Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 295443 Details for
Bug 433672
qemu-kvm throws lots of AVCs running WinXP....
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
AVCs from "qemu-kvm" of WinXP gtuest
qemu-log.txt (text/plain), 14.34 KB, created by
Tom London
on 2008-02-20 19:38:16 UTC
(
hide
)
Description:
AVCs from "qemu-kvm" of WinXP gtuest
Filename:
MIME Type:
Creator:
Tom London
Created:
2008-02-20 19:38:16 UTC
Size:
14.34 KB
patch
obsolete
>type=DAEMON_START msg=audit(1203533997.618:1557): auditd start, ver=1.6.8 format=raw kernel=2.6.25-0.50.rc2.fc9 auid=4294967295 pid=2264 res=success >type=CONFIG_CHANGE msg=audit(1203533997.976:4): audit_backlog_limit=320 old=64 by auid=4294967295 subj=system_u:system_r:auditctl_t:s0 res=1 >type=LABEL_LEVEL_CHANGE msg=audit(1203534014.201:5): user pid=2318 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Cups-PDF uri=cups-pdf:/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1203534014.467:6): user pid=2318 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=HP5MP uri=hp:/par/HP_LaserJet_5MP?device=/dev/parport0 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1203534014.617:7): user pid=2318 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_laserjet_1300 uri=hp:/usb/hp_LaserJet_1300?serial=00CNCB954325 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1203534014.761:8): user pid=2318 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_LaserJet_1300_USB_1 uri=usb://HP/LaserJet%201300 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1203534014.894:9): user pid=2318 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Kyocera_FS-C5030N_on_dc1 uri=socket://10.10.3.49:9100 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1203534014.933:10): user pid=2318 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=SavinColor uri=ipp://10.10.3.47/ipp/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1203534015.172:11): user pid=2318 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Innopath uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=LABEL_LEVEL_CHANGE msg=audit(1203534015.173:12): user pid=2318 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Local uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)' >type=USER_ACCT msg=audit(1203534061.980:13): user pid=2704 uid=0 auid=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct=root exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)' >type=CRED_ACQ msg=audit(1203534061.986:14): user pid=2704 uid=0 auid=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=root exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)' >type=LOGIN msg=audit(1203534061.987:15): login pid=2704 uid=0 old auid=4294967295 new auid=0 old ses=4294967295 new ses=1 >type=USER_START msg=audit(1203534062.219:16): user pid=2704 uid=0 auid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct=root exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)' >type=CRED_DISP msg=audit(1203534062.293:17): user pid=2704 uid=0 auid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=root exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)' >type=USER_END msg=audit(1203534062.295:18): user pid=2704 uid=0 auid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct=root exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)' >type=USER_AUTH msg=audit(1203534108.090:19): user pid=2709 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)' >type=USER_ACCT msg=audit(1203534108.097:20): user pid=2709 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)' >type=CRED_ACQ msg=audit(1203534108.165:21): user pid=2709 uid=500 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)' >type=LOGIN msg=audit(1203534108.215:22): login pid=2709 uid=500 old auid=4294967295 new auid=500 old ses=4294967295 new ses=2 >type=USER_ROLE_CHANGE msg=audit(1203534108.697:23): user pid=2709 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0 selected-context=unconfined_u:unconfined_r:unconfined_t:s0: exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=? res=success)' >type=USER_START msg=audit(1203534110.826:24): user pid=2709 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)' >type=USER_LOGIN msg=audit(1203534110.828:25): user pid=2709 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=success)' >type=USER_AUTH msg=audit(1203534156.175:26): user pid=3141 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:authentication acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=USER_ACCT msg=audit(1203534156.182:27): user pid=3141 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:accounting acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=USER_START msg=audit(1203534157.595:28): user pid=3141 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_open acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=CRED_ACQ msg=audit(1203534157.595:29): user pid=3141 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)' >type=MAC_STATUS msg=audit(1203535099.979:30): enforcing=0 old_enforcing=1 auid=500 ses=2 >type=SYSCALL msg=audit(1203535099.979:30): arch=40000003 syscall=4 success=yes exit=1 a0=3 a1=bfd0b484 a2=1 a3=bfd0b484 items=0 ppid=3160 pid=3700 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=2 comm="setenforce" exe="/usr/sbin/setenforce" subj=unconfined_u:unconfined_r:unconfined_t:s0 key=(null) >type=USER_AVC msg=audit(1203535099.981:31): user pid=2280 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: received setenforce notice (enforcing=0) : exe="?" (sauid=81, hostname=?, addr=?, terminal=?)' >type=AVC msg=audit(1203535172.392:32): avc: denied { create } for pid=3704 comm="qemu-kvm" scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=unconfined_u:unconfined_r:qemu_t:s0 tclass=udp_socket >type=SYSCALL msg=audit(1203535172.392:32): arch=40000003 syscall=102 success=yes exit=9 a0=1 a1=bfc68bd0 a2=a8ffcb8 a3=a8ff070 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535172.393:33): avc: denied { bind } for pid=3704 comm="qemu-kvm" scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=unconfined_u:unconfined_r:qemu_t:s0 tclass=udp_socket >type=AVC msg=audit(1203535172.393:33): avc: denied { node_bind } for pid=3704 comm="qemu-kvm" scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:inaddr_any_node_t:s0 tclass=udp_socket >type=SYSCALL msg=audit(1203535172.393:33): arch=40000003 syscall=102 success=yes exit=0 a0=2 a1=bfc68bd0 a2=a8ffcb8 a3=a8ff070 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535172.394:34): avc: denied { write } for pid=3704 comm="qemu-kvm" lport=45142 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=unconfined_u:unconfined_r:qemu_t:s0 tclass=udp_socket >type=SYSCALL msg=audit(1203535172.394:34): arch=40000003 syscall=102 success=yes exit=68 a0=b a1=bfc68bd0 a2=a8ffcb8 a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535178.842:35): avc: denied { getattr } for pid=3704 comm="qemu-kvm" path="socket:[19164]" dev=sockfs ino=19164 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=unconfined_u:unconfined_r:qemu_t:s0 tclass=udp_socket >type=SYSCALL msg=audit(1203535178.842:35): arch=40000003 syscall=54 success=yes exit=0 a0=a a1=541b a2=bfc6a8e8 a3=a913660 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535178.844:36): avc: denied { read } for pid=3704 comm="qemu-kvm" lport=33300 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=unconfined_u:unconfined_r:qemu_t:s0 tclass=udp_socket >type=SYSCALL msg=audit(1203535178.844:36): arch=40000003 syscall=102 success=yes exit=232 a0=c a1=bfc6a8c0 a2=5e2 a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535178.969:37): avc: denied { name_connect } for pid=3704 comm="qemu-kvm" dest=135 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:reserved_port_t:s0 tclass=tcp_socket >type=SYSCALL msg=audit(1203535178.969:37): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=bfc68b90 a2=bfc68bac a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535179.015:38): avc: denied { name_connect } for pid=3704 comm="qemu-kvm" dest=1025 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket >type=SYSCALL msg=audit(1203535179.015:38): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=bfc68b90 a2=bfc68bac a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535183.091:39): avc: denied { name_connect } for pid=3704 comm="qemu-kvm" dest=445 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:smbd_port_t:s0 tclass=tcp_socket >type=SYSCALL msg=audit(1203535183.091:39): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=bfc68b90 a2=bfc68bac a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535187.623:40): avc: denied { name_connect } for pid=3704 comm="qemu-kvm" dest=88 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:kerberos_port_t:s0 tclass=tcp_socket >type=SYSCALL msg=audit(1203535187.623:40): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=bfc68b90 a2=bfc68bac a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535275.831:41): avc: denied { name_connect } for pid=3704 comm="qemu-kvm" dest=389 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:ldap_port_t:s0 tclass=tcp_socket >type=SYSCALL msg=audit(1203535275.831:41): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=bfc68b90 a2=bfc68bac a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535679.194:42): avc: denied { node_bind } for pid=3704 comm="qemu-kvm" scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:inaddr_any_node_t:s0 tclass=udp_socket >type=SYSCALL msg=audit(1203535679.194:42): arch=40000003 syscall=102 success=yes exit=0 a0=2 a1=bfc68bd0 a2=a82ad40 a3=a8ff070 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535679.668:43): avc: denied { name_connect } for pid=3704 comm="qemu-kvm" dest=80 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:http_port_t:s0 tclass=tcp_socket >type=SYSCALL msg=audit(1203535679.668:43): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=bfc68b90 a2=bfc68bac a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null) >type=AVC msg=audit(1203535697.200:44): avc: denied { name_connect } for pid=3704 comm="qemu-kvm" dest=1314 scontext=unconfined_u:unconfined_r:qemu_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket >type=SYSCALL msg=audit(1203535697.200:44): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=bfc68b90 a2=bfc68bac a3=0 items=0 ppid=3045 pid=3704 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=2 comm="qemu-kvm" exe="/usr/bin/qemu-kvm" subj=unconfined_u:unconfined_r:qemu_t:s0 key=(null)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=295443">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 433672
: 295443