Bug 122996 - System startup avc errors
System startup avc errors
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: policy (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-05-11 03:56 EDT by Leonard den Ottolander
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-07-20 08:36:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Leonard den Ottolander 2004-05-11 03:56:02 EDT
policy-1.11.3-3, permissive mode

I see the following avc messages at boot:
May 11 09:34:02 a3aan kernel: audit(1084260793.895:0): avc:  denied  {
read } for  pid=546 exe=/sbin/lvm.static name=dri dev=hda2 ino=84499
scontext=system_u:system_r:lvm_t
tcontext=system_u:object_r:dri_device_t tclass=dir
May 11 09:34:02 a3aan kernel: audit(1084260793.911:0): avc:  denied  {
search } for  pid=546 exe=/sbin/lvm.static name=dri dev=hda2 ino=84499
scontext=system_u:system_r:lvm_t
tcontext=system_u:object_r:dri_device_t tclass=dir
May 11 09:34:03 a3aan kernel: audit(1084260836.970:0): avc:  denied  {
name_bind } for  pid=1200 exe=/sbin/portmap
scontext=system_u:system_r:portmap_t
tcontext=system_u:object_r:rndc_port_t tclass=tcp_socket
Comment 1 Daniel Walsh 2004-05-21 08:42:40 EDT
Please only submit avc messages from enforcing mode or if the bug
happens in enforcing mode but you can't get it to run, then submit
permissive.  The problem is that I don't know if these errors would
have been prevented by a previous dontaudit.

Dan
Comment 2 Leonard den Ottolander 2004-05-21 18:10:29 EDT
In enforcing mode I only see:

avc:  denied  {
read } for  pid=546 exe=/sbin/lvm.static name=dri dev=hda2 ino=84499
scontext=system_u:system_r:lvm_t
tcontext=system_u:object_r:dri_device_t tclass=dir
Comment 3 Daniel Walsh 2004-06-02 15:02:51 EDT
Fixed in selinux-policy-strict-1.13.2-8
Comment 4 Daniel Walsh 2004-07-20 08:36:08 EDT
Fixed in Rawhide

Note You need to log in before you can comment on or make changes to this bug.