Bug 122996 - System startup avc errors
Summary: System startup avc errors
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: policy   
(Show other bugs)
Version: rawhide
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-05-11 07:56 UTC by Leonard den Ottolander
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-07-20 12:36:08 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Leonard den Ottolander 2004-05-11 07:56:02 UTC
policy-1.11.3-3, permissive mode

I see the following avc messages at boot:
May 11 09:34:02 a3aan kernel: audit(1084260793.895:0): avc:  denied  {
read } for  pid=546 exe=/sbin/lvm.static name=dri dev=hda2 ino=84499
scontext=system_u:system_r:lvm_t
tcontext=system_u:object_r:dri_device_t tclass=dir
May 11 09:34:02 a3aan kernel: audit(1084260793.911:0): avc:  denied  {
search } for  pid=546 exe=/sbin/lvm.static name=dri dev=hda2 ino=84499
scontext=system_u:system_r:lvm_t
tcontext=system_u:object_r:dri_device_t tclass=dir
May 11 09:34:03 a3aan kernel: audit(1084260836.970:0): avc:  denied  {
name_bind } for  pid=1200 exe=/sbin/portmap
scontext=system_u:system_r:portmap_t
tcontext=system_u:object_r:rndc_port_t tclass=tcp_socket

Comment 1 Daniel Walsh 2004-05-21 12:42:40 UTC
Please only submit avc messages from enforcing mode or if the bug
happens in enforcing mode but you can't get it to run, then submit
permissive.  The problem is that I don't know if these errors would
have been prevented by a previous dontaudit.

Dan

Comment 2 Leonard den Ottolander 2004-05-21 22:10:29 UTC
In enforcing mode I only see:

avc:  denied  {
read } for  pid=546 exe=/sbin/lvm.static name=dri dev=hda2 ino=84499
scontext=system_u:system_r:lvm_t
tcontext=system_u:object_r:dri_device_t tclass=dir


Comment 3 Daniel Walsh 2004-06-02 19:02:51 UTC
Fixed in selinux-policy-strict-1.13.2-8

Comment 4 Daniel Walsh 2004-07-20 12:36:08 UTC
Fixed in Rawhide


Note You need to log in before you can comment on or make changes to this bug.