Bug 207116 - mcstrands generating AVC denials in audit log
Summary: mcstrands generating AVC denials in audit log
Alias: None
Product: Fedora
Classification: Fedora
Component: mcstrans (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: All Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2006-09-19 14:49 UTC by Daniel Berrange
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-09-26 14:09:20 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Most recent 500 lines of audit logs (132.59 KB, text/plain)
2006-09-19 14:58 UTC, Daniel Berrange
no flags Details

Description Daniel Berrange 2006-09-19 14:49:33 UTC
Description of problem:
Whenever I login to the machine the /var/log/audit/audit.log is filled with 50
AVC denial messages - basically the following 2 lines repeated over & over again:

type=AVC msg=audit(1158677113.838:716): avc:  denied  { search } for  pid=1916
comm="mcstransd" name="3591" dev=proc ino=235339778
tcontext=system_u:system_r:unconfined_t:s0-s0:c0.c255 tclass=dir
type=SYSCALL msg=audit(1158677113.838:716): arch=c000003e syscall=2 success=no
exit=-13 a0=605540 a1=0 a2=0 a3=605540 items=0 ppid=1 pid=1916 auid=4294967295
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
comm="mcstransd" exe="/sbin/mcstransd" subj=system_u:system_r:setrans_t:s0

Version-Release number of selected component (if applicable):

How reproducible:
Every login attempt, both ssh & local console

Steps to Reproduce:
1. Watch audit logs in one window
2. Login to console
Actual results:
Audit logs fill up with many AVC denials for mcstransd

Expected results:
No AVC denial logs

Additional info:
I've touched /.autorelabel & rebooted, and rebooted again for good measure. the
machine is fully uptodate with rawhide as of Sep 19th 10:00 EST

Comment 1 Daniel Berrange 2006-09-19 14:58:33 UTC
Created attachment 136647 [details]
Most recent 500 lines of audit logs

Comment 2 Garrett Mitchener 2006-09-25 23:09:43 UTC
I ran into this problem in FC6 test3 too.  I'd get these messages every time I
logged in.

It went away when I installed caching-nameserver-9.3.2-41.fc6.

I also got error messages during boot up about either the user or the group
'named' not existing, which is what prompted me to install the nameserver
package.  Apparently little things go wrong in various packages when there's no
named user.

Comment 3 Daniel Walsh 2006-09-26 14:09:20 UTC
If you update to the latest policy and restart mcstransd this problem will go

You can also just stop mcstransd if you don't want to update.

Note You need to log in before you can comment on or make changes to this bug.