Bug 165912 - Many programs has "avc: denied" in selinux-policy-targeted-1.25.4-1
Many programs has "avc: denied" in selinux-policy-targeted-1.25.4-1
Status: CLOSED DUPLICATE of bug 169427
Product: Fedora
Classification: Fedora
Component: mkinitrd (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Peter Jones
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-13 21:16 EDT by sangu
Modified: 2007-11-30 17:11 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-11-02 14:41:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
dmesg in kernel-2.6.13-1.1525_FC5 (58.21 KB, text/plain)
2005-08-30 03:15 EDT, sangu
no flags Details

  None (edit)
Description sangu 2005-08-13 21:16:17 EDT
Description of problem:
$ dmesg | grep avc
audit(1124008599.700:2): avc:  denied  { read } for  pid=458 comm="restorecon"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:restorecon_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1124008601.713:3): avc:  denied  { use } for  pid=902 comm="kmodule"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:kudzu_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1124008612.409:4): avc:  denied  { read } for  pid=1335 comm="ifconfig"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1124008621.874:5): avc:  denied  { use } for  pid=1364 comm="hwclock"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:hwclock_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976222.716:6): avc:  denied  { read } for  pid=1415 comm="restorecon"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:restorecon_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976223.472:7): avc:  denied  { use } for  pid=1422 comm="fsck"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:fsadm_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976223.596:8): avc:  denied  { read } for  pid=1428 comm="restorecon"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:restorecon_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976223.712:9): avc:  denied  { read } for  pid=1429 comm="restorecon"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:restorecon_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976224.616:10): avc:  denied  { read } for  pid=1468 comm="restorecon"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:restorecon_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976224.820:11): avc:  denied  { read } for  pid=1473 comm="restorecon"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:restorecon_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976224.952:12): avc:  denied  { use } for  pid=1475 comm="swapon"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:fsadm_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976225.896:13): avc:  denied  { read } for  pid=1532 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976225.916:14): avc:  denied  { read } for  pid=1534 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976225.944:15): avc:  denied  { read } for  pid=1536 comm="iwconfig"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.004:16): avc:  denied  { read } for  pid=1538 comm="ethtool"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.036:17): avc:  denied  { read } for  pid=1541 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.056:18): avc:  denied  { use } for  pid=1542 comm="arping"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:netutils_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976226.056:19): avc:  denied  { read } for  pid=1543 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.076:20): avc:  denied  { use } for  pid=1545 comm="arping"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:netutils_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976226.084:21): avc:  denied  { read } for  pid=1549 comm="ethtool"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.088:22): avc:  denied  { read } for  pid=1551 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.176:23): avc:  denied  { read } for  pid=1563 comm="ifconfig"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.280:24): avc:  denied  { read } for  pid=1601 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.288:25): avc:  denied  { read } for  pid=1604 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.296:26): avc:  denied  { read } for  pid=1607 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.300:27): avc:  denied  { read } for  pid=1609 comm="iwconfig"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.304:28): avc:  denied  { read } for  pid=1611 comm="ethtool"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.324:29): avc:  denied  { read } for  pid=1616 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.328:30): avc:  denied  { read } for  pid=1618 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.348:31): avc:  denied  { read } for  pid=1620 comm="mii-tool"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.356:32): avc:  denied  { read } for  pid=1626 comm="ethtool"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976226.380:33): avc:  denied  { read } for  pid=1629 comm="dhclient"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.124:34): avc:  denied  { use } for  pid=1678 comm="arping"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:netutils_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976228.236:35): avc:  denied  { read } for  pid=1705 comm="ethtool"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.240:36): avc:  denied  { read } for  pid=1707 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.268:37): avc:  denied  { read } for  pid=1718 comm="ifconfig"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.364:38): avc:  denied  { read } for  pid=1753 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.368:39): avc:  denied  { read } for  pid=1756 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.376:40): avc:  denied  { read } for  pid=1759 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.380:41): avc:  denied  { read } for  pid=1761 comm="iwconfig"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.384:42): avc:  denied  { read } for  pid=1763 comm="ethtool"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.396:43): avc:  denied  { read } for  pid=1768 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976228.400:44): avc:  denied  { use } for  pid=1769 comm="arping"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:netutils_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976232.428:45): avc:  denied  { read } for  pid=1770 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976232.432:46): avc:  denied  { read } for  pid=1772 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976232.436:47): avc:  denied  { use } for  pid=1773 comm="arping"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:netutils_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976232.452:48): avc:  denied  { read } for  pid=1778 comm="ethtool"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976232.456:49): avc:  denied  { read } for  pid=1780 comm="ip"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976232.488:50): avc:  denied  { read } for  pid=1791 comm="ifconfig"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:ifconfig_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
audit(1123976232.636:51): avc:  denied  { use } for  pid=1810 comm="syslogd"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:syslogd_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976232.736:52): avc:  denied  { use } for  pid=1812 comm="klogd"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:klogd_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976234.452:53): avc:  denied  { use } for  pid=1856 comm="arping"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:netutils_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976235.296:54): avc:  denied  { use } for  pid=1879 comm="portmap"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:portmap_t
tcontext=system_u:system_r:kernel_t tclass=fd
audit(1123976236.144:55): avc:  denied  { use } for  pid=1888 comm="auditd"
name="hda7" dev=tmpfs ino=634 scontext=system_u:system_r:auditd_t
tcontext=system_u:system_r:kernel_t tclass=fd


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.25.4-1


How reproducible:
always

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
kernel-2.6.12-1.1482_FC5
Comment 1 Daniel Walsh 2005-08-14 15:51:56 EDT
This indicates the kernel is leaking a file descriptor.
Comment 2 James Morris 2005-08-14 23:21:32 EDT
(In reply to comment #1)
> This indicates the kernel is leaking a file descriptor.

How does it indicate this?

Please provide more details and logging information.

You probably need to enable auditing to find the pathnames etc.
Comment 3 James Morris 2005-08-14 23:23:47 EDT
Also, when did this start happening?  After a kernel upgrade, policy upgrade? 
If so, which versions?
Comment 4 Stephen Smalley 2005-08-15 09:08:32 EDT
(In reply to comment #2)

The audit messages show denials on:
- an open file descriptor labeled with the kernel's domain (kernel_t) that
refers to a file named "hda7", and
- the "hda7" file referenced by that descriptor, labeled with the
fixed_disk_device_t type and the blk_file (block device file) class.

This implies that a kernel thread (or subsequent usermode helper run by a kernel
thread without performing a domain transition, although such helpers typically
have their own domains, at least under strict) has opened a descriptor to that
device and failed to close it, such that all descendants end up trying to
inherit it and run into the SELinux denials (which would close the descriptor
and replace it with a reference to the null device if in enforcing mode).
Comment 5 sangu 2005-08-30 03:15:55 EDT
Created attachment 118239 [details]
dmesg in kernel-2.6.13-1.1525_FC5

This problem still happenes in kernel-2.6.13-1.1525_FC5.

selinux-policy-targeted-1.25.4-11, audit-1.0.3-1
Comment 6 sangu 2005-08-30 03:24:32 EDT
$fdisk /dev/hda

The number of cylinders for this disk is set to 9729.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
   (e.g., DOS FDISK, OS/2 FDISK)

Command (m for help): p

Disk /dev/hda: 80.0 GB, 80026361856 bytes
255 heads, 63 sectors/track, 9729 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/hda1   *           1        1912    15358108+   7  HPFS/NTFS
/dev/hda2            1913        9728    62782020    f  W95 Ext'd (LBA)
/dev/hda5            1913        5099    25599546    c  W95 FAT32 (LBA)
/dev/hda6            5100        8286    25599546    c  W95 FAT32 (LBA)
/dev/hda7            8287        8384      787153+  82  Linux swap / Solaris
/dev/hda8            8385        9727    10787616   83  Linux

/dev/hda7 partion type is linux swap in my linux system.
Comment 7 James 2005-10-14 09:17:45 EDT
I'm seeing something similar with s.p.t. 1.27.1-2.3. Whenever I enable SELinux
(permissive), I get messages like the following:

Oct 13 18:30:33 localhost kernel: audit(1129227906.025:2): avc:  denied  { read
write } for  pid=998 comm="hwclock" name="console" dev=tmpfs ino=487
scontext=system_u:system_r:hwclock_t tcontext=system_u:object_r:tmpfs_t
tclass=chr_file
Oct 13 18:30:33 localhost kernel: audit(1129227906.113:3): avc:  denied  {
search } for  pid=998 comm="hwclock" name="/" dev=tmpfs ino=486
scontext=system_u:system_r:hwclock_t tcontext=system_u:object_r:tmpfs_t tclass=dir
Oct 13 18:30:33 localhost kernel: audit(1129227906.113:4): avc:  denied  { ioctl
} for  pid=998 comm="hwclock" name="rtc" dev=tmpfs ino=1321
scontext=system_u:system_r:hwclock_t tcontext=system_u:object_r:tmpfs_t
tclass=chr_file
Oct 13 18:30:34 localhost kernel: audit(1129224307.208:5): avc:  denied  { read
write } for  pid=1030 comm="fsck" name="console" dev=tmpfs ino=487
scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:tmpfs_t
tclass=chr_file
Oct 13 18:30:34 localhost kernel: audit(1129224307.208:6): avc:  denied  { read
} for  pid=1030 comm="fsck" name="hda6" dev=tmpfs ino=1488
scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:tmpfs_t
tclass=blk_file
Oct 13 18:30:34 localhost kernel: audit(1129224307.208:7): avc:  denied  {
getattr } for  pid=1030 comm="fsck" name="hda6" dev=tmpfs ino=1488
scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:tmpfs_t
tclass=blk_file
Oct 13 18:30:34 localhost kernel: audit(1129224307.296:8): avc:  denied  { ioctl
} for  pid=1031 comm="fsck.ext3" name="console" dev=tmpfs ino=487
scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:tmpfs_t
tclass=chr_file
Oct 13 18:30:34 localhost kernel: audit(1129224307.300:9): avc:  denied  { write
} for  pid=1031 comm="fsck.ext3" name="hda6" dev=tmpfs ino=1488
scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:tmpfs_t
tclass=blk_file
Oct 13 18:30:34 localhost kernel: audit(1129224307.300:10): avc:  denied  {
ioctl } for  pid=1031 comm="fsck.ext3" name="hda6" dev=tmpfs ino=1488
scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:tmpfs_t
tclass=blk_file
Oct 13 18:30:34 localhost kernel: audit(1129224308.608:11): avc:  denied  { read
write } for  pid=1072 comm="setfiles" name="console" dev=tmpfs ino=487
scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:tmpfs_t
tclass=chr_file
Oct 13 18:30:35 localhost kernel: audit(1129224620.927:12): avc:  denied  {
search } for  pid=1551 comm="cardmgr" name="/" dev=tmpfs ino=486
scontext=system_u:system_r:cardmgr_t tcontext=system_u:object_r:tmpfs_t tclass=dir
Oct 13 18:30:35 localhost kernel: audit(1129224621.791:13): avc:  denied  {
write } for  pid=1653 comm="syslogd" name="/" dev=tmpfs ino=486
scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir
Oct 13 18:30:35 localhost kernel: audit(1129224621.791:14): avc:  denied  {
add_name } for  pid=1653 comm="syslogd" name="log"
scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir
Oct 13 18:30:35 localhost kernel: audit(1129224621.791:15): avc:  denied  {
create } for  pid=1653 comm="syslogd" name="log"
scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t
tclass=sock_file
Oct 13 18:30:35 localhost kernel: audit(1129224621.791:16): avc:  denied  {
setattr } for  pid=1653 comm="syslogd" name="log" dev=tmpfs ino=5272
scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t
tclass=sock_file
Oct 13 18:30:35 localhost kernel: audit(1129224621.839:17): avc:  denied  {
search } for  pid=1655 comm="klogd" name="/" dev=tmpfs ino=486
scontext=system_u:system_r:klogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir
Oct 13 18:30:35 localhost kernel: audit(1129224621.839:18): avc:  denied  {
write } for  pid=1655 comm="klogd" name="log" dev=tmpfs ino=5272
scontext=system_u:system_r:klogd_t tcontext=system_u:object_r:tmpfs_t
tclass=sock_file
Oct 13 18:30:35 localhost kernel: audit(1129224622.135:19): avc:  denied  {
search } for  pid=1669 comm="auditd" name="/" dev=tmpfs ino=486
scontext=system_u:system_r:auditd_t tcontext=system_u:object_r:tmpfs_t tclass=dir

whenever I boot the system, and similar things upon shutdown. Oddly, I don't
believe I ever get them when using the system.

I've tried relabeling several times, rebuilding the policy from sources, and
even rebuilt the initrd, to no avail. If I try to enable enforcing, the system
becomes unbootable as fsck is denied the access necessary to do its business.
[This is with a kernel built from 2.6.13-1.1528_FC4 (with revision 19 of John
Linville's patches), but I've seen it with official kernels as well.]
Comment 8 Jason 2005-10-21 11:03:59 EDT
I see alot selinux related messages since I updated to rawhide from FC4. I am
running selinux-policy-targeted-1.27.1-22. I see these messages during boot and
shutdown. I did a touch /autorelabel and reboot to see if things got better but
they remained the same. The first and third messages (hwclock and fsck) have me
concerned the most. I am running kernel 2.6.13-1.1621_FC5.  Here are the messages:

Oct 20 15:52:47 pcjason kernel: audit(1129823524.869:2): avc: denied { use } for
pid=417 comm="hwclock" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:hwclock_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:50 pcjason kernel: audit(1129841541.911:3): avc: denied { read }
for pid=1164 comm="restorecon" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841544.332:4): avc: denied { use } for
pid=1204 comm="fsck" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:fsadm_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:51 pcjason kernel: audit(1129841544.660:5): avc: denied { read }
for pid=1214 comm="restorecon" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841544.948:6): avc: denied { read }
for pid=1215 comm="restorecon" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841546.084:7): avc: denied { read }
for pid=1257 comm="restorecon" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841546.456:8): avc: denied { read }
for pid=1262 comm="restorecon" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:restorecon_t:s0

tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file


Oct 20 15:52:51 pcjason kernel: audit(1129841546.772:9): avc: denied { use } for
pid=1263 comm="swapon" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:fsadm_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:51 pcjason kernel: audit(1129841551.160:10): avc: denied { read }
for pid=1439 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.228:11): avc: denied { read }
for pid=1441 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.256:12): avc: denied { read }
for pid=1443 comm="iwconfig" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.320:13): avc: denied { read }
for pid=1445 comm="ethtool" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.360:14): avc: denied { read }
for pid=1448 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.388:15): avc: denied { use }
for pid=1449 comm="arping" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:netutils_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:51 pcjason kernel: audit(1129841551.392:16): avc: denied { read }
for pid=1450 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.424:17): avc: denied { use }
for pid=1452 comm="arping" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:netutils_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:51 pcjason kernel: audit(1129841551.436:18): avc: denied { read }
for pid=1456 comm="ethtool" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.444:19): avc: denied { read }
for pid=1458 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.584:20): avc: denied { read }
for pid=1470 comm="ifconfig" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.816:21): avc: denied { read }
for pid=1508 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.828:22): avc: denied { read }
for pid=1511 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.844:23): avc: denied { read }
for pid=1514 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.856:24): avc: denied { read }
for pid=1516 comm="iwconfig" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.868:25): avc: denied { read }
for pid=1518 comm="ethtool" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.884:26): avc: denied { read }
for pid=1521 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841551.892:27): avc: denied { use }
for pid=1522 comm="arping" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:netutils_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:51 pcjason kernel: audit(1129841553.480:28): avc: denied { use }
for pid=1523 comm="arping" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:netutils_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:51 pcjason kernel: audit(1129841555.920:29): avc: denied { read }
for pid=1524 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841555.932:30): avc: denied { read }
for pid=1526 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:51 pcjason kernel: audit(1129841555.936:31): avc: denied { use }
for pid=1527 comm="arping" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:netutils_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:52 pcjason kernel: audit(1129841555.960:32): avc: denied { read }
for pid=1532 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:52 pcjason kernel: audit(1129841555.968:33): avc: denied { read }
for pid=1533 comm="ethtool" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:52 pcjason kernel: audit(1129841555.976:34): avc: denied { read }
for pid=1535 comm="ip" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:52 pcjason kernel: audit(1129841556.048:35): avc: denied { read }
for pid=1546 comm="ifconfig" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

Oct 20 15:52:52 pcjason kernel: audit(1129841556.308:36): avc: denied { use }
for pid=1563 comm="syslogd" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:52 pcjason kernel: audit(1129841556.444:37): avc: denied { use }
for pid=1566 comm="klogd" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:klogd_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:52 pcjason kernel: audit(1129841556.748:38): avc: denied { use }
for pid=1583 comm="portmap" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:portmap_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Oct 20 15:52:52 pcjason kernel: audit(1129841557.492:39): avc: denied { use }
for pid=1592 comm="auditd" name="VolGroup00-LogVol01" dev=tmpfs ino=760
scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:system_r:kernel_t:s0
tclass=fd

Thanks,
Jason
Comment 9 Stephen Smalley 2005-10-31 09:25:01 EST
I'd suggest re-assigning component to lvm, as I think that this is just a
descriptor leak by it.  From the various reports, it sounds like lvm is opening
the swap device and never closing it (or marking it close-on-exec), so all
descendants end up inheriting the descriptor and SELinux correctly stomps on it.
Comment 10 Alasdair Kergon 2005-10-31 11:03:38 EST
lvm2 doesn't fork so how can it affect other processes like that?

Could this be another nash initrd bug?

Does the boot log show any lvm2 "File descriptor N left open" warning messages?
Comment 11 Alasdair Kergon 2005-10-31 11:11:32 EST
Does 'lsof' reveal anything?  [e.g. 'lsof -p1' will show if the nash bug has
reappeared]
Comment 12 Alasdair Kergon 2005-10-31 11:15:12 EST
Duplicate of bug 169427 perhaps?

That's nash sometimes keeping a swap partition fd open before exec-ing init.
Comment 13 Jason 2005-11-01 09:25:35 EST
Here is the output from lsof -p1

COMMAND PID USER   FD   TYPE DEVICE    SIZE    NODE NAME
init      1 root  cwd    DIR  253,0    4096       2 /
init      1 root  rtd    DIR  253,0    4096       2 /
init      1 root  txt    REG  253,0   27120 1933423 /sbin/init
init      1 root  mem    REG    0,0               0 [vdso] (stat: No such file
or directory)
init      1 root  mem    REG  253,0    6804  360467 /lib/libsetrans.so.0
init      1 root  mem    REG  253,0   13892  360521 /lib/libdl-2.3.90.so
init      1 root  mem    REG  253,0  207304  360466 /lib/libsepol.so.1
init      1 root  mem    REG  253,0   80580  360474 /lib/libselinux.so.1
init      1 root  mem    REG  253,0 1458948  360497 /lib/libc-2.3.90.so
init      1 root  mem    REG  253,0  118280  360463 /lib/ld-2.3.90.so
init      1 root   10u  FIFO   0,15             911 /dev/initctl
init      1 root   42r   BLK  253,1             781 /mapper/VolGroup00-LogVol01
Comment 14 Alasdair Kergon 2005-11-02 14:41:28 EST
That's the same nash bug then.


*** This bug has been marked as a duplicate of 169427 ***

Note You need to log in before you can comment on or make changes to this bug.