Bug 1527684
| Summary: | Flood of 'read' denials for systemd-journald with selinux-policy-3.13.1-306.fc28 | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Adam Williamson <awilliam> |
| Component: | selinux-policy-targeted | Assignee: | Lukas Vrabec <lvrabec> |
| Status: | CLOSED RAWHIDE | QA Contact: | Ben Levenson <benl> |
| Severity: | urgent | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | dwalsh, lvrabec, mgrepl, plautrba, pmoore, pschindl, pwhalen, robatino, walters |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | AcceptedBlocker | ||
| Fixed In Version: | selinux-policy-3.13.1-307.fc28 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-02-20 11:17:57 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1469204 | ||
Adam, Today, I created new selinux-policy package nvr 307.fc28 which fixing this issue. Moving to MODIFIED. Sorry, but I don't believe this is fixed. Still seeing similar denials in today's Rawhide compose, 20180104.n.0, like this:
----
time->Thu Jan 4 19:16:14 2018
type=PROCTITLE msg=audit(1515111374.722:92): proctitle="/usr/lib/systemd/systemd-journald"
type=SYSCALL msg=audit(1515111374.722:92): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc08370 a3=63 items=0 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111374.722:92): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:auditd.service" dev="tmpfs" ino=17501 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:14 2018
type=PROCTITLE msg=audit(1515111374.795:94): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111374.795:94): item=0 name="/run/systemd/units/invocation:auditd.service" inode=17501 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111374.795:94): cwd="/"
type=SYSCALL msg=audit(1515111374.795:94): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8dba280 a2=555cadc08370 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111374.795:94): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:auditd.service" dev="tmpfs" ino=17501 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:14 2018
type=PROCTITLE msg=audit(1515111374.831:98): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111374.831:98): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=17663 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111374.831:98): cwd="/"
type=SYSCALL msg=audit(1515111374.831:98): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc20810 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111374.831:98): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=17663 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:14 2018
type=PROCTITLE msg=audit(1515111374.835:99): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111374.835:99): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=17663 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111374.835:99): cwd="/"
type=SYSCALL msg=audit(1515111374.835:99): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc08370 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111374.835:99): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=17663 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.141:108): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.141:108): item=0 name="/run/systemd/units/invocation:sssd.service" inode=17396 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.141:108): cwd="/"
type=SYSCALL msg=audit(1515111375.141:108): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9fa0 a2=555cadc10e60 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.141:108): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=17396 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.218:109): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.218:109): item=0 name="/run/systemd/units/invocation:sssd.service" inode=17396 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.218:109): cwd="/"
type=SYSCALL msg=audit(1515111375.218:109): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9fa0 a2=555cadc202b0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.218:109): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=17396 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.589:110): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.589:110): item=0 name="/run/systemd/units/invocation:sssd.service" inode=17396 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.589:110): cwd="/"
type=SYSCALL msg=audit(1515111375.589:110): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9fa0 a2=555cadc23620 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.589:110): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=17396 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.643:113): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.643:113): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.643:113): cwd="/"
type=SYSCALL msg=audit(1515111375.643:113): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc23390 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.643:113): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.764:115): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.764:115): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=18632 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.764:115): cwd="/"
type=SYSCALL msg=audit(1515111375.764:115): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1fbb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.764:115): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=18632 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.784:116): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.784:116): item=0 name="/run/systemd/units/invocation:dbus.service" inode=17727 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.784:116): cwd="/"
type=SYSCALL msg=audit(1515111375.784:116): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc25590 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.784:116): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:dbus.service" dev="tmpfs" ino=17727 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:16 2018
type=PROCTITLE msg=audit(1515111376.009:125): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111376.009:125): item=0 name="/run/systemd/units/invocation:sshd.service" inode=18168 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111376.009:125): cwd="/"
type=SYSCALL msg=audit(1515111376.009:125): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc17bb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111376.009:125): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:sshd.service" dev="tmpfs" ino=18168 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:16 2018
type=PROCTITLE msg=audit(1515111376.035:127): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111376.035:127): item=0 name="/run/systemd/units/invocation:NetworkManager-dispatcher.service" inode=19002 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111376.035:127): cwd="/"
type=SYSCALL msg=audit(1515111376.035:127): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f80 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111376.035:127): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:NetworkManager-dispatcher.service" dev="tmpfs" ino=19002 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:16 2018
type=PROCTITLE msg=audit(1515111376.088:128): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111376.088:128): item=0 name="/run/systemd/units/invocation:iscsi.service" inode=18997 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111376.088:128): cwd="/"
type=SYSCALL msg=audit(1515111376.088:128): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8dba280 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111376.088:128): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:iscsi.service" dev="tmpfs" ino=18997 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:16 2018
type=PROCTITLE msg=audit(1515111376.135:131): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111376.135:131): item=0 name="/run/systemd/units/invocation:iscsid.service" inode=19496 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111376.135:131): cwd="/"
type=SYSCALL msg=audit(1515111376.135:131): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111376.135:131): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:iscsid.service" dev="tmpfs" ino=19496 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.244:149): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.244:149): item=0 name="/run/systemd/units/invocation:polkit.service" inode=19122 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.244:149): cwd="/"
type=SYSCALL msg=audit(1515111378.244:149): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1b730 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.244:149): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:polkit.service" dev="tmpfs" ino=19122 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.347:151): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.347:151): item=0 name="/run/systemd/units/invocation:NetworkManager-dispatcher.service" inode=19002 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.347:151): cwd="/"
type=SYSCALL msg=audit(1515111378.347:151): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f30 a2=555cadc17bb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.347:151): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:NetworkManager-dispatcher.service" dev="tmpfs" ino=19002 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.353:153): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.353:153): item=0 name="/run/systemd/units/invocation:dbus.service" inode=17727 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.353:153): cwd="/"
type=SYSCALL msg=audit(1515111378.353:153): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1fbb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.353:153): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:dbus.service" dev="tmpfs" ino=17727 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.383:154): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.383:154): item=0 name="/run/systemd/units/invocation:iscsi.service" inode=18997 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.383:154): cwd="/"
type=SYSCALL msg=audit(1515111378.383:154): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8dba280 a2=555cadc1b7a0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.383:154): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:iscsi.service" dev="tmpfs" ino=18997 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:19 2018
type=PROCTITLE msg=audit(1515111379.136:189): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111379.136:189): item=0 name="/run/systemd/units/invocation:iscsid.service" inode=19496 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111379.136:189): cwd="/"
type=SYSCALL msg=audit(1515111379.136:189): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111379.136:189): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:iscsid.service" dev="tmpfs" ino=19496 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:17 2018
type=PROCTITLE msg=audit(1515111377.135:146): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111377.135:146): item=0 name="/run/systemd/units/invocation:iscsid.service" inode=19496 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111377.135:146): cwd="/"
type=SYSCALL msg=audit(1515111377.135:146): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1b8d0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111377.135:146): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:iscsid.service" dev="tmpfs" ino=19496 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.960:169): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.960:169): item=0 name="/run/systemd/units/invocation:firewalld.service" inode=17332 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.960:169): cwd="/"
type=SYSCALL msg=audit(1515111378.960:169): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1bbf0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.960:169): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:firewalld.service" dev="tmpfs" ino=17332 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.387:195): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.387:195): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.387:195): cwd="/"
type=SYSCALL msg=audit(1515111384.387:195): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1fbb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.387:195): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.461:199): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.461:199): item=0 name="/run/systemd/units/invocation:user" inode=21718 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.461:199): cwd="/"
type=SYSCALL msg=audit(1515111384.461:199): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc25650 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.461:199): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21718 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.531:201): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.531:201): item=0 name="/run/systemd/units/invocation:user" inode=21718 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.531:201): cwd="/"
type=SYSCALL msg=audit(1515111384.531:201): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f50 a2=555cadc1fbb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.531:201): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21718 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.553:203): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.553:203): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=21724 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.553:203): cwd="/"
type=SYSCALL msg=audit(1515111384.553:203): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1b1c0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.553:203): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=21724 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.555:207): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.555:207): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=21724 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.555:207): cwd="/"
type=SYSCALL msg=audit(1515111384.555:207): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1b490 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.555:207): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=21724 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:27 2018
type=PROCTITLE msg=audit(1515111387.446:210): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111387.446:210): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=21724 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111387.446:210): cwd="/"
type=SYSCALL msg=audit(1515111387.446:210): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1b1c0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111387.446:210): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=21724 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:27 2018
type=PROCTITLE msg=audit(1515111387.465:215): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111387.465:215): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111387.465:215): cwd="/"
type=SYSCALL msg=audit(1515111387.465:215): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc23620 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111387.465:215): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:27 2018
type=PROCTITLE msg=audit(1515111387.475:216): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111387.475:216): item=0 name="/run/systemd/units/invocation:user" inode=21718 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111387.475:216): cwd="/"
type=SYSCALL msg=audit(1515111387.475:216): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f50 a2=555cadc25650 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111387.475:216): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21718 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:27 2018
type=PROCTITLE msg=audit(1515111387.487:217): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111387.487:217): item=0 name="/run/systemd/units/invocation:user" inode=21718 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111387.487:217): cwd="/"
type=SYSCALL msg=audit(1515111387.487:217): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc25650 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111387.487:217): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21718 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:31 2018
type=PROCTITLE msg=audit(1515111391.186:225): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111391.186:225): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111391.186:225): cwd="/"
type=SYSCALL msg=audit(1515111391.186:225): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111391.186:225): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:31 2018
type=PROCTITLE msg=audit(1515111391.278:230): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111391.278:230): item=0 name="/run/systemd/units/invocation:user" inode=21215 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111391.278:230): cwd="/"
type=SYSCALL msg=audit(1515111391.278:230): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc23620 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111391.278:230): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21215 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:31 2018
type=PROCTITLE msg=audit(1515111391.317:231): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111391.317:231): item=0 name="/run/systemd/units/invocation:user" inode=21215 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111391.317:231): cwd="/"
type=SYSCALL msg=audit(1515111391.317:231): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f50 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111391.317:231): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21215 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:31 2018
type=PROCTITLE msg=audit(1515111391.335:233): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111391.335:233): item=0 name="/run/systemd/units/invocation:session-3.scope" inode=21294 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111391.335:233): cwd="/"
type=SYSCALL msg=audit(1515111391.335:233): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1cce0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111391.335:233): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:session-3.scope" dev="tmpfs" ino=21294 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:46 2018
type=PROCTITLE msg=audit(1515111406.727:244): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111406.727:244): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111406.727:244): cwd="/"
type=SYSCALL msg=audit(1515111406.727:244): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc25650 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111406.727:244): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan 4 19:16:46 2018
type=PROCTITLE msg=audit(1515111406.735:247): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111406.735:247): item=0 name="/run/systemd/units/invocation:session-5.scope" inode=22021 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111406.735:247): cwd="/"
type=SYSCALL msg=audit(1515111406.735:247): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc26770 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111406.735:247): avc: denied { read } for pid=604 comm="systemd-journal" name="invocation:session-5.scope" dev="tmpfs" ino=22021 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
Still seeing this on the nominated compose - Fedora-Rawhide-20180107.n.0 Discussed at 2018-01-08 blocker review meeting: [1]. This bug was accepted as Beta blocker: this is accepted as a violation of Basic criterion "A system logging infrastructure must be available, enabled by default, and working" - also Final criterion "There must be no SELinux denial notifications...on boot of or during installation from a release-blocking live image, or at first login after a default install of a release-blocking desktop" for Xfce, possibly GNOME [1] https://meetbot-raw.fedoraproject.org/fedora-blocker-review/2018-01-08/ commit 1702c2a3ad9c1bb17d7f01dcfeabf429df2a4787 (HEAD -> rawhide, origin/rawhide)
Author: Lukas Vrabec <lvrabec>
Date: Tue Jan 9 10:23:32 2018 +0100
Add Label systemd_unit_file_t for /var/run/systemd/units/
|
Since selinux-policy-3.13.1-306.fc28 landed in Rawhide, there seems to be a flood of 'read' denials for systemd-journald immediately after any boot and install. Here's all the denials from one test: ---- time->Mon Dec 18 08:33:32 2017 type=PROCTITLE msg=audit(1513604012.447:90): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604012.447:90): item=0 name="/run/systemd/units/invocation:auditd.service" inode=16120 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604012.447:90): cwd="/" type=SYSCALL msg=audit(1513604012.447:90): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276733d0 a2=56501f7d51c0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604012.447:90): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:auditd.service" dev="tmpfs" ino=16120 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:32 2017 type=PROCTITLE msg=audit(1513604012.533:94): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604012.533:94): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=16303 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604012.533:94): cwd="/" type=SYSCALL msg=audit(1513604012.533:94): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d5830 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604012.533:94): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=16303 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:32 2017 type=PROCTITLE msg=audit(1513604012.548:95): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604012.548:95): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=16303 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604012.548:95): cwd="/" type=SYSCALL msg=audit(1513604012.548:95): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d51c0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604012.548:95): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=16303 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:32 2017 type=PROCTITLE msg=audit(1513604012.587:96): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604012.587:96): item=0 name="/run/systemd/units/invocation:sssd.service" inode=16296 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604012.587:96): cwd="/" type=SYSCALL msg=audit(1513604012.587:96): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730f0 a2=56501f7d6d90 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604012.587:96): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=16296 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:32 2017 type=PROCTITLE msg=audit(1513604012.696:101): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604012.696:101): item=0 name="/run/systemd/units/invocation:sssd.service" inode=16296 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604012.696:101): cwd="/" type=SYSCALL msg=audit(1513604012.696:101): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730f0 a2=56501f7c7900 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604012.696:101): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=16296 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:32 2017 type=PROCTITLE msg=audit(1513604012.968:106): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604012.968:106): item=0 name="/run/systemd/units/invocation:sssd.service" inode=16296 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604012.968:106): cwd="/" type=SYSCALL msg=audit(1513604012.968:106): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730f0 a2=56501f7d54a0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604012.968:106): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=16296 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:33 2017 type=PROCTITLE msg=audit(1513604013.089:107): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604013.089:107): item=0 name="/run/systemd/units/invocation:lvm2-pvscan@252:2.service" inode=15908 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604013.089:107): cwd="/" type=SYSCALL msg=audit(1513604013.089:107): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276733e0 a2=56501f7d2150 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604013.089:107): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:lvm2-pvscan@252:2.service" dev="tmpfs" ino=15908 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:33 2017 type=PROCTITLE msg=audit(1513604013.192:111): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604013.192:111): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604013.192:111): cwd="/" type=SYSCALL msg=audit(1513604013.192:111): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d4a80 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604013.192:111): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:33 2017 type=PROCTITLE msg=audit(1513604013.460:113): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604013.460:113): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=17556 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604013.460:113): cwd="/" type=SYSCALL msg=audit(1513604013.460:113): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d6930 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604013.460:113): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=17556 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:33 2017 type=PROCTITLE msg=audit(1513604013.479:114): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604013.479:114): item=0 name="/run/systemd/units/invocation:dbus.service" inode=16312 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604013.479:114): cwd="/" type=SYSCALL msg=audit(1513604013.479:114): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d8e30 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604013.479:114): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:dbus.service" dev="tmpfs" ino=16312 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:33 2017 type=PROCTITLE msg=audit(1513604013.664:120): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604013.664:120): item=0 name="/run/systemd/units/invocation:sshd.service" inode=17678 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604013.664:120): cwd="/" type=SYSCALL msg=audit(1513604013.664:120): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d95d0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604013.664:120): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:sshd.service" dev="tmpfs" ino=17678 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:33 2017 type=PROCTITLE msg=audit(1513604013.695:124): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604013.695:124): item=0 name="/run/systemd/units/invocation:NetworkManager-dispatcher.service" inode=19011 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604013.695:124): cwd="/" type=SYSCALL msg=audit(1513604013.695:124): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730d0 a2=56501f7cea40 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604013.695:124): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:NetworkManager-dispatcher.service" dev="tmpfs" ino=19011 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:33 2017 type=PROCTITLE msg=audit(1513604013.821:136): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604013.821:136): item=0 name="/run/systemd/units/invocation:polkit.service" inode=19359 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604013.821:136): cwd="/" type=SYSCALL msg=audit(1513604013.821:136): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7ca730 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604013.821:136): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:polkit.service" dev="tmpfs" ino=19359 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:34 2017 type=PROCTITLE msg=audit(1513604014.588:157): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604014.588:157): item=0 name="/run/systemd/units/invocation:firewalld.service" inode=17464 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604014.588:157): cwd="/" type=SYSCALL msg=audit(1513604014.588:157): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7cdfd0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604014.588:157): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:firewalld.service" dev="tmpfs" ino=17464 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:34 2017 type=PROCTITLE msg=audit(1513604014.714:185): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604014.714:185): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=17556 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604014.714:185): cwd="/" type=SYSCALL msg=audit(1513604014.714:185): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d61c0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604014.714:185): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=17556 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:34 2017 type=PROCTITLE msg=audit(1513604014.751:186): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604014.751:186): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=17556 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604014.751:186): cwd="/" type=SYSCALL msg=audit(1513604014.751:186): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730d0 a2=56501f7ce6e0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604014.751:186): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=17556 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:34 2017 type=PROCTITLE msg=audit(1513604014.766:187): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604014.766:187): item=0 name="/run/systemd/units/invocation:NetworkManager-dispatcher.service" inode=19011 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604014.766:187): cwd="/" type=SYSCALL msg=audit(1513604014.766:187): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673080 a2=56501f7cd180 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604014.766:187): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:NetworkManager-dispatcher.service" dev="tmpfs" ino=19011 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:36 2017 type=PROCTITLE msg=audit(1513604016.828:188): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604016.828:188): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=17556 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604016.828:188): cwd="/" type=SYSCALL msg=audit(1513604016.828:188): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7cdfd0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604016.828:188): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=17556 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:39 2017 type=PROCTITLE msg=audit(1513604019.008:194): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604019.008:194): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604019.008:194): cwd="/" type=SYSCALL msg=audit(1513604019.008:194): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d2150 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604019.008:194): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:39 2017 type=PROCTITLE msg=audit(1513604019.082:199): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604019.082:199): item=0 name="/run/systemd/units/invocation:user" inode=20219 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604019.082:199): cwd="/" type=SYSCALL msg=audit(1513604019.082:199): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d1220 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604019.082:199): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20219 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:39 2017 type=PROCTITLE msg=audit(1513604019.157:200): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604019.157:200): item=0 name="/run/systemd/units/invocation:user" inode=20219 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604019.157:200): cwd="/" type=SYSCALL msg=audit(1513604019.157:200): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730a0 a2=56501f7d2150 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604019.157:200): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20219 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:39 2017 type=PROCTITLE msg=audit(1513604019.188:203): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604019.188:203): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=18404 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604019.188:203): cwd="/" type=SYSCALL msg=audit(1513604019.188:203): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d0780 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604019.188:203): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=18404 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:39 2017 type=PROCTITLE msg=audit(1513604019.190:206): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604019.190:206): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=18404 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604019.190:206): cwd="/" type=SYSCALL msg=audit(1513604019.190:206): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d0300 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604019.190:206): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=18404 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:39 2017 type=PROCTITLE msg=audit(1513604019.900:207): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604019.900:207): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=16303 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604019.900:207): cwd="/" type=SYSCALL msg=audit(1513604019.900:207): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d0300 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604019.900:207): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=16303 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:41 2017 type=PROCTITLE msg=audit(1513604021.399:208): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604021.399:208): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=16303 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604021.399:208): cwd="/" type=SYSCALL msg=audit(1513604021.399:208): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d5830 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604021.399:208): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=16303 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:43 2017 type=PROCTITLE msg=audit(1513604023.077:211): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604023.077:211): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=18404 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604023.077:211): cwd="/" type=SYSCALL msg=audit(1513604023.077:211): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d1060 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604023.077:211): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=18404 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:43 2017 type=PROCTITLE msg=audit(1513604023.109:216): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604023.109:216): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604023.109:216): cwd="/" type=SYSCALL msg=audit(1513604023.109:216): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d3630 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604023.109:216): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:43 2017 type=PROCTITLE msg=audit(1513604023.123:217): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604023.123:217): item=0 name="/run/systemd/units/invocation:user" inode=20219 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604023.123:217): cwd="/" type=SYSCALL msg=audit(1513604023.123:217): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730a0 a2=56501f7d1220 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604023.123:217): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20219 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:46 2017 type=PROCTITLE msg=audit(1513604026.772:225): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604026.772:225): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604026.772:225): cwd="/" type=SYSCALL msg=audit(1513604026.772:225): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7cdfd0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604026.772:225): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:46 2017 type=PROCTITLE msg=audit(1513604026.847:230): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604026.847:230): item=0 name="/run/systemd/units/invocation:user" inode=20361 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604026.847:230): cwd="/" type=SYSCALL msg=audit(1513604026.847:230): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7da220 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604026.847:230): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20361 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:46 2017 type=PROCTITLE msg=audit(1513604026.908:231): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604026.908:231): item=0 name="/run/systemd/units/invocation:user" inode=20361 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604026.908:231): cwd="/" type=SYSCALL msg=audit(1513604026.908:231): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730a0 a2=56501f7cdfd0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604026.908:231): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20361 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:46 2017 type=PROCTITLE msg=audit(1513604026.935:233): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604026.935:233): item=0 name="/run/systemd/units/invocation:session-3.scope" inode=20366 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604026.935:233): cwd="/" type=SYSCALL msg=audit(1513604026.935:233): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7da3d0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604026.935:233): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:session-3.scope" dev="tmpfs" ino=20366 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:59 2017 type=PROCTITLE msg=audit(1513604039.177:243): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604039.177:243): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604039.177:243): cwd="/" type=SYSCALL msg=audit(1513604039.177:243): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d1220 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604039.177:243): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 ---- time->Mon Dec 18 08:33:59 2017 type=PROCTITLE msg=audit(1513604039.195:244): proctitle="/usr/lib/systemd/systemd-journald" type=PATH msg=audit(1513604039.195:244): item=0 name="/run/systemd/units/invocation:session-5.scope" inode=20912 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0 type=CWD msg=audit(1513604039.195:244): cwd="/" type=SYSCALL msg=audit(1513604039.195:244): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d0970 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null) type=AVC msg=audit(1513604039.195:244): avc: denied { read } for pid=402 comm="systemd-journal" name="invocation:session-5.scope" dev="tmpfs" ino=20912 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0 I'm gonna presume this is preventing logging from working fully, and propose it as a Beta blocker as a violation of Basic release criterion "A system logging infrastructure must be available, enabled by default, and working" - https://fedoraproject.org/wiki/Basic_Release_Criteria#System_logging