Summary SELinux is preventing /sbin/modprobe (insmod_t) "read write" to socket:[32250] (initrc_t). Detailed Description SELinux denied access requested by /sbin/modprobe. It is not expected that this access is required by /sbin/modprobe and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access You can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context system_u:system_r:insmod_t Target Context system_u:system_r:initrc_t Target Objects socket:[32250] [ rawip_socket ] Affected RPM Packages module-init-tools-3.3-0.pre11.1.0.fc7 [application] Policy RPM selinux-policy-2.6.4-14.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name plugins.catchall Host Name home.supercaregistry.info Platform Linux home.supercaregistry.info 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686 Alert Count 1 First Seen Sun 17 Jun 2007 09:49:34 PM MST Last Seen Sun 17 Jun 2007 09:49:34 PM MST Local ID f44b9bbf-7c1c-48a7-8311-ac2303d84d68 Line Numbers Raw Audit Messages avc: denied { read, write } for comm="modprobe" dev=sockfs egid=0 euid=0 exe="/sbin/modprobe" exit=0 fsgid=0 fsuid=0 gid=0 items=0 name="[32250]" path="socket:[32250]" pid=5188 scontext=system_u:system_r:insmod_t:s0 sgid=0 subj=system_u:system_r:insmod_t:s0 suid=0 tclass=rawip_socket tcontext=system_u:system_r:initrc_t:s0 tty=(none) uid=0
how is this related to cman or the cluster infrastructure?
It is probably not, but it is a leaked file descriptor of some app that is calling modprobe. If you do a ps -eZ | grep initrc You should be able to get the program that is executing modprobe, and we can point this error to that package.