Hide Forgot
abrt version: 2.0.5 executable: /usr/bin/python hashmarkername: setroubleshoot kernel: 3.0-0.rc7.git3.1.fc16.i686.PAE reason: SELinux is preventing /sbin/udevd from 'sendto' accesses on the unix_dgram_socket @/org/kernel/dm/multipath_event. time: Fri Jul 22 17:25:10 2011 description: :SELinux is preventing /sbin/udevd from 'sendto' accesses on the unix_dgram_socket @/org/kernel/dm/multipath_event. : :***** Plugin catchall (100. confidence) suggests *************************** : :If you believe that udevd should be allowed sendto access on the multipath_event unix_dgram_socket by default. :Then you should report this as a bug. :You can generate a local policy module to allow this access. :Do :allow this access for now by executing: :# grep udevd /var/log/audit/audit.log | audit2allow -M mypol :# semodule -i mypol.pp : :Additional Information: :Source Context system_u:system_r:udev_t:s0-s0:c0.c1023 :Target Context system_u:system_r:lvm_t:s0 :Target Objects @/org/kernel/dm/multipath_event [ : unix_dgram_socket ] :Source udevd :Source Path /sbin/udevd :Port <Unknown> :Host (removed) :Source RPM Packages udev-172-2.fc16 :Target RPM Packages :Policy RPM selinux-policy-3.10.0-6.fc16 :Selinux Enabled True :Policy Type targeted :Enforcing Mode Permissive :Host Name (removed) :Platform Linux (removed) : 3.0-0.rc7.git3.1.fc16.i686.PAE #1 SMP Fri Jul 15 : 22:56:04 UTC 2011 i686 i686 :Alert Count 1 :First Seen Fri 22 Jul 2011 05:22:50 PM CEST :Last Seen Fri 22 Jul 2011 05:22:50 PM CEST :Local ID 7e298ea6-214c-4284-b254-855b57c58748 : :Raw Audit Messages :type=AVC msg=audit(1311348170.716:88): avc: denied { sendto } for pid=1248 comm="udevd" path=002F6F72672F6B65726E656C2F646D2F6D756C7469706174685F6576656E74 scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lvm_t:s0 tclass=unix_dgram_socket : : :type=SYSCALL msg=audit(1311348170.716:88): arch=i386 syscall=socketcall success=yes exit=227 a0=10 a1=bffc12f0 a2=aaed88 a3=20fbdc38 items=0 ppid=439 pid=1248 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=udevd exe=/sbin/udevd subj=system_u:system_r:udev_t:s0-s0:c0.c1023 key=(null) : :Hash: udevd,udev_t,lvm_t,unix_dgram_socket,sendto : :audit2allow : :#============= udev_t ============== :allow udev_t lvm_t:unix_dgram_socket sendto; : :audit2allow -R : :#============= udev_t ============== :allow udev_t lvm_t:unix_dgram_socket sendto; :
This happened while building a live cd (installing packages in chroot) ... but it doesn't seem related ...
lvm people, Is this something knew udev communicating with lvm over @/org/kernel/dm/multipath_event
Multipathd has been getting events from udev over @/org/kernel/dm/multipath_event since the start of RHEL6.
We usually run udev_t unconfined in RHEL6, which is why no one saw it. Fixed in selinux-policy-3.10.0-10.fc16 Miroslav please back port this to RHEL6.