Attachment 589308 Details for Bug 712048 – audit.log & more

audit.log & more

audit.log.txt (text/plain), 4.75 KB, created by Christian Kujau on 2012-06-04 23:53:02 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Christian Kujau

Created: 2012-06-04 23:53:02 UTC

Size: 4.75 KB

patch

obsolete

>type=AVC msg=audit(1338853463.243:315): avc:  denied  { getattr } for  pid=4635 comm="login" path="/home/.ecryptfs/alice/.ecryptfs/auto-mount" dev="sda2" ino=8790 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=file
>type=AVC msg=audit(1338853463.243:316): avc:  denied  { read } for  pid=4635 comm="login" name="Private.mnt" dev="sda2" ino=12468 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
>type=USER_AUTH msg=audit(1338853463.244:317): pid=0 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct="alice" exe="/bin/login" hostname=? addr=? terminal=tty3 res=success'
>type=USER_ACCT msg=audit(1338853463.249:318): pid=0 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct="alice" exe="/bin/login" hostname=? addr=? terminal=tty3 res=success'
>type=USER_ROLE_CHANGE msg=audit(1338853463.301:319): pid=0 uid=0 auid=503 ses=17 subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/bin/login" hostname=? addr=? terminal=tty3 res=success'
>type=AVC msg=audit(1338853464.255:320): avc:  denied  { read } for  pid=4656 comm="login" name="wrapped-passphrase" dev="sda2" ino=12463 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=file
>type=AVC msg=audit(1338853464.256:321): avc:  denied  { getattr } for  pid=4635 comm="login" path="/home/.ecryptfs/alice/.ecryptfs/Private.sig" dev="sda2" ino=12466 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
>type=USER_START msg=audit(1338853464.272:322): pid=0 uid=0 auid=503 ses=17 subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct="alice" exe="/bin/login" hostname=? addr=? terminal=tty3 res=success'
>type=CRED_ACQ msg=audit(1338853464.272:323): pid=0 uid=0 auid=503 ses=17 subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct="alice" exe="/bin/login" hostname=? addr=? terminal=tty3 res=success'
>type=USER_LOGIN msg=audit(1338853464.273:324): pid=0 uid=0 auid=503 ses=17 subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 msg='op=login id=503 exe="/bin/login" hostname=? addr=? terminal=tty3 res=success'
>
>
>
># sh ecrypt.sh alice
>Building and Loading Policy
>+ make -f /usr/share/selinux/devel/Makefile
>Compiling targeted ecrypt module
>/usr/bin/checkmodule:  loading policy configuration from tmp/ecrypt.tmp
>/usr/bin/checkmodule:  policy configuration loaded
>/usr/bin/checkmodule:  writing binary representation (version 14) to tmp/ecrypt.mod
>Creating targeted ecrypt.pp policy package
>rm tmp/ecrypt.mod tmp/ecrypt.mod.fc
>+ /usr/sbin/semodule -i ecrypt.pp
>+ /sbin/restorecon -R -v /home/alice
>/sbin/restorecon reset /home/alice context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:user_home_dir_t:s0
>/sbin/restorecon reset /home/alice/.Private context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ecryptfs_home_t:s0
>/sbin/restorecon reset /home/alice/.ecryptfs context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:ecryptfs_home_t:s0
>/sbin/restorecon reset /home/alice/README.txt context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:user_home_t:s0
>/sbin/restorecon reset /home/alice/Access-Your-Private-Data.desktop context unconfined_u:object_r:home_root_t:s0->unconfined_u:object_r:user_home_t:s0
>+ /usr/sbin/semanage fcontext -a -e /home /home/.ecryptfs
>+ /sbin/restorecon -R -v /home/.ecrypfs/alice
># echo $?
>0
>
># setsebool -P use_ecryptfs_home_dirs 1
># getsebool use_ecryptfs_home_dirs
>use_ecryptfs_home_dirs --> on
>
># ls -la /home/alice/.ecryptfs/
>total 20
>drwx------. 2 alice alice 4096 Jun  4 11:11 .
>drwxr-xr-x. 4 alice alice 4096 Jun  4 11:11 ..
>-rw-r--r--. 1 alice alice    0 Jun  4 11:11 auto-mount
>-rw-r--r--. 1 alice alice    0 Jun  4 11:11 auto-umount
>-rw-------. 1 alice alice   12 Jun  4 11:11 Private.mnt
>-rw-------. 1 alice alice   34 Jun  4 11:11 Private.sig
>-r--------. 1 alice alice   48 Jun  4 11:11 wrapped-passphrase
>
># ls -laZ /home/alice/.ecryptfs/
>drwx------. alice alice unconfined_u:object_r:home_root_t:s0 .
>drwxr-xr-x. alice alice unconfined_u:object_r:home_root_t:s0 ..
>-rw-r--r--. alice alice unconfined_u:object_r:home_root_t:s0 auto-mount
>-rw-r--r--. alice alice unconfined_u:object_r:home_root_t:s0 auto-umount
>-rw-------. alice alice unconfined_u:object_r:user_home_t:s0 Private.mnt
>-rw-------. alice alice unconfined_u:object_r:user_home_t:s0 Private.sig
>-r--------. alice alice unconfined_u:object_r:home_root_t:s0 wrapped-passphrase
>

Actions: View

Attachments on bug 712048: 503872 | 504024 | 504025 | 526446 | 526448 | 534831 | 589308 | 589515