268 a2=0x7ffebbdeb18c a3=0x1000 items=0 ppid=1361 pid=1579 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.837:99) : avc: denied { ioctl } for pid=1579 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=232 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.920:100) : proctitle=cryptsetup luksAddKey --force-password --batch-mode --key-slot 0 /dev/vda4 --pbkdf pbkdf2 --pbkdf-force-iterations 1000 > type=SYSCALL msg=audit(08/07/23 07:58:01.920:100) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffe6ee41830 a2=0x7ffe6ee41750 a3=0x0 items=0 ppid=1361 pid=1608 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.920:100) : avc: denied { getattr } for pid=1608 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.920:101) : proctitle=cryptsetup luksAddKey --force-password --batch-mode --key-slot 0 /dev/vda4 --pbkdf pbkdf2 --pbkdf-force-iterations 1000 > type=SYSCALL msg=audit(08/07/23 07:58:01.920:101) : arch=x86_64 syscall=openat success=yes exit=6 a0=AT_FDCWD a1=0x7ffe6ee41830 a2=O_RDWR a3=0x0 items=0 ppid=1361 pid=1608 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.920:101) : avc: denied { open } for pid=1608 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:01.920:101) : avc: denied { read write } for pid=1608 comm=cryptsetup name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.920:102) : proctitle=cryptsetup luksAddKey --force-password --batch-mode --key-slot 0 /dev/vda4 --pbkdf pbkdf2 --pbkdf-force-iterations 1000 > type=SYSCALL msg=audit(08/07/23 07:58:01.920:102) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x6 a1=0xc138fd00 a2=0x55f6645f8ff0 a3=0x7ffe6ee403c2 items=0 ppid=1361 pid=1608 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.920:102) : avc: denied { ioctl } for pid=1608 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd00 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:01.934:103) : proctitle=cryptsetup luksAddKey --force-password --batch-mode --key-slot 0 /dev/vda4 --pbkdf pbkdf2 --pbkdf-force-iterations 1000 > type=SYSCALL msg=audit(08/07/23 07:58:01.934:103) : arch=x86_64 syscall=openat success=yes exit=7 a0=AT_FDCWD a1=0x55f6645c08e0 a2=O_RDWR|O_DIRECT a3=0x0 items=0 ppid=1361 pid=1608 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:01.934:103) : avc: denied { write } for pid=1608 comm=cryptsetup name=vda4 dev="devtmpfs" ino=232 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.002:104) : proctitle=rm -rf /tmp/tmp.PWtqsqTXjO > type=SYSCALL msg=audit(08/07/23 07:58:02.002:104) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x55f62a90dc20 a2=O_RDONLY|O_NOCTTY|O_NONBLOCK|O_DIRECTORY|O_NOFOLLOW a3=0x0 items=0 ppid=1361 pid=1626 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=rm exe=/usr/bin/rm subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.002:104) : avc: denied { read } for pid=1626 comm=rm name=tmp.PWtqsqTXjO dev="dm-1" ino=639161 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.002:105) : proctitle=rm -rf /tmp/tmp.PWtqsqTXjO > type=SYSCALL msg=audit(08/07/23 07:58:02.002:105) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0x3 a1=0x7fffd1ee3ed0 a2=0x10 a3=0x9b items=0 ppid=1361 pid=1626 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=rm exe=/usr/bin/rm subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.002:105) : avc: denied { getattr } for pid=1626 comm=rm name=/ dev="dm-1" ino=128 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.002:106) : proctitle=rm -rf /tmp/tmp.PWtqsqTXjO > type=SYSCALL msg=audit(08/07/23 07:58:02.002:106) : arch=x86_64 syscall=unlinkat success=yes exit=0 a0=0x4 a1=0x55f62a90f060 a2=0x0 a3=0x9b items=0 ppid=1361 pid=1626 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=rm exe=/usr/bin/rm subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.002:106) : avc: denied { unlink } for pid=1626 comm=rm name=device dev="dm-1" ino=639162 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.002:106) : avc: denied { remove_name } for pid=1626 comm=rm name=device dev="dm-1" ino=639162 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.006:107) : proctitle=rm -rf /tmp/tmp.PWtqsqTXjO > type=SYSCALL msg=audit(08/07/23 07:58:02.006:107) : arch=x86_64 syscall=unlinkat success=yes exit=0 a0=AT_FDCWD a1=0x55f62a90dc20 a2=0x200 a3=0x9b items=0 ppid=1361 pid=1626 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=rm exe=/usr/bin/rm subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.006:107) : avc: denied { rmdir } for pid=1626 comm=rm name=tmp.PWtqsqTXjO dev="dm-1" ino=639161 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.013:108) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.013:108) : arch=x86_64 syscall=openat success=no exit=ENOENT(No such file or directory) a0=AT_FDCWD a1=0x7ffcb2cd4ae0 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.013:108) : avc: denied { read } for pid=1273 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18362 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.315:109) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.315:109) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7fc1fb512308 a2=O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.315:109) : avc: denied { read } for pid=1273 comm=fdo-client-linu name=userdb dev="tmpfs" ino=52 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:systemd_userdbd_runtime_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.316:110) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.316:110) : arch=x86_64 syscall=connect success=yes exit=0 a0=0xd a1=0x7ffcb2cd5ab0 a2=0x2d a3=0xf00 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.316:110) : avc: denied { connectto } for pid=1273 comm=fdo-client-linu path=/run/systemd/userdb/io.systemd.DynamicUser scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.316:110) : avc: denied { write } for pid=1273 comm=fdo-client-linu name=io.systemd.DynamicUser dev="tmpfs" ino=53 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:systemd_userdbd_runtime_t:s0 tclass=sock_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.317:111) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.317:111) : item=0 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.317:111) : cwd=/ > type=EXECVE msg=audit(08/07/23 07:58:02.317:111) : argc=3 a0=useradd a1=-m a2=fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.317:111) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7fc1fb354dc0 a1=0x555d3d7c2e50 a2=0x555d3d65eb50 a3=0x8 items=1 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.317:111) : avc: denied { map } for pid=1655 comm=useradd path=/usr/sbin/useradd dev="dm-1" ino=8736414 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:useradd_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.317:111) : avc: denied { execute_no_trans } for pid=1655 comm=fdo-client-linu path=/usr/sbin/useradd dev="dm-1" ino=8736414 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:useradd_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.317:111) : avc: denied { read open } for pid=1655 comm=fdo-client-linu path=/usr/sbin/useradd dev="dm-1" ino=8736414 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:useradd_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.317:111) : avc: denied { execute } for pid=1655 comm=fdo-client-linu name=useradd dev="dm-1" ino=8736414 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:useradd_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.325:112) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.325:112) : arch=x86_64 syscall=socket success=yes exit=3 a0=netlink a1=SOCK_RAW a2=igp a3=0x0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.325:112) : avc: denied { create } for pid=1655 comm=useradd scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=netlink_audit_socket permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.328:113) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.328:113) : arch=x86_64 syscall=openat success=yes exit=4 a0=AT_FDCWD a1=0x7f75dfcc8204 a2=O_WRONLY|O_CREAT|O_CLOEXEC a3=0x180 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.328:113) : avc: denied { write } for pid=1655 comm=useradd name=.pwd.lock dev="dm-1" ino=634741 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.328:114) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.328:114) : arch=x86_64 syscall=fcntl success=yes exit=0 a0=0x4 a1=F_SETLKW a2=0x7ffc01a73110 a3=0x8 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.328:114) : avc: denied { lock } for pid=1655 comm=useradd path=/etc/.pwd.lock dev="dm-1" ino=634741 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.328:115) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.328:115) : item=3 name=(null) inode=634743 dev=fd:01 mode=file,600 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.328:115) : item=2 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.328:115) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.328:115) : item=0 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.328:115) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.328:115) : arch=x86_64 syscall=openat success=yes exit=5 a0=AT_FDCWD a1=0x55d30386bfa0 a2=O_WRONLY|O_CREAT|O_TRUNC a3=0x180 items=4 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.328:115) : avc: denied { write } for pid=1655 comm=useradd path=/etc/passwd.1655 dev="dm-1" ino=634743 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.328:115) : avc: denied { create } for pid=1655 comm=useradd name=passwd.1655 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.333:116) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.333:116) : item=1 name=(null) inode=634743 dev=fd:01 mode=file,600 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.333:116) : item=0 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.333:116) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.333:116) : arch=x86_64 syscall=link success=yes exit=0 a0=0x55d30386bfa0 a1=0x55d303870810 a2=0x5 a3=0x677 items=2 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.333:116) : avc: denied { link } for pid=1655 comm=useradd name=passwd.1655 dev="dm-1" ino=634743 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.333:117) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.333:117) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x55d30386bfa0 a1=0x55d30386bfa0 a2=0x7ffc01a732b0 a3=0x0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.333:117) : avc: denied { unlink } for pid=1655 comm=useradd name=passwd.1655 dev="dm-1" ino=634743 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.333:117) : avc: denied { remove_name } for pid=1655 comm=useradd name=passwd.1655 dev="dm-1" ino=634743 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.341:118) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.341:118) : arch=x86_64 syscall=openat success=yes exit=7 a0=AT_FDCWD a1=0x55d303322880 a2=O_RDWR|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW a3=0x0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.341:118) : avc: denied { open } for pid=1655 comm=useradd path=/etc/gshadow dev="dm-1" ino=639122 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.341:118) : avc: denied { read write } for pid=1655 comm=useradd name=gshadow dev="dm-1" ino=639122 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.341:119) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.341:119) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x7 a1=0x7f75dfcc4f35 a2=0x7ffc01a73140 a3=0x1000 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.341:119) : avc: denied { getattr } for pid=1655 comm=useradd path=/etc/gshadow dev="dm-1" ino=639122 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.354:120) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.354:120) : arch=x86_64 syscall=socket success=yes exit=11 a0=local a1=SOCK_DGRAM a2=ip a3=0x3e9 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.354:120) : avc: denied { create } for pid=1655 comm=useradd scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=unix_dgram_socket permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.354:121) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.354:121) : item=0 name=/dev/log inode=60 dev=00:18 mode=socket,666 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:devlog_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.354:121) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.354:121) : arch=x86_64 syscall=connect success=yes exit=0 a0=0xb a1=0x7f75dfcc2b60 a2=0x6e a3=0x3e9 items=1 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.354:121) : avc: denied { sendto } for pid=1655 comm=useradd path=/run/systemd/journal/dev-log scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_dgram_socket permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.354:121) : avc: denied { write } for pid=1655 comm=useradd name=dev-log dev="tmpfs" ino=60 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:devlog_t:s0 tclass=sock_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.354:121) : avc: denied { read } for pid=1655 comm=useradd name=log dev="devtmpfs" ino=133 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:devlog_t:s0 tclass=lnk_file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.354:121) : avc: denied { connect } for pid=1655 comm=useradd scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=unix_dgram_socket permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.355:122) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.355:122) : arch=x86_64 syscall=sendto success=yes exit=112 a0=0x3 a1=0x7ffc01a6c870 a2=0x70 a3=0x0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.355:122) : avc: denied { audit_write } for pid=1655 comm=useradd capability=audit_write scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.355:122) : avc: denied { nlmsg_relay } for pid=1655 comm=useradd scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=netlink_audit_socket permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.356:124) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.356:124) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x55d30331b55c a2=O_RDWR a3=0x0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.356:124) : avc: denied { open } for pid=1655 comm=useradd path=/var/log/lastlog dev="dm-1" ino=639152 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lastlog_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.356:124) : avc: denied { read write } for pid=1655 comm=useradd name=lastlog dev="dm-1" ino=639152 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lastlog_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.362:126) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.362:126) : item=0 name=/etc/selinux/targeted/contexts/files/file_contexts.subs_dist inode=25805294 dev=fd:01 mode=file,644 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:file_context_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.362:126) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.362:126) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x55d30387efe0 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=1 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.362:126) : avc: denied { open } for pid=1655 comm=useradd path=/etc/selinux/targeted/contexts/files/file_contexts.subs_dist dev="dm-1" ino=25805294 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.362:126) : avc: denied { read } for pid=1655 comm=useradd name=file_contexts.subs_dist dev="dm-1" ino=25805294 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.362:126) : avc: denied { search } for pid=1655 comm=useradd name=files dev="dm-1" ino=25805287 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.362:126) : avc: denied { search } for pid=1655 comm=useradd name=contexts dev="dm-1" ino=17524852 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:default_context_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.362:127) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.362:127) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xc a1=0x7f75dfcc4f35 a2=0x7ffc01a717b0 a3=0x1000 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.362:127) : avc: denied { getattr } for pid=1655 comm=useradd path=/etc/selinux/targeted/contexts/files/file_contexts.subs_dist dev="dm-1" ino=25805294 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.362:128) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.362:128) : arch=x86_64 syscall=mmap success=yes exit=140144230305792 a0=0x0 a1=0x90d85 a2=PROT_READ a3=MAP_PRIVATE items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.362:128) : avc: denied { map } for pid=1655 comm=useradd path=/etc/selinux/targeted/contexts/files/file_contexts.bin dev="dm-1" ino=25805289 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.365:129) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.365:129) : arch=x86_64 syscall=write success=yes exit=35 a0=0xc a1=0x55d30391deb0 a2=0x23 a3=0x0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.365:129) : avc: denied { setfscreate } for pid=1655 comm=useradd scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=process permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.365:130) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.365:130) : arch=x86_64 syscall=fchown success=yes exit=0 a0=0xc a1=0x0 a2=0x0 a3=0x1b6 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.365:130) : avc: denied { setattr } for pid=1655 comm=useradd name=passwd- dev="dm-1" ino=639127 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.368:131) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.368:131) : item=3 name=(null) inode=639165 dev=fd:01 mode=file,000 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:passwd_file_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.368:131) : item=2 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.368:131) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.368:131) : item=0 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.368:131) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.368:131) : arch=x86_64 syscall=openat success=yes exit=5 a0=AT_FDCWD a1=0x7ffc01a72f50 a2=O_WRONLY|O_CREAT|O_TRUNC a3=0x1b6 items=4 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.368:131) : avc: denied { create } for pid=1655 comm=useradd name=passwd+ scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.371:132) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.371:132) : item=1 name=(null) inode=639165 dev=fd:01 mode=file,644 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:passwd_file_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.371:132) : item=0 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.371:132) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.371:132) : arch=x86_64 syscall=rename success=yes exit=0 a0=0x7ffc01a72f50 a1=0x55d303321fc0 a2=0x7ffc01a72ec0 a3=0x100 items=2 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.371:132) : avc: denied { unlink } for pid=1655 comm=useradd name=passwd dev="dm-1" ino=639123 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.371:132) : avc: denied { rename } for pid=1655 comm=useradd name=passwd+ dev="dm-1" ino=639165 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.371:133) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.371:133) : arch=x86_64 syscall=fchown success=yes exit=0 a0=0x5 a1=0x0 a2=0x0 a3=0x1b6 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.371:133) : avc: denied { setattr } for pid=1655 comm=useradd name=shadow- dev="dm-1" ino=639128 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.375:134) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.375:134) : item=3 name=(null) inode=639123 dev=fd:01 mode=file,000 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:shadow_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.375:134) : item=2 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.375:134) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.375:134) : item=0 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.375:134) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.375:134) : arch=x86_64 syscall=openat success=yes exit=5 a0=AT_FDCWD a1=0x7ffc01a72f50 a2=O_WRONLY|O_CREAT|O_TRUNC a3=0x1b6 items=4 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.375:134) : avc: denied { create } for pid=1655 comm=useradd name=shadow+ scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.382:135) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.382:135) : item=1 name=(null) inode=639123 dev=fd:01 mode=file,000 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:shadow_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.382:135) : item=0 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.382:135) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.382:135) : arch=x86_64 syscall=rename success=yes exit=0 a0=0x7ffc01a72f50 a1=0x55d303321b60 a2=0x7ffc01a72ec0 a3=0x100 items=2 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.382:135) : avc: denied { unlink } for pid=1655 comm=useradd name=shadow dev="dm-1" ino=639124 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.382:135) : avc: denied { rename } for pid=1655 comm=useradd name=shadow+ dev="dm-1" ino=639123 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.396:136) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.396:136) : arch=x86_64 syscall=fchown success=yes exit=0 a0=0x5 a1=0x0 a2=0x0 a3=0x1b6 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.396:136) : avc: denied { setattr } for pid=1655 comm=useradd name=subuid- dev="dm-1" ino=639166 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.402:137) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.402:137) : item=1 name=(null) inode=639122 dev=fd:01 mode=file,644 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.402:137) : item=0 name=(null) inode=634599 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:etc_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.402:137) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.402:137) : arch=x86_64 syscall=rename success=yes exit=0 a0=0x7ffc01a72f50 a1=0x55d303322ce0 a2=0x7ffc01a72ec0 a3=0x100 items=2 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.402:137) : avc: denied { rename } for pid=1655 comm=useradd name=subuid+ dev="dm-1" ino=639122 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.420:138) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.420:138) : item=1 name=(null) inode=9165374 dev=fd:01 mode=dir,000 ouid=root ogid=root rdev=00:00 obj=unconfined_u:object_r:user_home_dir_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.420:138) : item=0 name=(null) inode=25808996 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:home_root_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.420:138) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.420:138) : arch=x86_64 syscall=mkdir success=yes exit=0 a0=0x7ffc01a73280 a1=0000 a2=0xfffffffffffffe98 a3=0x0 items=2 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.420:138) : avc: denied { create } for pid=1655 comm=useradd name=fdouser scontext=system_u:system_r:fdo_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.420:138) : avc: denied { add_name } for pid=1655 comm=useradd name=fdouser scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.420:138) : avc: denied { write } for pid=1655 comm=useradd name=home dev="dm-1" ino=25808996 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.420:139) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.420:139) : arch=x86_64 syscall=chown success=yes exit=0 a0=0x7ffc01a73280 a1=root a2=0x0 a3=0x0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.420:139) : avc: denied { setattr } for pid=1655 comm=useradd name=fdouser dev="dm-1" ino=9165374 scontext=system_u:system_r:fdo_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.420:140) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.420:140) : arch=x86_64 syscall=chown success=yes exit=0 a0=0x55d30386bb70 a1=fdouser a2=0x3e9 a3=0x0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.420:140) : avc: denied { chown } for pid=1655 comm=useradd capability=chown scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.420:141) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.420:141) : arch=x86_64 syscall=chmod success=yes exit=0 a0=0x55d30386bb70 a1=0700 a2=0x0 a3=0x7f75dfcabac0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.420:141) : avc: denied { fsetid } for pid=1655 comm=useradd capability=fsetid scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.422:143) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.422:143) : item=1 name=/var/home/fdouser/.bash_logout inode=9165375 dev=fd:01 mode=file,644 ouid=root ogid=root rdev=00:00 obj=unconfined_u:object_r:user_home_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.422:143) : item=0 name=/var/home/fdouser/ inode=9165374 dev=fd:01 mode=dir,700 ouid=fdouser ogid=fdouser rdev=00:00 obj=unconfined_u:object_r:user_home_dir_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.422:143) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.422:143) : arch=x86_64 syscall=openat success=yes exit=6 a0=AT_FDCWD a1=0x55d30387d060 a2=O_WRONLY|O_CREAT|O_TRUNC a3=0x1a4 items=2 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.422:143) : avc: denied { write open } for pid=1655 comm=useradd path=/var/home/fdouser/.bash_logout dev="dm-1" ino=9165375 scontext=system_u:system_r:fdo_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.422:143) : avc: denied { create } for pid=1655 comm=useradd name=.bash_logout scontext=system_u:system_r:fdo_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.422:143) : avc: denied { add_name } for pid=1655 comm=useradd name=.bash_logout scontext=system_u:system_r:fdo_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.422:143) : avc: denied { write } for pid=1655 comm=useradd name=fdouser dev="dm-1" ino=9165374 scontext=system_u:system_r:fdo_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.422:143) : avc: denied { search } for pid=1655 comm=useradd name=fdouser dev="dm-1" ino=9165374 scontext=system_u:system_r:fdo_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.422:143) : avc: denied { dac_read_search } for pid=1655 comm=useradd capability=dac_read_search scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.422:144) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.422:144) : arch=x86_64 syscall=fchown success=yes exit=0 a0=0x6 a1=0x3e9 a2=0x3e9 a3=0x1a4 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.422:144) : avc: denied { setattr } for pid=1655 comm=useradd name=.bash_logout dev="dm-1" ino=9165375 scontext=system_u:system_r:fdo_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.427:145) : proctitle=useradd -m fdouser > type=PATH msg=audit(08/07/23 07:58:02.427:145) : item=1 name=/var/spool/mail/fdouser inode=639161 dev=fd:01 mode=file,000 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:mail_spool_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.427:145) : item=0 name=/var/spool/mail/ inode=639115 dev=fd:01 mode=dir,775 ouid=root ogid=mail rdev=00:00 obj=system_u:object_r:mail_spool_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.427:145) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.427:145) : arch=x86_64 syscall=openat success=yes exit=4 a0=AT_FDCWD a1=0x7ffc01a73360 a2=O_WRONLY|O_CREAT|O_EXCL|O_TRUNC a3=0x0 items=2 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.427:145) : avc: denied { write open } for pid=1655 comm=useradd path=/var/spool/mail/fdouser dev="dm-1" ino=639161 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.427:145) : avc: denied { create } for pid=1655 comm=useradd name=fdouser scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.427:145) : avc: denied { add_name } for pid=1655 comm=useradd name=fdouser scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.427:145) : avc: denied { write } for pid=1655 comm=useradd name=mail dev="dm-1" ino=639115 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.427:145) : avc: denied { search } for pid=1655 comm=useradd name=mail dev="dm-1" ino=639115 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.427:146) : proctitle=useradd -m fdouser > type=SYSCALL msg=audit(08/07/23 07:58:02.427:146) : arch=x86_64 syscall=fchown success=yes exit=0 a0=0x4 a1=0x3e9 a2=0xc a3=0x7f75dfcabac0 items=0 ppid=1273 pid=1655 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=useradd exe=/usr/sbin/useradd subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.427:146) : avc: denied { setattr } for pid=1655 comm=useradd name=fdouser dev="dm-1" ino=639161 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.431:147) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.431:147) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7fc1fbd06e17 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.431:147) : avc: denied { open } for pid=1273 comm=fdo-client-linu path=/etc/passwd dev="dm-1" ino=639165 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.431:147) : avc: denied { read } for pid=1273 comm=fdo-client-linu name=passwd dev="dm-1" ino=639165 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.431:148) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.431:148) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xc a1=0x7fc1fbd02f35 a2=0x7ffcb2cd58a0 a3=0x1000 items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.431:148) : avc: denied { getattr } for pid=1273 comm=fdo-client-linu path=/etc/passwd dev="dm-1" ino=639165 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.431:149) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 07:58:02.431:149) : item=1 name=(null) inode=17528940 dev=fd:01 mode=dir,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:user_home_dir_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.431:149) : item=0 name=(null) inode=9165374 dev=fd:01 mode=dir,700 ouid=fdouser ogid=fdouser rdev=00:00 obj=unconfined_u:object_r:user_home_dir_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.431:149) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.431:149) : arch=x86_64 syscall=mkdir success=yes exit=0 a0=0x7ffcb2cd5b10 a1=0777 a2=0x16 a3=0xfefefefefefefeff items=2 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.431:149) : avc: denied { create } for pid=1273 comm=fdo-client-linu name=.ssh scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.431:150) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.431:150) : arch=x86_64 syscall=statx success=yes exit=0 a0=0xffffff9c a1=0x7ffcb2cd5970 a2=0x0 a3=0xfff items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.431:150) : avc: denied { getattr } for pid=1273 comm=fdo-client-linu path=/var/home/fdouser/.ssh dev="dm-1" ino=17528940 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.431:151) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.431:151) : arch=x86_64 syscall=chmod success=yes exit=0 a0=0x7ffcb2cd5958 a1=0700 a2=0x16 a3=0xfefefefefefefeff items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.431:151) : avc: denied { setattr } for pid=1273 comm=fdo-client-linu name=.ssh dev="dm-1" ino=17528940 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.431:152) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.431:152) : arch=x86_64 syscall=statx success=no exit=ENOENT(No such file or directory) a0=0xffffff9c a1=0x7ffcb2cd5b10 a2=0x0 a3=0xfff items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.431:152) : avc: denied { search } for pid=1273 comm=fdo-client-linu name=.ssh dev="dm-1" ino=17528940 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.431:153) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 07:58:02.431:153) : item=3 name=(null) inode=17528941 dev=fd:01 mode=file,644 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:user_home_dir_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.431:153) : item=2 name=(null) inode=17528940 dev=fd:01 mode=dir,700 ouid=fdouser ogid=fdouser rdev=00:00 obj=system_u:object_r:user_home_dir_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.431:153) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:58:02.431:153) : item=0 name=(null) inode=17528940 dev=fd:01 mode=dir,700 ouid=fdouser ogid=fdouser rdev=00:00 obj=system_u:object_r:user_home_dir_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:58:02.431:153) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:58:02.431:153) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7ffcb2cd5af8 a2=O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC a3=0x1b6 items=4 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.431:153) : avc: denied { write open } for pid=1273 comm=fdo-client-linu path=/var/home/fdouser/.ssh/authorized_keys dev="dm-1" ino=17528941 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.431:153) : avc: denied { create } for pid=1273 comm=fdo-client-linu name=authorized_keys scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.431:153) : avc: denied { add_name } for pid=1273 comm=fdo-client-linu name=authorized_keys scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:58:02.431:153) : avc: denied { write } for pid=1273 comm=fdo-client-linu name=.ssh dev="dm-1" ino=17528940 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.432:154) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.432:154) : arch=x86_64 syscall=statx success=yes exit=0 a0=0xffffff9c a1=0x7ffcb2cd5970 a2=0x0 a3=0xfff items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.432:154) : avc: denied { getattr } for pid=1273 comm=fdo-client-linu path=/var/home/fdouser/.ssh/authorized_keys dev="dm-1" ino=17528941 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:58:02.432:155) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:58:02.432:155) : arch=x86_64 syscall=chmod success=yes exit=0 a0=0x7ffcb2cd5958 a1=0600 a2=0x26 a3=0xfefefefefefefeff items=0 ppid=1 pid=1273 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:58:02.432:155) : avc: denied { setattr } for pid=1273 comm=fdo-client-linu name=authorized_keys dev="dm-1" ino=17528941 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:user_home_dir_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.250:40) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.250:40) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffded939638 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.250:40) : avc: denied { open } for pid=1168 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.250:40) : avc: denied { read } for pid=1168 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.250:41) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.250:41) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x564179120c70 a3=0x7b items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.250:41) : avc: denied { ioctl } for pid=1168 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.251:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.251:42) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffded937d90 a2=0x7ffded937cb0 a3=0x0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.251:42) : avc: denied { getattr } for pid=1168 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.251:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.251:43) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffded937d90 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.251:43) : avc: denied { write } for pid=1168 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.252:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.252:44) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7f0901dfe7c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.252:44) : avc: denied { open } for pid=1168 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.252:44) : avc: denied { read } for pid=1168 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.252:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.252:45) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7f0901fd2f35 a2=0x7ffded937a50 a3=0x1000 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.252:45) : avc: denied { getattr } for pid=1168 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.252:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.252:46) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffded939010 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.252:46) : avc: denied { ipc_info } for pid=1168 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.252:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.252:47) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffded937000 a1=0x7ffded938000 a2=0xfff a3=0x7f0901fcc3e0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.252:47) : avc: denied { read } for pid=1168 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18674 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.253:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.253:48) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x564179121000 a2=0x7ffded936f70 a3=0x0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.253:48) : avc: denied { getattr } for pid=1168 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.253:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.253:49) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x5641791210f0 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.253:49) : avc: denied { open } for pid=1168 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.253:49) : avc: denied { read } for pid=1168 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.253:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.253:50) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7ffded938c8c a3=0x1000 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.253:50) : avc: denied { ioctl } for pid=1168 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.253:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.253:51) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7ffded938c60 a2=0x7f0901fcf4a4 a3=0x1000 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.253:51) : avc: denied { getattr } for pid=1168 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.254:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.254:52) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7f0902743037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.254:52) : avc: denied { open } for pid=1168 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.254:52) : avc: denied { read } for pid=1168 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.257:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 07:59:49.257:53) : item=3 name=(null) inode=1196 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:49.257:53) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:49.257:53) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:49.257:53) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:59:49.257:53) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:59:49.257:53) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7ffded937ae0 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.257:53) : avc: denied { read write open } for pid=1168 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1196 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.257:53) : avc: denied { create } for pid=1168 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.257:53) : avc: denied { add_name } for pid=1168 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.257:53) : avc: denied { write } for pid=1168 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.258:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.258:54) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.258:54) : avc: denied { lock } for pid=1168 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1196 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.258:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.258:55) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7f0901fd2f35 a2=0x7ffded937a70 a3=0x1000 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.258:55) : avc: denied { getattr } for pid=1168 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1196 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.261:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 07:59:49.261:56) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffded937b60 a1=0x7ffded937b60 a2=0x7ffded937a40 a3=0x0 items=0 ppid=1 pid=1168 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.261:56) : avc: denied { unlink } for pid=1168 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1196 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.261:56) : avc: denied { remove_name } for pid=1168 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1196 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.261:56) : avc: denied { write } for pid=1168 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.265:57) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=PATH msg=audit(08/07/23 07:59:49.265:57) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:49.265:57) : item=0 name=/usr/bin/bash inode=8392074 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:59:49.265:57) : cwd=/ > type=EXECVE msg=audit(08/07/23 07:59:49.265:57) : argc=9 a0=/usr/bin/bash a1=-e a2=/usr/bin/clevis a3=luks a4=pass a5=-d a6=/dev/vda4 a7=-s a8=0 > type=SYSCALL msg=audit(08/07/23 07:59:49.265:57) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7f09017fddc0 a1=0x564179136740 a2=0x7ffded941058 a3=0x8 items=2 ppid=1168 pid=1184 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.265:57) : avc: denied { map } for pid=1184 comm=clevis path=/usr/bin/bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.265:57) : avc: denied { execute } for pid=1184 comm=fdo-client-linu name=bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.265:57) : avc: denied { execute_no_trans } for pid=1184 comm=fdo-client-linu path=/usr/bin/clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.265:57) : avc: denied { execute } for pid=1184 comm=fdo-client-linu name=clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.269:58) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 07:59:49.269:58) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7f8c5b6cae17 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1168 pid=1184 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.269:58) : avc: denied { open } for pid=1184 comm=clevis path=/etc/passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.269:58) : avc: denied { read } for pid=1184 comm=clevis name=passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.270:59) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 07:59:49.270:59) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x3 a1=0x7f8c5b6c6f35 a2=0x7ffd650191b0 a3=0x1000 items=0 ppid=1168 pid=1184 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.270:59) : avc: denied { getattr } for pid=1184 comm=clevis path=/etc/passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.289:60) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 07:59:49.289:60) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x55eec337a310 a2=0x7fff679207e0 a3=0x0 items=0 ppid=1184 pid=1195 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.289:60) : avc: denied { getattr } for pid=1195 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.292:61) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 07:59:49.292:61) : arch=x86_64 syscall=access success=yes exit=0 a0=0x55eec337a310 a1=X_OK a2=0x7fff67920700 a3=0x0 items=0 ppid=1184 pid=1195 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.292:61) : avc: denied { execute } for pid=1195 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.292:62) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 07:59:49.292:62) : arch=x86_64 syscall=access success=yes exit=0 a0=0x55eec337a310 a1=R_OK a2=0x7fff67920700 a3=0x0 items=0 ppid=1184 pid=1195 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.292:62) : avc: denied { read } for pid=1195 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.293:63) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=PATH msg=audit(08/07/23 07:59:49.293:63) : item=0 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:59:49.293:63) : cwd=/ > type=EXECVE msg=audit(08/07/23 07:59:49.293:63) : argc=5 a0=cryptsetup a1=isLuks a2=--type a3=luks1 a4=/dev/vda4 > type=SYSCALL msg=audit(08/07/23 07:59:49.293:63) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x55eec337a310 a1=0x55eec337a480 a2=0x55eec336f4f0 a3=0x55eec337ab50 items=1 ppid=1195 pid=1198 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.293:63) : avc: denied { map } for pid=1198 comm=cryptsetup path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.293:63) : avc: denied { execute_no_trans } for pid=1198 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.293:63) : avc: denied { open } for pid=1198 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.316:64) : proctitle=sed -rn s|^\s+([0-9]+): clevis|\1|p > type=EXECVE msg=audit(08/07/23 07:59:49.316:64) : argc=3 a0=sed a1=-rn a2=s|^\s+([0-9]+): clevis|\1|p > type=SYSCALL msg=audit(08/07/23 07:59:49.316:64) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x55eec34062c0 a1=0x55eec3407270 a2=0x55eec34072a0 a3=0x8 items=0 ppid=1206 pid=1210 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=sed exe=/usr/bin/sed subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.316:64) : avc: denied { map } for pid=1210 comm=sed path=/usr/bin/sed dev="dm-1" ino=25531310 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.386:65) : proctitle=clevis-pin-tpm2 decrypt > type=SYSCALL msg=audit(08/07/23 07:59:49.386:65) : arch=x86_64 syscall=statx success=yes exit=0 a0=0xffffff9c a1=0x559c40384ad0 a2=0x0 a3=0xfff items=0 ppid=1220 pid=1225 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.386:65) : avc: denied { getattr } for pid=1225 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.388:66) : proctitle=clevis-pin-tpm2 decrypt > type=SYSCALL msg=audit(08/07/23 07:59:49.388:66) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7ffc260c7a00 a2=O_RDWR|O_NONBLOCK a3=0x0 items=0 ppid=1220 pid=1225 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.388:66) : avc: denied { open } for pid=1225 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.388:66) : avc: denied { read write } for pid=1225 comm=clevis-pin-tpm2 name=tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 07:59:49.388:66) : avc: denied { dac_override } for pid=1225 comm=clevis-pin-tpm2 capability=dac_override scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.614:70) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:49.614:70) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffdc3f60f60 items=0 ppid=1168 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.614:70) : avc: denied { ipc_info } for pid=1275 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.616:71) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:49.616:71) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffdc3f5ef50 a1=0x7ffdc3f5ff50 a2=0xfff a3=0x7f83e64c13e0 items=0 ppid=1168 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.616:71) : avc: denied { read } for pid=1275 comm=cryptsetup name=252:4 dev="sysfs" ino=18674 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.622:72) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:49.622:72) : arch=x86_64 syscall=openat success=yes exit=8 a0=AT_FDCWD a1=0x55c8a855ca20 a2=O_RDWR a3=0x0 items=0 ppid=1168 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.622:72) : avc: denied { write } for pid=1275 comm=cryptsetup name=vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.647:73) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:49.647:73) : arch=x86_64 syscall=add_key success=yes exit=176464247 a0=0x7f83e65d822e a1=0x55c8a8598c30 a2=0x55c8a8593560 a3=0x40 items=0 ppid=1168 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.647:73) : avc: denied { write } for pid=1275 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=key permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:49.648:74) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:49.648:74) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0x8 a1=0x7ffdc3f60dc0 a2=0x7f83e64c44a4 a3=0x1000 items=0 ppid=1168 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:49.648:74) : avc: denied { getattr } for pid=1275 comm=cryptsetup name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.731:103) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=PATH msg=audit(08/07/23 07:59:50.731:103) : item=3 name=(null) inode=1247 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:50.731:103) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:50.731:103) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:50.731:103) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:59:50.731:103) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:59:50.731:103) : arch=x86_64 syscall=openat success=yes exit=9 a0=0xb a1=0x7ffdc3f601e0 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.731:103) : avc: denied { read write open } for pid=1275 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:50.731:103) : avc: denied { create } for pid=1275 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.731:104) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.731:104) : arch=x86_64 syscall=flock success=yes exit=0 a0=0x9 a1=0x2 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.731:104) : avc: denied { lock } for pid=1275 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.731:105) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.731:105) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x9 a1=0x7f83e64c7f35 a2=0x7ffdc3f60170 a3=0x1000 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.731:105) : avc: denied { getattr } for pid=1275 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.736:106) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.736:106) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffdc3f60290 a1=0x7ffdc3f60290 a2=0x7ffdc3f60170 a3=0x0 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.736:106) : avc: denied { unlink } for pid=1275 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1247 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.769:107) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.769:107) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7f83e630c580 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.769:107) : avc: denied { open } for pid=1275 comm=cryptsetup path=/sys/devices/virtual/bdi/253:2/read_ahead_kb dev="sysfs" ino=24187 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 07:59:50.769:107) : avc: denied { read } for pid=1275 comm=cryptsetup name=read_ahead_kb dev="sysfs" ino=24187 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.780:109) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.780:109) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd11 a2=0x55c8a85b5bf0 a3=0x7ffdc3f5dd92 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.780:109) : avc: denied { module_request } for pid=1275 comm=cryptsetup kmod="dm-integrity" scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.798:110) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.798:110) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd0d a2=0x55c8a85b5bf0 a3=0x7ffdc3f5dd92 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.798:110) : avc: denied { ioctl } for pid=1275 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd0d scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.799:111) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.799:111) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x55c8a85e6190 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.799:111) : avc: denied { open } for pid=1275 comm=cryptsetup path=/dev/dm-3 dev="devtmpfs" ino=598 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 07:59:50.799:111) : avc: denied { read } for pid=1275 comm=cryptsetup name=dm-3 dev="devtmpfs" ino=598 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.799:112) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.799:112) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0x1263 a2=0x7ffdc3f60440 a3=0x0 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.799:112) : avc: denied { ioctl } for pid=1275 comm=cryptsetup path=/dev/dm-3 dev="devtmpfs" ino=598 ioctlcmd=0x1263 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:50.864:114) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:50.864:114) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x9 a1=0x7f83e64c7f35 a2=0x7ffdc3f600f0 a3=0x1000 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:50.864:114) : avc: denied { getattr } for pid=1275 comm=cryptsetup path=/dev/dm-2 dev="devtmpfs" ino=588 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:51.344:117) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=PATH msg=audit(08/07/23 07:59:51.344:117) : item=3 name=(null) inode=1275 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:51.344:117) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:51.344:117) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 07:59:51.344:117) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 07:59:51.344:117) : cwd=/ > type=SYSCALL msg=audit(08/07/23 07:59:51.344:117) : arch=x86_64 syscall=openat success=yes exit=11 a0=0xc a1=0x7ffdc3f60460 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:51.344:117) : avc: denied { add_name } for pid=1275 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 07:59:51.344:117) : avc: denied { write } for pid=1275 comm=cryptsetup name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 07:59:51.377:118) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 07:59:51.377:118) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffdc3f60510 a1=0x7ffdc3f60510 a2=0x7ffdc3f603f0 a3=0x0 items=0 ppid=1 pid=1275 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 07:59:51.377:118) : avc: denied { remove_name } for pid=1275 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1275 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.600:40) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.600:40) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffebf327f18 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.600:40) : avc: denied { open } for pid=1164 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.600:40) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.600:41) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.600:41) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x565369c16c70 a3=0x7b items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.600:41) : avc: denied { ioctl } for pid=1164 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.600:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.600:42) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffebf326670 a2=0x7ffebf326590 a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.600:42) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.601:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.601:43) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffebf326670 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.601:43) : avc: denied { write } for pid=1164 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.601:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.601:44) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7f2506e587c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.601:44) : avc: denied { open } for pid=1164 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.601:44) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.601:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.601:45) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7f250702cf35 a2=0x7ffebf326330 a3=0x1000 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.601:45) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.601:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.601:46) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffebf3278f0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.601:46) : avc: denied { ipc_info } for pid=1164 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.601:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.601:47) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffebf3258e0 a1=0x7ffebf3268e0 a2=0xfff a3=0x7f25070263e0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.601:47) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18674 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.601:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.601:48) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x565369c17020 a2=0x7ffebf325850 a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.601:48) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=235 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.601:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.601:49) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x565369c17000 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.601:49) : avc: denied { open } for pid=1164 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=235 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.601:49) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=235 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.601:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.601:50) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7ffebf32756c a3=0x1000 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.601:50) : avc: denied { ioctl } for pid=1164 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=235 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.602:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.602:51) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7ffebf327540 a2=0x7f25070294a4 a3=0x1000 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.602:51) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.602:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.602:52) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7f250779d037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.602:52) : avc: denied { open } for pid=1164 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.602:52) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.606:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 08:00:12.606:53) : item=3 name=(null) inode=1195 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:12.606:53) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:12.606:53) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:12.606:53) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:12.606:53) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:00:12.606:53) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7ffebf3263c0 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.606:53) : avc: denied { read write open } for pid=1164 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1195 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.606:53) : avc: denied { create } for pid=1164 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.606:53) : avc: denied { add_name } for pid=1164 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.606:53) : avc: denied { write } for pid=1164 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.606:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.606:54) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.606:54) : avc: denied { lock } for pid=1164 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1195 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.606:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.606:55) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7f250702cf35 a2=0x7ffebf326350 a3=0x1000 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.606:55) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1195 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.607:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:12.607:56) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffebf326440 a1=0x7ffebf326440 a2=0x7ffebf326320 a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.607:56) : avc: denied { unlink } for pid=1164 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1195 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.607:56) : avc: denied { remove_name } for pid=1164 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1195 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.613:57) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=PATH msg=audit(08/07/23 08:00:12.613:57) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:12.613:57) : item=0 name=/usr/bin/bash inode=8392074 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:12.613:57) : cwd=/ > type=EXECVE msg=audit(08/07/23 08:00:12.613:57) : argc=9 a0=/usr/bin/bash a1=-e a2=/usr/bin/clevis a3=luks a4=pass a5=-d a6=/dev/vda4 a7=-s a8=0 > type=SYSCALL msg=audit(08/07/23 08:00:12.613:57) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7f2506857dc0 a1=0x565369c2d420 a2=0x7ffebf32f938 a3=0x8 items=2 ppid=1164 pid=1180 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.613:57) : avc: denied { map } for pid=1180 comm=clevis path=/usr/bin/bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.613:57) : avc: denied { execute } for pid=1180 comm=fdo-client-linu name=bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.613:57) : avc: denied { execute_no_trans } for pid=1180 comm=fdo-client-linu path=/usr/bin/clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.613:57) : avc: denied { execute } for pid=1180 comm=fdo-client-linu name=clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.620:58) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:12.620:58) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7f5400cb6e17 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1164 pid=1180 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.620:58) : avc: denied { open } for pid=1180 comm=clevis path=/etc/passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.620:58) : avc: denied { read } for pid=1180 comm=clevis name=passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.620:59) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:12.620:59) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x3 a1=0x7f5400cb2f35 a2=0x7fff0bd72120 a3=0x1000 items=0 ppid=1164 pid=1180 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.620:59) : avc: denied { getattr } for pid=1180 comm=clevis path=/etc/passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.632:60) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:12.632:60) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x559eceda9310 a2=0x7ffe9fc6e840 a3=0x0 items=0 ppid=1180 pid=1190 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.632:60) : avc: denied { getattr } for pid=1190 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.632:61) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:12.632:61) : arch=x86_64 syscall=access success=yes exit=0 a0=0x559eceda9310 a1=X_OK a2=0x7ffe9fc6e760 a3=0x0 items=0 ppid=1180 pid=1190 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.632:61) : avc: denied { execute } for pid=1190 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.632:62) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:12.632:62) : arch=x86_64 syscall=access success=yes exit=0 a0=0x559eceda9310 a1=R_OK a2=0x7ffe9fc6e760 a3=0x0 items=0 ppid=1180 pid=1190 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.632:62) : avc: denied { read } for pid=1190 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.633:63) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=PATH msg=audit(08/07/23 08:00:12.633:63) : item=0 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:12.633:63) : cwd=/ > type=EXECVE msg=audit(08/07/23 08:00:12.633:63) : argc=5 a0=cryptsetup a1=isLuks a2=--type a3=luks1 a4=/dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:12.633:63) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x559eceda9310 a1=0x559eceda9480 a2=0x559eced9e4f0 a3=0x559eceda9b50 items=1 ppid=1190 pid=1191 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.633:63) : avc: denied { map } for pid=1191 comm=cryptsetup path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.633:63) : avc: denied { execute_no_trans } for pid=1191 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.633:63) : avc: denied { open } for pid=1191 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.657:64) : proctitle=grep -E -B1 ^\s+Keyslot:\s+0$ > type=EXECVE msg=audit(08/07/23 08:00:12.657:64) : argc=4 a0=grep a1=-E a2=-B1 a3=^\s+Keyslot:\s+0$ > type=SYSCALL msg=audit(08/07/23 08:00:12.657:64) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x559ecee348d0 a1=0x559ecee36910 a2=0x559ecee36240 a3=0x8 items=0 ppid=1200 pid=1202 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=grep exe=/usr/bin/grep subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.657:64) : avc: denied { map } for pid=1202 comm=grep path=/usr/bin/grep dev="dm-1" ino=532513 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.715:65) : proctitle=clevis-pin-tpm2 decrypt > type=SYSCALL msg=audit(08/07/23 08:00:12.715:65) : arch=x86_64 syscall=statx success=yes exit=0 a0=0xffffff9c a1=0x559b656ebad0 a2=0x0 a3=0xfff items=0 ppid=1215 pid=1220 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.715:65) : avc: denied { getattr } for pid=1220 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.717:66) : proctitle=clevis-pin-tpm2 decrypt > type=SYSCALL msg=audit(08/07/23 08:00:12.717:66) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7fff164059e0 a2=O_RDWR|O_NONBLOCK a3=0x0 items=0 ppid=1215 pid=1220 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.717:66) : avc: denied { open } for pid=1220 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.717:66) : avc: denied { read write } for pid=1220 comm=clevis-pin-tpm2 name=tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.717:66) : avc: denied { dac_override } for pid=1220 comm=clevis-pin-tpm2 capability=dac_override scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.894:68) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:12.894:68) : arch=x86_64 syscall=openat success=yes exit=4 a0=AT_FDCWD a1=0x7ff3cb036037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1180 pid=1244 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.894:68) : avc: denied { open } for pid=1244 comm=cryptsetup path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.894:68) : avc: denied { read } for pid=1244 comm=cryptsetup name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.895:69) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:12.895:69) : arch=x86_64 syscall=openat success=yes exit=5 a0=AT_FDCWD a1=0x559239e19720 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1180 pid=1244 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.895:69) : avc: denied { open } for pid=1244 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=235 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.895:69) : avc: denied { read } for pid=1244 comm=cryptsetup name=vda4 dev="devtmpfs" ino=235 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.895:70) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:12.895:70) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x5 a1=0x7ff3caf25f35 a2=0x7ffe1f5db3d0 a3=0x1000 items=0 ppid=1180 pid=1244 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.895:70) : avc: denied { getattr } for pid=1244 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=235 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.895:71) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=PATH msg=audit(08/07/23 08:00:12.895:71) : item=3 name=(null) inode=1212 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:12.895:71) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:12.895:71) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:12.895:71) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:12.895:71) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:00:12.895:71) : arch=x86_64 syscall=openat success=yes exit=6 a0=0x7 a1=0x7ffe1f5db460 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1180 pid=1244 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.895:71) : avc: denied { read write open } for pid=1244 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1212 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.895:71) : avc: denied { create } for pid=1244 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.895:71) : avc: denied { add_name } for pid=1244 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.895:71) : avc: denied { write } for pid=1244 comm=cryptsetup name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.895:72) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:12.895:72) : arch=x86_64 syscall=flock success=yes exit=0 a0=0x6 a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1180 pid=1244 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.895:72) : avc: denied { lock } for pid=1244 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1212 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.895:73) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:12.895:73) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x6 a1=0x7ff3caf25f35 a2=0x7ffe1f5db3f0 a3=0x1000 items=0 ppid=1180 pid=1244 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.895:73) : avc: denied { getattr } for pid=1244 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1212 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.897:74) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:12.897:74) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x7 a1=0x80081272 a2=0x7ffe1f5da410 a3=0x1000 items=0 ppid=1180 pid=1244 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.897:74) : avc: denied { ioctl } for pid=1244 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=235 ioctlcmd=0x1272 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.897:75) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:12.897:75) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffe1f5db4e0 a1=0x7ffe1f5db4e0 a2=0x7ffe1f5db3c0 a3=0x0 items=0 ppid=1180 pid=1244 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.897:75) : avc: denied { unlink } for pid=1244 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1212 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.897:75) : avc: denied { remove_name } for pid=1244 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1212 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.956:78) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:12.956:78) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffeebc34580 a2=0x7ffeebc344a0 a3=0x0 items=0 ppid=1164 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.956:78) : avc: denied { getattr } for pid=1282 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.956:79) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:12.956:79) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7ffeebc34580 a2=O_RDWR a3=0x0 items=0 ppid=1164 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.956:79) : avc: denied { open } for pid=1282 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:12.956:79) : avc: denied { read write } for pid=1282 comm=cryptsetup name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.956:80) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:12.956:80) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd00 a2=0x560d5b5fd940 a3=0x7ffeebc33112 items=0 ppid=1164 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.956:80) : avc: denied { ioctl } for pid=1282 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd00 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.956:81) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:12.956:81) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffeebc35800 items=0 ppid=1164 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.956:81) : avc: denied { ipc_info } for pid=1282 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:12.966:82) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:12.966:82) : arch=x86_64 syscall=openat success=yes exit=8 a0=AT_FDCWD a1=0x560d5b601aa0 a2=O_RDWR a3=0x0 items=0 ppid=1164 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:12.966:82) : avc: denied { write } for pid=1282 comm=cryptsetup name=vda4 dev="devtmpfs" ino=235 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:13.003:83) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:13.003:83) : arch=x86_64 syscall=add_key success=yes exit=34892889 a0=0x7f0240b6622e a1=0x560d5b63ed00 a2=0x560d5b639560 a3=0x40 items=0 ppid=1164 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:13.003:83) : avc: denied { write } for pid=1282 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=key permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:13.003:84) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:13.003:84) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffeebc33a00 a1=0x7ffeebc34a00 a2=0xfff a3=0x7f0240a4f3e0 items=0 ppid=1164 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:13.003:84) : avc: denied { read } for pid=1282 comm=cryptsetup name=252:4 dev="sysfs" ino=18674 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:14.125:113) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:14.125:113) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7f024089a580 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:14.125:113) : avc: denied { open } for pid=1282 comm=cryptsetup path=/sys/devices/virtual/bdi/253:2/read_ahead_kb dev="sysfs" ino=24187 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:14.125:113) : avc: denied { read } for pid=1282 comm=cryptsetup name=read_ahead_kb dev="sysfs" ino=24187 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:14.125:114) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:14.125:114) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0x9 a1=0x7ffeebc35740 a2=0x7f0240a524a4 a3=0x1000 items=0 ppid=1 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:14.125:114) : avc: denied { getattr } for pid=1282 comm=cryptsetup name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:14.136:116) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:14.136:116) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd11 a2=0x560d5b65e400 a3=0x7ffeebc32632 items=0 ppid=1 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:14.136:116) : avc: denied { module_request } for pid=1282 comm=cryptsetup kmod="dm-integrity" scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:14.152:117) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:14.152:117) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd0d a2=0x560d5b65e400 a3=0x7ffeebc32632 items=0 ppid=1 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:14.152:117) : avc: denied { sys_admin } for pid=1282 comm=cryptsetup capability=sys_admin scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:14.632:121) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=PATH msg=audit(08/07/23 08:00:14.632:121) : item=3 name=(null) inode=1274 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:14.632:121) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:14.632:121) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:14.632:121) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:14.632:121) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:00:14.632:121) : arch=x86_64 syscall=openat success=yes exit=11 a0=0xc a1=0x7ffeebc34d00 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:14.632:121) : avc: denied { read write open } for pid=1282 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1274 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:14.632:121) : avc: denied { create } for pid=1282 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:14.633:122) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:14.633:122) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xb a1=0x2 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:14.633:122) : avc: denied { lock } for pid=1282 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1274 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:14.633:123) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:14.633:123) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7f0240a55f35 a2=0x7ffeebc34c90 a3=0x1000 items=0 ppid=1 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:14.633:123) : avc: denied { getattr } for pid=1282 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1274 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:14.668:124) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:14.668:124) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffeebc34db0 a1=0x7ffeebc34db0 a2=0x7ffeebc34c90 a3=0x0 items=0 ppid=1 pid=1282 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:14.668:124) : avc: denied { unlink } for pid=1282 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1274 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.532:40) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.532:40) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffc2841b5a8 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.532:40) : avc: denied { open } for pid=1162 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.532:40) : avc: denied { read } for pid=1162 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.532:41) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.532:41) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x55ae2ae3fc70 a3=0x7b items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.532:41) : avc: denied { ioctl } for pid=1162 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.532:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.532:42) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffc28419d00 a2=0x7ffc28419c20 a3=0x0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.532:42) : avc: denied { getattr } for pid=1162 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.532:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.532:43) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffc28419d00 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.532:43) : avc: denied { write } for pid=1162 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.532:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.532:44) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7fda674077c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.532:44) : avc: denied { open } for pid=1162 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.532:44) : avc: denied { read } for pid=1162 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.532:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.532:45) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7fda675dbf35 a2=0x7ffc284199c0 a3=0x1000 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.532:45) : avc: denied { getattr } for pid=1162 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.533:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.533:46) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffc2841af80 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.533:46) : avc: denied { ipc_info } for pid=1162 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.533:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.533:47) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffc28418f70 a1=0x7ffc28419f70 a2=0xfff a3=0x7fda675d53e0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.533:47) : avc: denied { read } for pid=1162 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18640 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.533:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.533:48) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x55ae2ae40020 a2=0x7ffc28418ee0 a3=0x0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.533:48) : avc: denied { getattr } for pid=1162 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.533:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.533:49) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x55ae2ae40000 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.533:49) : avc: denied { open } for pid=1162 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.533:49) : avc: denied { read } for pid=1162 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.533:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.533:50) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7ffc2841abfc a3=0x1000 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.533:50) : avc: denied { ioctl } for pid=1162 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=233 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.533:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.533:51) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7ffc2841abd0 a2=0x7fda675d84a4 a3=0x1000 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.533:51) : avc: denied { getattr } for pid=1162 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.534:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.534:52) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7fda67d4c037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.534:52) : avc: denied { open } for pid=1162 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.534:52) : avc: denied { read } for pid=1162 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.535:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 08:00:35.535:53) : item=3 name=(null) inode=1198 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.535:53) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.535:53) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.535:53) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:35.535:53) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:00:35.535:53) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7ffc28419a50 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.535:53) : avc: denied { read write open } for pid=1162 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1198 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.535:53) : avc: denied { create } for pid=1162 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.535:53) : avc: denied { add_name } for pid=1162 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.535:53) : avc: denied { write } for pid=1162 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.535:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.535:54) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.535:54) : avc: denied { lock } for pid=1162 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1198 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.535:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.535:55) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7fda675dbf35 a2=0x7ffc284199e0 a3=0x1000 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.535:55) : avc: denied { getattr } for pid=1162 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1198 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.538:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:35.538:56) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffc28419ad0 a1=0x7ffc28419ad0 a2=0x7ffc284199b0 a3=0x0 items=0 ppid=1 pid=1162 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.538:56) : avc: denied { unlink } for pid=1162 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1198 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.538:56) : avc: denied { remove_name } for pid=1162 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1198 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.541:57) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=PATH msg=audit(08/07/23 08:00:35.541:57) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.541:57) : item=0 name=/usr/bin/bash inode=8392074 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:35.541:57) : cwd=/ > type=EXECVE msg=audit(08/07/23 08:00:35.541:57) : argc=9 a0=/usr/bin/bash a1=-e a2=/usr/bin/clevis a3=luks a4=pass a5=-d a6=/dev/vda4 a7=-s a8=0 > type=SYSCALL msg=audit(08/07/23 08:00:35.541:57) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7fda66e06dc0 a1=0x55ae2ae56420 a2=0x7ffc28422fc8 a3=0x8 items=2 ppid=1162 pid=1178 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.541:57) : avc: denied { map } for pid=1178 comm=clevis path=/usr/bin/bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.541:57) : avc: denied { execute } for pid=1178 comm=fdo-client-linu name=bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.541:57) : avc: denied { execute_no_trans } for pid=1178 comm=fdo-client-linu path=/usr/bin/clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.541:57) : avc: denied { execute } for pid=1178 comm=fdo-client-linu name=clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.544:58) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:35.544:58) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7f2d9a60be17 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1162 pid=1178 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.544:58) : avc: denied { open } for pid=1178 comm=clevis path=/etc/passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.544:58) : avc: denied { read } for pid=1178 comm=clevis name=passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.545:59) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:35.545:59) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x3 a1=0x7f2d9a607f35 a2=0x7ffff76415a0 a3=0x1000 items=0 ppid=1162 pid=1178 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.545:59) : avc: denied { getattr } for pid=1178 comm=clevis path=/etc/passwd dev="dm-1" ino=17873550 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.571:60) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:35.571:60) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x55ace4532310 a2=0x7ffd65127560 a3=0x0 items=0 ppid=1178 pid=1190 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.571:60) : avc: denied { getattr } for pid=1190 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.571:61) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:35.571:61) : arch=x86_64 syscall=access success=yes exit=0 a0=0x55ace4532310 a1=X_OK a2=0x7ffd65127480 a3=0x0 items=0 ppid=1178 pid=1190 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.571:61) : avc: denied { execute } for pid=1190 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.571:62) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:35.571:62) : arch=x86_64 syscall=access success=yes exit=0 a0=0x55ace4532310 a1=R_OK a2=0x7ffd65127480 a3=0x0 items=0 ppid=1178 pid=1190 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.571:62) : avc: denied { read } for pid=1190 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.573:63) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=PATH msg=audit(08/07/23 08:00:35.573:63) : item=0 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:35.573:63) : cwd=/ > type=EXECVE msg=audit(08/07/23 08:00:35.573:63) : argc=5 a0=cryptsetup a1=isLuks a2=--type a3=luks1 a4=/dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:35.573:63) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x55ace4532310 a1=0x55ace4532480 a2=0x55ace45274f0 a3=0x55ace4532b50 items=1 ppid=1190 pid=1197 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.573:63) : avc: denied { map } for pid=1197 comm=cryptsetup path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.573:63) : avc: denied { execute_no_trans } for pid=1197 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.573:63) : avc: denied { open } for pid=1197 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.599:64) : proctitle=sed -n 1p > type=EXECVE msg=audit(08/07/23 08:00:35.599:64) : argc=3 a0=sed a1=-n a2=1p > type=SYSCALL msg=audit(08/07/23 08:00:35.599:64) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x55ace45bd9d0 a1=0x55ace45bf1b0 a2=0x55ace45bf240 a3=0x8 items=0 ppid=1204 pid=1207 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=sed exe=/usr/bin/sed subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.599:64) : avc: denied { map } for pid=1207 comm=sed path=/usr/bin/sed dev="dm-1" ino=25531310 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.656:65) : proctitle=clevis-pin-tpm2 decrypt > type=SYSCALL msg=audit(08/07/23 08:00:35.656:65) : arch=x86_64 syscall=statx success=yes exit=0 a0=0xffffff9c a1=0x55b9f413bad0 a2=0x0 a3=0xfff items=0 ppid=1215 pid=1220 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.656:65) : avc: denied { getattr } for pid=1220 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.658:66) : proctitle=clevis-pin-tpm2 decrypt > type=SYSCALL msg=audit(08/07/23 08:00:35.658:66) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7ffdb9ffc180 a2=O_RDWR|O_NONBLOCK a3=0x0 items=0 ppid=1215 pid=1220 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.658:66) : avc: denied { open } for pid=1220 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.658:66) : avc: denied { read write } for pid=1220 comm=clevis-pin-tpm2 name=tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.658:66) : avc: denied { dac_override } for pid=1220 comm=clevis-pin-tpm2 capability=dac_override scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.841:69) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:35.841:69) : arch=x86_64 syscall=openat success=yes exit=4 a0=AT_FDCWD a1=0x7f3931587037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1178 pid=1262 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.841:69) : avc: denied { open } for pid=1262 comm=cryptsetup path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.841:69) : avc: denied { read } for pid=1262 comm=cryptsetup name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.842:70) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=PATH msg=audit(08/07/23 08:00:35.842:70) : item=3 name=(null) inode=1221 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.842:70) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.842:70) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.842:70) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:35.842:70) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:00:35.842:70) : arch=x86_64 syscall=openat success=yes exit=6 a0=0x7 a1=0x7ffdab3b8a00 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1178 pid=1262 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.842:70) : avc: denied { read write open } for pid=1262 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1221 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.842:70) : avc: denied { create } for pid=1262 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.843:71) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:35.843:71) : arch=x86_64 syscall=flock success=yes exit=0 a0=0x6 a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1178 pid=1262 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.843:71) : avc: denied { lock } for pid=1262 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1221 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.843:72) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:35.843:72) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x6 a1=0x7f3931476f35 a2=0x7ffdab3b8990 a3=0x1000 items=0 ppid=1178 pid=1262 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.843:72) : avc: denied { getattr } for pid=1262 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1221 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.845:74) : proctitle=cryptsetup open --test-passphrase /dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:35.845:74) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffdab3b8a80 a1=0x7ffdab3b8a80 a2=0x7ffdab3b8960 a3=0x0 items=0 ppid=1178 pid=1262 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.845:74) : avc: denied { unlink } for pid=1262 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1221 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.919:77) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.919:77) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffcd6b3f7b0 a2=0x7ffcd6b3f6d0 a3=0x0 items=0 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.919:77) : avc: denied { getattr } for pid=1300 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.919:78) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.919:78) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7ffcd6b3f7b0 a2=O_RDWR a3=0x0 items=0 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.919:78) : avc: denied { open } for pid=1300 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.919:78) : avc: denied { read write } for pid=1300 comm=cryptsetup name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.920:79) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.920:79) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd00 a2=0x560fab122940 a3=0x7ffcd6b3e342 items=0 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.920:79) : avc: denied { ioctl } for pid=1300 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd00 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.920:80) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.920:80) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x560fab126a20 a2=0x7ffcd6b3e990 a3=0x0 items=0 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.920:80) : avc: denied { getattr } for pid=1300 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.920:81) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.920:81) : arch=x86_64 syscall=openat success=yes exit=4 a0=AT_FDCWD a1=0x560fab126a00 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.920:81) : avc: denied { open } for pid=1300 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.920:81) : avc: denied { read } for pid=1300 comm=cryptsetup name=vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.920:82) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.920:82) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x4 a1=0x1268 a2=0x7ffcd6b406ac a3=0x1000 items=0 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.920:82) : avc: denied { ioctl } for pid=1300 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=233 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.932:83) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=PATH msg=audit(08/07/23 08:00:35.932:83) : item=3 name=(null) inode=1228 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.932:83) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.932:83) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:35.932:83) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:35.932:83) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:00:35.932:83) : arch=x86_64 syscall=openat success=yes exit=7 a0=0x8 a1=0x7ffcd6b3f500 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.932:83) : avc: denied { add_name } for pid=1300 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:00:35.932:83) : avc: denied { write } for pid=1300 comm=cryptsetup name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.935:85) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.935:85) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffcd6b3f580 a1=0x7ffcd6b3f580 a2=0x7ffcd6b3f460 a3=0x0 items=0 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.935:85) : avc: denied { remove_name } for pid=1300 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1228 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.938:86) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.938:86) : arch=x86_64 syscall=openat success=yes exit=8 a0=AT_FDCWD a1=0x560fab126aa0 a2=O_RDWR a3=0x0 items=0 ppid=1162 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.938:86) : avc: denied { write } for pid=1300 comm=cryptsetup name=vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:35.992:100) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:35.992:100) : arch=x86_64 syscall=add_key success=yes exit=172876511 a0=0x7f093761c22e a1=0x560fab163d00 a2=0x560fab15e560 a3=0x40 items=0 ppid=1 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:35.992:100) : avc: denied { write } for pid=1300 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=key permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:37.018:114) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:37.018:114) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7f0937350580 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:37.018:114) : avc: denied { open } for pid=1300 comm=cryptsetup path=/sys/devices/virtual/bdi/253:2/read_ahead_kb dev="sysfs" ino=24187 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:37.018:114) : avc: denied { read } for pid=1300 comm=cryptsetup name=read_ahead_kb dev="sysfs" ino=24187 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:37.018:115) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:37.018:115) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0x9 a1=0x7ffcd6b40970 a2=0x7f09375084a4 a3=0x1000 items=0 ppid=1 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:37.018:115) : avc: denied { getattr } for pid=1300 comm=cryptsetup name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:37.027:117) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:37.027:117) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd11 a2=0x560fab183400 a3=0x7ffcd6b3d862 items=0 ppid=1 pid=1300 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:37.027:117) : avc: denied { module_request } for pid=1300 comm=cryptsetup kmod="dm-integrity" scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.057:40) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.057:40) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffcd2b8d2a8 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.057:40) : avc: denied { open } for pid=1177 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.057:40) : avc: denied { read } for pid=1177 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.057:41) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.057:41) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x55618c081c70 a3=0x7b items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.057:41) : avc: denied { ioctl } for pid=1177 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.057:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.057:42) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffcd2b8ba00 a2=0x7ffcd2b8b920 a3=0x0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.057:42) : avc: denied { getattr } for pid=1177 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.057:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.057:43) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffcd2b8ba00 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.057:43) : avc: denied { write } for pid=1177 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.057:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.057:44) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7f8e0ace67c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.057:44) : avc: denied { open } for pid=1177 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.057:44) : avc: denied { read } for pid=1177 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.057:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.057:45) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7f8e0aebaf35 a2=0x7ffcd2b8b6c0 a3=0x1000 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.057:45) : avc: denied { getattr } for pid=1177 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.058:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.058:46) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffcd2b8cc80 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.058:46) : avc: denied { ipc_info } for pid=1177 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.058:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.058:47) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffcd2b8ac70 a1=0x7ffcd2b8bc70 a2=0xfff a3=0x7f8e0aeb43e0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.058:47) : avc: denied { read } for pid=1177 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18581 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.058:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.058:48) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x55618c082020 a2=0x7ffcd2b8abe0 a3=0x0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.058:48) : avc: denied { getattr } for pid=1177 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.058:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.058:49) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x55618c082000 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.058:49) : avc: denied { open } for pid=1177 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.058:49) : avc: denied { read } for pid=1177 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.058:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.058:50) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7ffcd2b8c8fc a3=0x1000 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.058:50) : avc: denied { ioctl } for pid=1177 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.058:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.058:51) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7ffcd2b8c8d0 a2=0x7f8e0aeb74a4 a3=0x1000 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.058:51) : avc: denied { getattr } for pid=1177 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.059:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.059:52) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7f8e0b62b037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.059:52) : avc: denied { open } for pid=1177 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.059:52) : avc: denied { read } for pid=1177 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.063:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 08:00:59.063:53) : item=3 name=(null) inode=1202 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:59.063:53) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:59.063:53) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:59.063:53) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:59.063:53) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:00:59.063:53) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7ffcd2b8b750 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.063:53) : avc: denied { read write open } for pid=1177 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1202 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.063:53) : avc: denied { create } for pid=1177 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.063:53) : avc: denied { add_name } for pid=1177 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.063:53) : avc: denied { write } for pid=1177 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.064:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.064:54) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.064:54) : avc: denied { lock } for pid=1177 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1202 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.064:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.064:55) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7f8e0aebaf35 a2=0x7ffcd2b8b6e0 a3=0x1000 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.064:55) : avc: denied { getattr } for pid=1177 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1202 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.066:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:00:59.066:56) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffcd2b8b7d0 a1=0x7ffcd2b8b7d0 a2=0x7ffcd2b8b6b0 a3=0x0 items=0 ppid=1 pid=1177 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.066:56) : avc: denied { unlink } for pid=1177 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1202 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.066:56) : avc: denied { remove_name } for pid=1177 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1202 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.066:56) : avc: denied { write } for pid=1177 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.068:57) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=PATH msg=audit(08/07/23 08:00:59.068:57) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:00:59.068:57) : item=0 name=/usr/bin/bash inode=8392074 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:59.068:57) : cwd=/ > type=EXECVE msg=audit(08/07/23 08:00:59.068:57) : argc=9 a0=/usr/bin/bash a1=-e a2=/usr/bin/clevis a3=luks a4=pass a5=-d a6=/dev/vda4 a7=-s a8=0 > type=SYSCALL msg=audit(08/07/23 08:00:59.068:57) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x7f8e0a6e5dc0 a1=0x55618c098420 a2=0x7ffcd2b94cc8 a3=0x8 items=2 ppid=1177 pid=1187 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.068:57) : avc: denied { map } for pid=1187 comm=clevis path=/usr/bin/bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.068:57) : avc: denied { execute } for pid=1187 comm=fdo-client-linu name=bash dev="dm-1" ino=8392074 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.068:57) : avc: denied { execute_no_trans } for pid=1187 comm=fdo-client-linu path=/usr/bin/clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.068:57) : avc: denied { execute } for pid=1187 comm=fdo-client-linu name=clevis dev="dm-1" ino=2410 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.071:58) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:59.071:58) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7febfd306e17 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1177 pid=1187 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.071:58) : avc: denied { open } for pid=1187 comm=clevis path=/etc/passwd dev="dm-1" ino=639165 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.071:58) : avc: denied { read } for pid=1187 comm=clevis name=passwd dev="dm-1" ino=639165 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.072:59) : proctitle=/usr/bin/bash -e /usr/bin/clevis luks pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:59.072:59) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x3 a1=0x7febfd302f35 a2=0x7ffd4d783510 a3=0x1000 items=0 ppid=1177 pid=1187 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.072:59) : avc: denied { getattr } for pid=1187 comm=clevis path=/etc/passwd dev="dm-1" ino=639165 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.086:60) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:59.086:60) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x55d8d2c4d310 a2=0x7fff57502140 a3=0x0 items=0 ppid=1187 pid=1193 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.086:60) : avc: denied { getattr } for pid=1193 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.086:61) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:59.086:61) : arch=x86_64 syscall=access success=yes exit=0 a0=0x55d8d2c4d310 a1=X_OK a2=0x7fff57502060 a3=0x0 items=0 ppid=1187 pid=1193 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.086:61) : avc: denied { execute } for pid=1193 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.086:62) : proctitle=/usr/bin/bash -e /usr/bin/clevis-luks-pass -d /dev/vda4 -s 0 > type=SYSCALL msg=audit(08/07/23 08:00:59.086:62) : arch=x86_64 syscall=access success=yes exit=0 a0=0x55d8d2c4d310 a1=R_OK a2=0x7fff57502060 a3=0x0 items=0 ppid=1187 pid=1193 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-luks-pas exe=/usr/bin/bash subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.086:62) : avc: denied { read } for pid=1193 comm=clevis-luks-pas name=cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.086:63) : proctitle=cryptsetup isLuks --type luks1 /dev/vda4 > type=PATH msg=audit(08/07/23 08:00:59.086:63) : item=0 name=/lib64/ld-linux-x86-64.so.2 inode=17324163 dev=fd:01 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:00:59.086:63) : cwd=/ > type=EXECVE msg=audit(08/07/23 08:00:59.086:63) : argc=5 a0=cryptsetup a1=isLuks a2=--type a3=luks1 a4=/dev/vda4 > type=SYSCALL msg=audit(08/07/23 08:00:59.086:63) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x55d8d2c4d310 a1=0x55d8d2c4d480 a2=0x55d8d2c424f0 a3=0x55d8d2c4db50 items=1 ppid=1193 pid=1195 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.086:63) : avc: denied { map } for pid=1195 comm=cryptsetup path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.086:63) : avc: denied { execute_no_trans } for pid=1195 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.086:63) : avc: denied { open } for pid=1195 comm=clevis-luks-pas path=/usr/sbin/cryptsetup dev="dm-1" ino=3737 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.115:64) : proctitle=sed -rn s|^\s+([0-9]+): clevis|\1|p > type=EXECVE msg=audit(08/07/23 08:00:59.115:64) : argc=3 a0=sed a1=-rn a2=s|^\s+([0-9]+): clevis|\1|p > type=SYSCALL msg=audit(08/07/23 08:00:59.115:64) : arch=x86_64 syscall=execve success=yes exit=0 a0=0x55d8d2cd92c0 a1=0x55d8d2cda270 a2=0x55d8d2cda2a0 a3=0x8 items=0 ppid=1201 pid=1205 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=sed exe=/usr/bin/sed subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.115:64) : avc: denied { map } for pid=1205 comm=sed path=/usr/bin/sed dev="dm-1" ino=25531310 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.198:65) : proctitle=clevis-pin-tpm2 decrypt > type=SYSCALL msg=audit(08/07/23 08:00:59.198:65) : arch=x86_64 syscall=statx success=yes exit=0 a0=0xffffff9c a1=0x55a5806bead0 a2=0x0 a3=0xfff items=0 ppid=1212 pid=1218 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.198:65) : avc: denied { getattr } for pid=1218 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.200:66) : proctitle=clevis-pin-tpm2 decrypt > type=SYSCALL msg=audit(08/07/23 08:00:59.200:66) : arch=x86_64 syscall=openat success=yes exit=3 a0=AT_FDCWD a1=0x7fff28a39a30 a2=O_RDWR|O_NONBLOCK a3=0x0 items=0 ppid=1212 pid=1218 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=clevis-pin-tpm2 exe=/usr/bin/clevis-pin-tpm2 subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.200:66) : avc: denied { open } for pid=1218 comm=clevis-pin-tpm2 path=/dev/tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.200:66) : avc: denied { read write } for pid=1218 comm=clevis-pin-tpm2 name=tpmrm0 dev="devtmpfs" ino=102 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:tpm_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:00:59.200:66) : avc: denied { dac_override } for pid=1218 comm=clevis-pin-tpm2 capability=dac_override scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.438:68) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:59.438:68) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7fff8ea62da0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.438:68) : avc: denied { ipc_info } for pid=1379 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.439:69) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:59.439:69) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7fff8ea60d90 a1=0x7fff8ea61d90 a2=0xfff a3=0x7f9915c393e0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.439:69) : avc: denied { read } for pid=1379 comm=cryptsetup name=252:4 dev="sysfs" ino=18581 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.458:71) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:59.458:71) : arch=x86_64 syscall=openat success=yes exit=8 a0=AT_FDCWD a1=0x561d64e62aa0 a2=O_RDWR a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.458:71) : avc: denied { write } for pid=1379 comm=cryptsetup name=vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:00:59.498:74) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:00:59.498:74) : arch=x86_64 syscall=add_key success=yes exit=285885891 a0=0x7f9915d5022e a1=0x561d64e9fd00 a2=0x561d64e9a560 a3=0x40 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:00:59.498:74) : avc: denied { write } for pid=1379 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=key permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:00.506:77) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:00.506:77) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7f9915a84580 a2=O_RDONLY a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:00.506:77) : avc: denied { open } for pid=1379 comm=cryptsetup path=/sys/devices/virtual/bdi/253:2/read_ahead_kb dev="sysfs" ino=24234 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:01:00.506:77) : avc: denied { read } for pid=1379 comm=cryptsetup name=read_ahead_kb dev="sysfs" ino=24234 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:00.507:78) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:00.507:78) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0x9 a1=0x7fff8ea62ce0 a2=0x7f9915c3c4a4 a3=0x1000 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:00.507:78) : avc: denied { getattr } for pid=1379 comm=cryptsetup name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:00.516:80) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:00.516:80) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd11 a2=0x561d64ebf400 a3=0x7fff8ea5fbd2 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:00.516:80) : avc: denied { module_request } for pid=1379 comm=cryptsetup kmod="dm-integrity" scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:03.994:90) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:03.994:90) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd0d a2=0x561d64ec1180 a3=0x7fff8ea60d42 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:03.994:90) : avc: denied { sys_admin } for pid=1379 comm=cryptsetup capability=sys_admin scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:26.632:168) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:26.632:168) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x561d64e62aa0 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:26.632:168) : avc: denied { open } for pid=1379 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:01:26.632:168) : avc: denied { read } for pid=1379 comm=cryptsetup name=vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:26.632:169) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:26.632:169) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x9 a1=0x7f9915c3ff35 a2=0x7fff8ea62210 a3=0x1000 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:26.632:169) : avc: denied { getattr } for pid=1379 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:26.632:170) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=PATH msg=audit(08/07/23 08:01:26.632:170) : item=3 name=(null) inode=1476 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:26.632:170) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:26.632:170) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:26.632:170) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:01:26.632:170) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:01:26.632:170) : arch=x86_64 syscall=openat success=yes exit=11 a0=0xc a1=0x7fff8ea622a0 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:26.632:170) : avc: denied { add_name } for pid=1379 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:01:26.632:170) : avc: denied { write } for pid=1379 comm=cryptsetup name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:26.651:175) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:26.651:175) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0x80081272 a2=0x7fff8ea632f0 a3=0x1000 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:26.651:175) : avc: denied { ioctl } for pid=1379 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=267 ioctlcmd=0x1272 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:26.694:182) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:26.694:182) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7fff8ea62350 a1=0x7fff8ea62350 a2=0x7fff8ea62230 a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:26.694:182) : avc: denied { remove_name } for pid=1379 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1476 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:27.093:201) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:27.093:201) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd0d a2=0x561d64ec1100 a3=0x7fff8ea60d42 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:27.093:201) : avc: denied { ioctl } for pid=1379 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd0d scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:27.101:202) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:27.101:202) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0x9 a1=0x7fff8ea61e90 a2=0x7f9915c3c4a4 a3=0x1000 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:27.101:202) : avc: denied { getattr } for pid=1379 comm=cryptsetup name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:29.139:249) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=PATH msg=audit(08/07/23 08:01:29.139:249) : item=3 name=(null) inode=1497 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:29.139:249) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:29.139:249) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:29.139:249) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:01:29.139:249) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:01:29.139:249) : arch=x86_64 syscall=openat success=yes exit=11 a0=0xc a1=0x7fff8ea622a0 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:29.139:249) : avc: denied { read write open } for pid=1379 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1497 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:01:29.139:249) : avc: denied { create } for pid=1379 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:29.139:250) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:29.139:250) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xb a1=0x2 a2=0x0 a3=0x1ff items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:29.139:250) : avc: denied { lock } for pid=1379 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1497 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:29.139:251) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:29.139:251) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7f9915c3ff35 a2=0x7fff8ea62230 a3=0x1000 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:29.139:251) : avc: denied { getattr } for pid=1379 comm=cryptsetup path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1497 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:29.171:252) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:29.171:252) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7fff8ea62350 a1=0x7fff8ea62350 a2=0x7fff8ea62230 a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:29.171:252) : avc: denied { unlink } for pid=1379 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1497 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:29.544:253) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:29.544:253) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd0d a2=0x561d64ec1100 a3=0x7fff8ea60d42 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:29.544:253) : avc: denied { sys_admin } for pid=1379 comm=cryptsetup capability=sys_admin scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=capability permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:39.754:375) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:39.754:375) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x561d64e62aa0 a2=O_RDONLY a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:39.754:375) : avc: denied { open } for pid=1379 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:01:39.754:375) : avc: denied { read } for pid=1379 comm=cryptsetup name=vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:39.754:376) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:39.754:376) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0x9 a1=0x7f9915c3ff35 a2=0x7fff8ea632c0 a3=0x1000 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:39.754:376) : avc: denied { getattr } for pid=1379 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:39.754:377) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:39.754:377) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0x80081272 a2=0x7fff8ea63380 a3=0x1000 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:39.754:377) : avc: denied { ioctl } for pid=1379 comm=cryptsetup path=/dev/vda4 dev="devtmpfs" ino=267 ioctlcmd=0x1272 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:39.754:378) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=PATH msg=audit(08/07/23 08:01:39.754:378) : item=3 name=(null) inode=1570 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:39.754:378) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:39.754:378) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:01:39.754:378) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:01:39.754:378) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:01:39.754:378) : arch=x86_64 syscall=openat success=yes exit=11 a0=0xc a1=0x7fff8ea622c0 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:39.754:378) : avc: denied { add_name } for pid=1379 comm=cryptsetup name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:01:39.754:378) : avc: denied { write } for pid=1379 comm=cryptsetup name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:39.759:381) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:39.759:381) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7fff8ea62370 a1=0x7fff8ea62370 a2=0x7fff8ea62250 a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:39.759:381) : avc: denied { remove_name } for pid=1379 comm=cryptsetup name=L_252:4 dev="tmpfs" ino=1570 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:01:39.759:382) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:01:39.759:382) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x3 a1=0xc138fd0d a2=0x561d64ec10e0 a3=0x7fff8ea60d42 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:01:39.759:382) : avc: denied { ioctl } for pid=1379 comm=cryptsetup path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd0d scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:02:05.227:613) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:02:05.227:613) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x561d64e62aa0 a2=O_RDWR a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:02:05.227:613) : avc: denied { write } for pid=1379 comm=cryptsetup name=vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:02:05.330:616) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:02:05.330:616) : arch=x86_64 syscall=openat success=no exit=ENOENT(No such file or directory) a0=AT_FDCWD a1=0x7fff8ea62010 a2=O_RDONLY a3=0x0 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:02:05.330:616) : avc: denied { read } for pid=1379 comm=cryptsetup name=252:4 dev="sysfs" ino=18581 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:02:06.240:617) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:02:06.240:617) : arch=x86_64 syscall=keyctl success=yes exit=0 a0=0x3 a1=0x110a45c3 a2=0x7f9915ac6e5d a3=0x7fff8ea63301 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:02:06.240:617) : avc: denied { write } for pid=1379 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:fdo_t:s0 tclass=key permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:02:06.240:618) : proctitle=cryptsetup reencrypt --resume-only --active-name luks-e40f9c85-64c2-4bff-83cd-92774685303f --key-file - > type=SYSCALL msg=audit(08/07/23 08:02:06.240:618) : arch=x86_64 syscall=keyctl success=no exit=ENOENT(No such file or directory) a0=0x9 a1=0x110a45c3 a2=0xfffffffc a3=0x561d64ea8a50 items=0 ppid=1177 pid=1379 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=cryptsetup exe=/usr/sbin/cryptsetup subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:02:06.240:618) : avc: denied { write } for pid=1379 comm=cryptsetup scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=key permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.016:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.016:42) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffdc80aebd8 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.016:42) : avc: denied { open } for pid=1163 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:10:53.016:42) : avc: denied { read } for pid=1163 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.016:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.016:43) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x55b3dae26c70 a3=0x7b items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.016:43) : avc: denied { ioctl } for pid=1163 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:44) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffdc80ad330 a2=0x7ffdc80ad250 a3=0x0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:44) : avc: denied { getattr } for pid=1163 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:45) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffdc80ad330 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:45) : avc: denied { write } for pid=1163 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:46) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7f82737787c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:46) : avc: denied { open } for pid=1163 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:10:53.017:46) : avc: denied { read } for pid=1163 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:47) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7f827394cf35 a2=0x7ffdc80acff0 a3=0x1000 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:47) : avc: denied { getattr } for pid=1163 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:48) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffdc80ae5b0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:48) : avc: denied { ipc_info } for pid=1163 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:49) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffdc80ac5a0 a1=0x7ffdc80ad5a0 a2=0xfff a3=0x7f82739463e0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:49) : avc: denied { read } for pid=1163 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18640 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:50) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x55b3dae27000 a2=0x7ffdc80ac510 a3=0x0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:50) : avc: denied { getattr } for pid=1163 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:51) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x55b3dae270c0 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:51) : avc: denied { open } for pid=1163 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:10:53.017:51) : avc: denied { read } for pid=1163 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=233 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:52) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7ffdc80ae22c a3=0x1000 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:52) : avc: denied { ioctl } for pid=1163 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=233 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.017:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.017:53) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7ffdc80ae200 a2=0x7f82739494a4 a3=0x1000 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.017:53) : avc: denied { getattr } for pid=1163 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.019:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.019:54) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7f82740bd037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.019:54) : avc: denied { open } for pid=1163 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:10:53.019:54) : avc: denied { read } for pid=1163 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.019:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 08:10:53.019:55) : item=3 name=(null) inode=1203 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:10:53.019:55) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:10:53.019:55) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:10:53.019:55) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:10:53.019:55) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:10:53.019:55) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7ffdc80ad080 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.019:55) : avc: denied { read write open } for pid=1163 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1203 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:10:53.019:55) : avc: denied { create } for pid=1163 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:10:53.019:55) : avc: denied { add_name } for pid=1163 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:10:53.019:55) : avc: denied { write } for pid=1163 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.020:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.020:56) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.020:56) : avc: denied { lock } for pid=1163 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1203 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.020:57) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.020:57) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7f827394cf35 a2=0x7ffdc80ad010 a3=0x1000 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.020:57) : avc: denied { getattr } for pid=1163 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1203 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:10:53.021:58) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:10:53.021:58) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffdc80ad100 a1=0x7ffdc80ad100 a2=0x7ffdc80acfe0 a3=0x0 items=0 ppid=1 pid=1163 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:10:53.021:58) : avc: denied { unlink } for pid=1163 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1203 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:10:53.021:58) : avc: denied { remove_name } for pid=1163 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1203 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.054:40) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.054:40) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffc3c597098 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.054:40) : avc: denied { open } for pid=1164 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:10.054:40) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.054:41) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.054:41) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x556b70333c70 a3=0x7b items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.054:41) : avc: denied { ioctl } for pid=1164 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:42) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffc3c5957f0 a2=0x7ffc3c595710 a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:42) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:43) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffc3c5957f0 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:43) : avc: denied { write } for pid=1164 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:44) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7fc53acb17c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:44) : avc: denied { open } for pid=1164 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:10.055:44) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:45) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7fc53ae85f35 a2=0x7ffc3c5954b0 a3=0x1000 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:45) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:46) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffc3c596a70 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:46) : avc: denied { ipc_info } for pid=1164 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:47) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffc3c594a60 a1=0x7ffc3c595a60 a2=0xfff a3=0x7fc53ae7f3e0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:47) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18467 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:48) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x556b70334000 a2=0x7ffc3c5949d0 a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:48) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:49) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x556b703340c0 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:49) : avc: denied { open } for pid=1164 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:10.055:49) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=267 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:50) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7ffc3c5966ec a3=0x1000 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:50) : avc: denied { ioctl } for pid=1164 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=267 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.055:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.055:51) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7ffc3c5966c0 a2=0x7fc53ae824a4 a3=0x1000 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.055:51) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.056:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.056:52) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7fc53b5f6037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.056:52) : avc: denied { open } for pid=1164 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:10.056:52) : avc: denied { read } for pid=1164 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.058:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 08:12:10.058:53) : item=3 name=(null) inode=1204 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:10.058:53) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:10.058:53) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:10.058:53) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:12:10.058:53) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:12:10.058:53) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7ffc3c595540 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.058:53) : avc: denied { read write open } for pid=1164 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1204 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:10.058:53) : avc: denied { create } for pid=1164 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:10.058:53) : avc: denied { add_name } for pid=1164 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:12:10.058:53) : avc: denied { write } for pid=1164 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.058:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.058:54) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.058:54) : avc: denied { lock } for pid=1164 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1204 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.059:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.059:55) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7fc53ae85f35 a2=0x7ffc3c5954d0 a3=0x1000 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.059:55) : avc: denied { getattr } for pid=1164 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1204 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:10.063:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:10.063:56) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffc3c5955c0 a1=0x7ffc3c5955c0 a2=0x7ffc3c5954a0 a3=0x0 items=0 ppid=1 pid=1164 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:10.063:56) : avc: denied { unlink } for pid=1164 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1204 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:10.063:56) : avc: denied { remove_name } for pid=1164 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1204 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.455:40) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.455:40) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffe85c1fab8 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.455:40) : avc: denied { open } for pid=1156 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:30.455:40) : avc: denied { read } for pid=1156 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.456:41) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.456:41) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x5583b101ec70 a3=0x7b items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.456:41) : avc: denied { ioctl } for pid=1156 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.456:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.456:42) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffe85c1e210 a2=0x7ffe85c1e130 a3=0x0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.456:42) : avc: denied { getattr } for pid=1156 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.457:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.457:43) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffe85c1e210 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.457:43) : avc: denied { write } for pid=1156 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.457:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.457:44) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7fced97a77c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.457:44) : avc: denied { open } for pid=1156 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:30.457:44) : avc: denied { read } for pid=1156 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.457:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.457:45) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7fced997bf35 a2=0x7ffe85c1ded0 a3=0x1000 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.457:45) : avc: denied { getattr } for pid=1156 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.457:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.457:46) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffe85c1f490 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.457:46) : avc: denied { ipc_info } for pid=1156 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.457:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.457:47) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffe85c1d480 a1=0x7ffe85c1e480 a2=0xfff a3=0x7fced99753e0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.457:47) : avc: denied { read } for pid=1156 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18581 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.458:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.458:48) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x5583b101f000 a2=0x7ffe85c1d3f0 a3=0x0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.458:48) : avc: denied { getattr } for pid=1156 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=239 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.458:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.458:49) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x5583b101f0c0 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.458:49) : avc: denied { open } for pid=1156 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=239 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:30.458:49) : avc: denied { read } for pid=1156 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=239 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.458:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.458:50) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7ffe85c1f10c a3=0x1000 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.458:50) : avc: denied { ioctl } for pid=1156 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=239 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.458:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.458:51) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7ffe85c1f0e0 a2=0x7fced99784a4 a3=0x1000 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.458:51) : avc: denied { getattr } for pid=1156 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.458:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.458:52) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7fceda0ec037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.458:52) : avc: denied { open } for pid=1156 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:30.458:52) : avc: denied { read } for pid=1156 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.461:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 08:12:30.461:53) : item=3 name=(null) inode=1184 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:30.461:53) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:30.461:53) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:30.461:53) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:12:30.461:53) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:12:30.461:53) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7ffe85c1df60 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.461:53) : avc: denied { read write open } for pid=1156 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1184 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:30.461:53) : avc: denied { create } for pid=1156 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:30.461:53) : avc: denied { add_name } for pid=1156 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:12:30.461:53) : avc: denied { write } for pid=1156 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.462:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.462:54) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.462:54) : avc: denied { lock } for pid=1156 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1184 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.463:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.463:55) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7fced997bf35 a2=0x7ffe85c1def0 a3=0x1000 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.463:55) : avc: denied { getattr } for pid=1156 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1184 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:30.466:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:30.466:56) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffe85c1dfe0 a1=0x7ffe85c1dfe0 a2=0x7ffe85c1dec0 a3=0x0 items=0 ppid=1 pid=1156 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:30.466:56) : avc: denied { unlink } for pid=1156 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1184 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:30.466:56) : avc: denied { remove_name } for pid=1156 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1184 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.754:41) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.754:41) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7ffe1fe4f448 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.754:41) : avc: denied { open } for pid=1157 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:51.754:41) : avc: denied { read } for pid=1157 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.754:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.754:42) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x55bb7df68c70 a3=0x7b items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.754:42) : avc: denied { ioctl } for pid=1157 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.754:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.754:43) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7ffe1fe4dba0 a2=0x7ffe1fe4dac0 a3=0x0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.754:43) : avc: denied { getattr } for pid=1157 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:44) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7ffe1fe4dba0 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:44) : avc: denied { write } for pid=1157 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:45) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7f1455dcc7c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:45) : avc: denied { open } for pid=1157 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:51.755:45) : avc: denied { read } for pid=1157 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:46) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7f1455fa0f35 a2=0x7ffe1fe4d860 a3=0x1000 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:46) : avc: denied { getattr } for pid=1157 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:47) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7ffe1fe4ee20 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:47) : avc: denied { ipc_info } for pid=1157 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:48) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7ffe1fe4ce10 a1=0x7ffe1fe4de10 a2=0xfff a3=0x7f1455f9a3e0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:48) : avc: denied { read } for pid=1157 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18483 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:49) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x55bb7df69000 a2=0x7ffe1fe4cd80 a3=0x0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:49) : avc: denied { getattr } for pid=1157 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=236 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:50) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x55bb7df690c0 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:50) : avc: denied { open } for pid=1157 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=236 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:51.755:50) : avc: denied { read } for pid=1157 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=236 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:51) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7ffe1fe4ea9c a3=0x1000 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:51) : avc: denied { ioctl } for pid=1157 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=236 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.755:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.755:52) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7ffe1fe4ea70 a2=0x7f1455f9d4a4 a3=0x1000 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.755:52) : avc: denied { getattr } for pid=1157 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.756:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.756:53) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7f1456711037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.756:53) : avc: denied { open } for pid=1157 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:12:51.756:53) : avc: denied { read } for pid=1157 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.757:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 08:12:51.757:54) : item=3 name=(null) inode=1181 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:51.757:54) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:51.757:54) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:12:51.757:54) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:12:51.757:54) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:12:51.757:54) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7ffe1fe4d8f0 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.757:54) : avc: denied { read write open } for pid=1157 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1181 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:51.757:54) : avc: denied { create } for pid=1157 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:51.757:54) : avc: denied { add_name } for pid=1157 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:12:51.757:54) : avc: denied { write } for pid=1157 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.757:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.757:55) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.757:55) : avc: denied { lock } for pid=1157 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1181 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.757:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.757:56) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7f1455fa0f35 a2=0x7ffe1fe4d880 a3=0x1000 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.757:56) : avc: denied { getattr } for pid=1157 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1181 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:12:51.760:57) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:12:51.760:57) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7ffe1fe4d970 a1=0x7ffe1fe4d970 a2=0x7ffe1fe4d850 a3=0x0 items=0 ppid=1 pid=1157 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:12:51.760:57) : avc: denied { unlink } for pid=1157 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1181 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:12:51.760:57) : avc: denied { remove_name } for pid=1157 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1181 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.256:41) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.256:41) : arch=x86_64 syscall=openat success=yes exit=9 a0=AT_FDCWD a1=0x7fffa44d6108 a2=O_RDONLY|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.256:41) : avc: denied { open } for pid=1175 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:13:13.256:41) : avc: denied { read } for pid=1175 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.256:42) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.256:42) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0x9 a1=0xc138fd02 a2=0x564a331d9c70 a3=0x7b items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.256:42) : avc: denied { ioctl } for pid=1175 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 ioctlcmd=0xfd02 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.256:43) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.256:43) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x7fffa44d4860 a2=0x7fffa44d4780 a3=0x0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.256:43) : avc: denied { getattr } for pid=1175 comm=fdo-client-linu path=/dev/mapper/control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.256:44) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.256:44) : arch=x86_64 syscall=openat success=yes exit=10 a0=AT_FDCWD a1=0x7fffa44d4860 a2=O_RDWR a3=0x0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.256:44) : avc: denied { write } for pid=1175 comm=fdo-client-linu name=control dev="devtmpfs" ino=139 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:lvm_control_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.256:45) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.256:45) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x7f260cf017c2 a2=O_RDONLY a3=0x0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.256:45) : avc: denied { open } for pid=1175 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:13:13.256:45) : avc: denied { read } for pid=1175 comm=fdo-client-linu name=devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.257:46) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.257:46) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xb a1=0x7f260d0d5f35 a2=0x7fffa44d4520 a3=0x1000 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.257:46) : avc: denied { getattr } for pid=1175 comm=fdo-client-linu path=/proc/devices dev="proc" ino=4026532021 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.257:47) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.257:47) : arch=x86_64 syscall=semctl success=yes exit=0 a0=0x0 a1=0x0 a2=0x13 a3=0x7fffa44d5ae0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.257:47) : avc: denied { ipc_info } for pid=1175 comm=fdo-client-linu scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.257:48) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.257:48) : arch=x86_64 syscall=readlink success=yes exit=73 a0=0x7fffa44d3ad0 a1=0x7fffa44d4ad0 a2=0xfff a3=0x7f260d0cf3e0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.257:48) : avc: denied { read } for pid=1175 comm=fdo-client-linu name=252:4 dev="sysfs" ino=18501 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=lnk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.257:49) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.257:49) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=AT_FDCWD a1=0x564a331da000 a2=0x7fffa44d3a40 a3=0x0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.257:49) : avc: denied { getattr } for pid=1175 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=266 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.257:50) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.257:50) : arch=x86_64 syscall=openat success=yes exit=11 a0=AT_FDCWD a1=0x564a331da0c0 a2=O_RDONLY|O_DIRECT a3=0x0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.257:50) : avc: denied { open } for pid=1175 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=266 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > type=AVC msg=audit(08/07/23 08:13:13.257:50) : avc: denied { read } for pid=1175 comm=fdo-client-linu name=vda4 dev="devtmpfs" ino=266 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.257:51) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.257:51) : arch=x86_64 syscall=ioctl success=yes exit=0 a0=0xb a1=0x1268 a2=0x7fffa44d575c a3=0x1000 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.257:51) : avc: denied { ioctl } for pid=1175 comm=fdo-client-linu path=/dev/vda4 dev="devtmpfs" ino=266 ioctlcmd=0x1268 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.257:52) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.257:52) : arch=x86_64 syscall=fstatfs success=yes exit=0 a0=0xb a1=0x7fffa44d5730 a2=0x7f260d0d24a4 a3=0x1000 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.257:52) : avc: denied { getattr } for pid=1175 comm=fdo-client-linu name=/ dev="devtmpfs" ino=1 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.258:53) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.258:53) : arch=x86_64 syscall=openat success=yes exit=12 a0=AT_FDCWD a1=0x7f260d846037 a2=O_RDONLY|O_NONBLOCK|O_CLOEXEC a3=0x0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.258:53) : avc: denied { open } for pid=1175 comm=fdo-client-linu path=/dev/random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > type=AVC msg=audit(08/07/23 08:13:13.258:53) : avc: denied { read } for pid=1175 comm=fdo-client-linu name=random dev="devtmpfs" ino=8 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:random_device_t:s0 tclass=chr_file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.259:54) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=PATH msg=audit(08/07/23 08:13:13.259:54) : item=3 name=(null) inode=1192 dev=00:18 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:13:13.259:54) : item=2 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:13:13.259:54) : item=1 name=(null) nametype=CREATE cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=PATH msg=audit(08/07/23 08:13:13.259:54) : item=0 name=(null) inode=93 dev=00:18 mode=dir,700 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:var_run_t:s0 nametype=PARENT cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 cap_frootid=0 > type=CWD msg=audit(08/07/23 08:13:13.259:54) : cwd=/ > type=SYSCALL msg=audit(08/07/23 08:13:13.259:54) : arch=x86_64 syscall=openat success=yes exit=14 a0=0xf a1=0x7fffa44d45b0 a2=O_RDWR|O_CREAT|O_NOFOLLOW|O_CLOEXEC a3=0x1ff items=4 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.259:54) : avc: denied { read write open } for pid=1175 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1192 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:13:13.259:54) : avc: denied { create } for pid=1175 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:13:13.259:54) : avc: denied { add_name } for pid=1175 comm=fdo-client-linu name=L_252:4 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > type=AVC msg=audit(08/07/23 08:13:13.259:54) : avc: denied { write } for pid=1175 comm=fdo-client-linu name=cryptsetup dev="tmpfs" ino=93 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.259:55) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.259:55) : arch=x86_64 syscall=flock success=yes exit=0 a0=0xe a1=0x1 a2=0x0 a3=0x1ff items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.259:55) : avc: denied { lock } for pid=1175 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1192 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.259:56) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.259:56) : arch=x86_64 syscall=newfstatat success=yes exit=0 a0=0xe a1=0x7f260d0d5f35 a2=0x7fffa44d4540 a3=0x1000 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.259:56) : avc: denied { getattr } for pid=1175 comm=fdo-client-linu path=/run/cryptsetup/L_252:4 dev="tmpfs" ino=1192 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > ---- > type=PROCTITLE msg=audit(08/07/23 08:13:13.262:57) : proctitle=/usr/libexec/fdo/fdo-client-linuxapp > type=SYSCALL msg=audit(08/07/23 08:13:13.262:57) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0x7fffa44d4630 a1=0x7fffa44d4630 a2=0x7fffa44d4510 a3=0x0 items=0 ppid=1 pid=1175 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=fdo-client-linu exe=/usr/libexec/fdo/fdo-client-linuxapp subj=system_u:system_r:fdo_t:s0 key=(null) > type=AVC msg=audit(08/07/23 08:13:13.262:57) : avc: denied { unlink } for pid=1175 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1192 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1 > type=AVC msg=audit(08/07/23 08:13:13.262:57) : avc: denied { remove_name } for pid=1175 comm=fdo-client-linu name=L_252:4 dev="tmpfs" ino=1192 scontext=system_u:system_r:fdo_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir permissive=1
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1982118">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 2229722
: 1982118