This happens at every boot Sommario: SELinux is preventing /bin/plymouth "read" access on cmdline. Descrizione dettagliata: [SELinux è in modalità permissiva. Questo accesso non è stato negato.] SELinux denied access requested by plymouth. It is not expected that this access is required by plymouth and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Abilitazione accesso in corso: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Informazioni aggiuntive: Contesto della sorgente system_u:system_r:plymouth_t:s0 Contesto target system_u:object_r:proc_t:s0 Oggetti target cmdline [ file ] Sorgente plymouth Percorso della sorgente /bin/plymouth Porta <Sconosciuto> Host (removed) Sorgente Pacchetti RPM plymouth-0.8.0-0.2009.29.09.19.3.fc12 Pacchetti RPM target RPM della policy selinux-policy-3.6.32-76.fc12 Selinux abilitato True Tipo di policy targeted Modalità Enforcing Permissive Nome plugin catchall Host Name (removed) Piattaforma Linux (removed) 2.6.32.6-36.fc12.x86_64 #1 SMP Mon Jan 25 22:41:54 UTC 2010 x86_64 x86_64 Conteggio avvisi 8 Primo visto mar 26 gen 2010 20:09:06 CET Ultimo visto mar 26 gen 2010 20:09:12 CET ID locale 8290b4ff-c536-4a32-b41b-9b7caa8bfc83 Numeri di linea Messaggi Raw Audit node=(removed) type=AVC msg=audit(1264532952.675:11837): avc: denied { read } for pid=1554 comm="plymouth" name="cmdline" dev=proc ino=4026531981 scontext=system_u:system_r:plymouth_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file node=(removed) type=AVC msg=audit(1264532952.675:11837): avc: denied { open } for pid=1554 comm="plymouth" name="cmdline" dev=proc ino=4026531981 scontext=system_u:system_r:plymouth_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1264532952.675:11837): arch=c000003e syscall=2 success=yes exit=6 a0=405563 a1=0 a2=18 a3=18 items=0 ppid=1005 pid=1554 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="plymouth" exe="/bin/plymouth" subj=system_u:system_r:plymouth_t:s0 key=(null) Hash String generated from selinux-policy-3.6.32-76.fc12,catchall,plymouth,plymouth_t,proc_t,file,read audit2allow suggests: #============= plymouth_t ============== allow plymouth_t proc_t:file { read open };
Miroslav, add kernel_read_system_state(plymouth_t)
Added to selinux-policy-3.6.32-78.fc12
selinux-policy-3.6.32-78.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-78.fc12
Thank you, selinux-policy-3.6.32-78.fc12 fixed it for me.
selinux-policy-3.6.32-78.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2010-1207
selinux-policy-3.6.32-78.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.