Bug 155849
Summary: | avc: denied { write } for name=rhgb-socket | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | sangu <sangu.fedora> | ||||
Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | rawhide | ||||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | i386 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | selinux-policy-targeted-1.23.18-2 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2005-06-10 09:55:29 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
sangu
2005-04-24 17:16:02 UTC
Fixed in selinux-policy-*-1.23.13-3 Created attachment 113721 [details]
dmesg in kernel-2.6.11-1.1268_FC4
After installing selinux-policy-*-1.23.13-3, audit error messages are changed
in dmesg.
[...]
audit(1114611219.454:0): avc: denied { write } for
path=/etc/rhgb/temp/rhgb-console dev=ramfs ino=6990
scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:ramfs_t
tclass=fifo_file
[...]
audit(1114611242.177:0): avc: denied { lock } for path=/etc/fstab dev=hda8
ino=211799 scontext=system_u:system_r:updfstab_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
audit(1114611242.753:0): avc: denied { lock } for path=/etc/fstab dev=hda8
ino=211799 scontext=system_u:system_r:updfstab_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
audit(1114611242.905:0): avc: denied { lock } for path=/etc/fstab dev=hda8
ino=211799 scontext=system_u:system_r:updfstab_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
audit(1114611243.042:0): avc: denied { lock } for path=/etc/fstab dev=hda8
ino=211799 scontext=system_u:system_r:updfstab_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
audit(1114611252.611:0): avc: denied { connectto } for
path=/etc/rhgb/temp/rhgb-socket scontext=system_u:system_r:init_t
tcontext=system_u:system_r:initrc_t
restorecon -v /etc/fstab should clear most of them. Dan Dan : thank your comments. /etc/fstab problem is fixed. $restorecon -v /etc/fstab After rebooting $dmesg | grep avc audit(1114621106.443:0): avc: denied { write } for path=/etc/rhgb/temp/rhgb-console dev=ramfs ino=7080 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:ramfs_t tclass=fifo_file audit(1114621145.580:0): avc: denied { connectto } for path=/etc/rhgb/temp/rhgb-socket scontext=system_u:system_r:init_t tcontext=system_u:system_r:initrc_t tclass=unix_stream_socket in selinux-policy-targeted-1.23.14-2, kernel-2.6.11-1.1282_FC4 $ dmesg | grep avc audit(1115168226.367:0): avc: denied { write } for path=/etc/rhgb/temp/rhgb-console dev=ramfs ino=6650 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:ramfs_t tclass=fifo_file audit(1115168263.211:0): avc: denied { search } for name=rhgb dev=hda8 ino=211872 scontext=system_u:system_r:init_t tcontext=system_u:object_r:mnt_t tclass=dir |