Bug 133936
| Summary: | Several AVC denied messages appear during bootup | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Bernd Bartmann <bernd.bartmann> | ||||
| Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 4.0 | CC: | barryn | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2004-10-07 21:11:06 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 104441 [details]
AVC denied messages found during boot-up
Yes these were fixed in the latest policy, but did not get in before the freeze. You can update to selinux-policy-targeted-1.17.22 or greater. Should I take the update from rawhide or will there be a separate RHN channel for RHES4 Beta1? You can grab it from Rawhide for now. I will check on the RHN channel. Dan Ok, I took selinux-policy-targeted-1.7.23-1 from rawhide and did rpm
-Uvh but ended up with two *.rpmnew files that I had to manually rename:
1. /etc/selinux/targeted/contexts/files/file_contexts
2. /etc/selinux/targeted/policy/policy.18
How is average joe user intended to fiddle with these policy files?
Finally some avc messages are gone now but not all:
audit(1096394871.960:0): avc: denied { read } for pid=718
exe=/sbin/minilogd path=/init dev=rootfs ino=26
scontext=user_u:system_r:syslogd_t
tcontext=system_u:object_r:unlabeled_t tclass=file
audit(1096394878.872:0): avc: denied { read } for pid=1179
exe=/sbin/minilogd path=/init dev=rootfs ino=26
scontext=user_u:system_r:syslogd_t
tcontext=system_u:object_r:unlabeled_t tclass=file
audit(1096394892.782:0): avc: denied { read } for pid=1778
exe=/sbin/minilogd path=/init dev=rootfs ino=26
scontext=user_u:system_r:syslogd_t
tcontext=system_u:object_r:unlabeled_t tclass=file
audit(1096394901.318:0): avc: denied { read } for pid=1995
exe=/sbin/minilogd path=/init dev=rootfs ino=26
scontext=user_u:system_r:syslogd_t
tcontext=system_u:object_r:unlabeled_t tclass=file
audit(1096387702.076:0): avc: denied { read } for pid=2048
exe=/sbin/minilogd path=/init dev=rootfs ino=26
scontext=user_u:system_r:syslogd_t
tcontext=system_u:object_r:unlabeled_t tclass=file
audit(1096387705.943:0): avc: denied { read } for pid=2477
exe=/sbin/minilogd path=/init dev=rootfs ino=26
scontext=user_u:system_r:syslogd_t
tcontext=system_u:object_r:unlabeled_t tclass=file
audit(1096387708.016:0): avc: denied { read } for pid=2579
exe=/sbin/minilogd path=/init dev=rootfs ino=26
scontext=user_u:system_r:syslogd_t
tcontext=system_u:object_r:unlabeled_t tclass=file
audit(1096387711.461:0): avc: denied { read } for pid=2676
exe=/sbin/minilogd path=/init dev=rootfs ino=26
scontext=user_u:system_r:syslogd_t
tcontext=system_u:object_r:unlabeled_t tclass=file
Which kernel are you running? kernel is kernel-2.6.8-1.528.2.10.i686 Try policy selinux-policy-targeted-1.17.26-3 or greater. Looks much better now with selinux-policy-targeted-1.17.28-2. No AVC messages at all. |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922 Description of problem: Several AVC denied messages appear during bootup on RHES4 Beta 1 using the default "targeted" selinux policy. Please have a look at the attached file for the avc messages Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. use default selinux targeted policy 2. watch out for AVC denied messages during bootup 3. Additional info: