RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 746616 - ntpd_t and dhcpc_t generate AVC fails
Summary: ntpd_t and dhcpc_t generate AVC fails
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: selinux-policy
Version: 6.2
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: rc
: ---
Assignee: Miroslav Grepl
QA Contact: Milos Malik
URL:
Whiteboard:
Depends On: 746930
Blocks: 739953 748554 750914
TreeView+ depends on / blocked
 
Reported: 2011-10-17 09:56 UTC by Juraj Marko
Modified: 2018-01-03 12:23 UTC (History)
8 users (show)

Fixed In Version: selinux-policy-3.7.19-118.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-12-06 10:20:10 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1511 0 normal SHIPPED_LIVE selinux-policy bug fix and enhancement update 2011-12-06 00:39:17 UTC

Description Juraj Marko 2011-10-17 09:56:45 UTC 
Description of problem:
Some our test fails on AVC test

Version-Release number of selected component (if applicable):
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch

How reproducible:
50%

Steps to Reproduce:
1. run test in beaker
  
Actual results:
/test_log-Testing-avc.log 	  	Fail 

Expected results:
/test_log-Testing-avc.log 	  	Pass

Additional info:
I will add the log from tests in next comments
Comment 1 Juraj Marko 2011-10-17 09:58:23 UTC 
test: /CoreOS/iputils/Regression/bz465972-update-of-iputils-starts-rdisc
arch: x86_64 	
log:
Info: Searching AVC errors produced since 1318642617.81 (Fri Oct 14 21:36:57 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/14/2011 21:36:57 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result._TKAiI 2>&1'
----
time->Fri Oct 14 21:36:59 2011
type=AVC msg=audit(1318642619.141:532178): avc:  denied  { recv } for  saddr=10.16.64.14 src=67 daddr=255.255.255.255 dest=68 netif=eth1 scontext=system_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:37:00 2011
type=AVC msg=audit(1318642620.774:532179): avc:  denied  { recv } for  saddr=10.16.64.14 src=67 daddr=255.255.255.255 dest=68 netif=eth1 scontext=system_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:37:04 2011
type=AVC msg=audit(1318642624.618:532180): avc:  denied  { recv } for  saddr=10.16.64.14 src=67 daddr=255.255.255.255 dest=68 netif=eth1 scontext=system_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result._TKAiI | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.yehkwQ 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch
Comment 2 Juraj Marko 2011-10-17 09:59:45 UTC 
test: /CoreOS/iputils/Regression/bz465972-update-of-iputils-starts-rdisc
arch: ppc64
log:
Info: Searching AVC errors produced since 1318652450.75 (Sat Oct 15 00:20:50 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/15/2011 00:20:50 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result.LOggnU 2>&1'
----
time->Sat Oct 15 00:20:58 2011
type=AVC msg=audit(1318652458.344:580967): avc:  denied  { recv } for  saddr=10.16.64.14 src=67 daddr=255.255.255.255 dest=68 netif=eth0 scontext=system_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result.LOggnU | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.4YeBKe 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch
Comment 3 Juraj Marko 2011-10-17 10:00:59 UTC 
test: /CoreOS/iputils/Regression/bz465972-update-of-iputils-starts-rdisc
arch: i386
log:
Info: Searching AVC errors produced since 1318651023.83 (Fri Oct 14 23:57:03 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/14/2011 23:57:03 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result.gKlDA1 2>&1'
----
time->Fri Oct 14 23:57:03 2011
type=AVC msg=audit(1318651023.048:177667): avc:  denied  { recv } for  saddr=10.16.64.14 src=67 daddr=255.255.255.255 dest=68 netif=eth0 scontext=system_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 23:57:07 2011
type=SYSCALL msg=audit(1318651027.653:177669): arch=40000003 syscall=102 success=no exit=-111 a0=b a1=bf84f610 a2=25b0d4 a3=ffffffff items=0 ppid=1 pid=1412 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318651027.653:177669): avc:  denied  { send } for  pid=1412 comm="ntpd" saddr=10.16.64.82 src=123 daddr=10.16.71.254 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 23:57:07 2011
type=AVC msg=audit(1318651027.047:177668): avc:  denied  { recv } for  pid=14957 comm="yum" saddr=10.16.64.14 src=67 daddr=255.255.255.255 dest=68 netif=eth0 scontext=system_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 23:57:09 2011
type=SYSCALL msg=audit(1318651029.653:177670): arch=40000003 syscall=102 success=no exit=-111 a0=b a1=bf84f610 a2=25b0d4 a3=ffffffff items=0 ppid=1 pid=1412 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318651029.653:177670): avc:  denied  { send } for  pid=1412 comm="ntpd" saddr=10.16.64.82 src=123 daddr=65.49.70.245 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 23:57:17 2011
type=SYSCALL msg=audit(1318651037.653:177672): arch=40000003 syscall=102 success=no exit=-111 a0=b a1=bf84f610 a2=25b0d4 a3=ffffffff items=0 ppid=1 pid=1412 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318651037.653:177672): avc:  denied  { send } for  pid=1412 comm="ntpd" saddr=10.16.64.82 src=123 daddr=10.16.255.2 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 23:57:18 2011
type=SYSCALL msg=audit(1318651038.653:177673): arch=40000003 syscall=102 success=no exit=-111 a0=b a1=bf84f610 a2=25b0d4 a3=ffffffff items=0 ppid=1 pid=1412 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318651038.653:177673): avc:  denied  { send } for  pid=1412 comm="ntpd" saddr=10.16.64.82 src=123 daddr=64.6.144.6 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 23:57:16 2011
type=SYSCALL msg=audit(1318651036.653:177671): arch=40000003 syscall=102 success=no exit=-111 a0=b a1=bf84f610 a2=25b0d4 a3=ffffffff items=0 ppid=1 pid=1412 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318651036.653:177671): avc:  denied  { send } for  pid=1412 comm="ntpd" saddr=10.16.64.82 src=123 daddr=173.203.122.111 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 23:57:23 2011
type=SYSCALL msg=audit(1318651043.653:177674): arch=40000003 syscall=102 success=no exit=-111 a0=b a1=bf84f610 a2=25b0d4 a3=ffffffff items=0 ppid=1 pid=1412 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318651043.653:177674): avc:  denied  { send } for  pid=1412 comm="ntpd" saddr=10.16.64.82 src=123 daddr=10.16.255.3 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result.gKlDA1 | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.Nxrvzx 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch
Comment 4 Juraj Marko 2011-10-17 10:07:23 UTC 
test: /CoreOS/logrotate/bug168295


arch: x86_64
log:
Info: Searching AVC errors produced since 1318642829.61 (Fri Oct 14 21:40:29 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/14/2011 21:40:29 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result.emwzQO 2>&1'
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.794:532233): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fff39beabb0 a2=1c a3=4000 items=0 ppid=2044 pid=19519 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.794:532233): avc:  denied  { send } for  pid=19519 comm="smtp" saddr=10.16.66.113 src=52576 daddr=10.16.36.29 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.795:532234): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fff39beabb0 a2=1c a3=4000 items=0 ppid=2044 pid=19519 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.795:532234): avc:  denied  { send } for  pid=19519 comm="smtp" saddr=10.16.66.113 src=41025 daddr=10.16.255.2 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.795:532235): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fff39beabb0 a2=1c a3=4000 items=0 ppid=2044 pid=19519 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.795:532235): avc:  denied  { send } for  pid=19519 comm="smtp" saddr=10.16.66.113 src=55767 daddr=10.16.255.3 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.795:532236): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fff39beabb0 a2=1c a3=4000 items=0 ppid=2044 pid=19519 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.795:532236): avc:  denied  { send } for  pid=19519 comm="smtp" saddr=10.16.66.113 src=55299 daddr=10.16.36.29 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.795:532237): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fff39beabb0 a2=1c a3=4000 items=0 ppid=2044 pid=19519 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.795:532237): avc:  denied  { send } for  pid=19519 comm="smtp" saddr=10.16.66.113 src=41870 daddr=10.16.255.2 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.795:532238): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fff39beabb0 a2=1c a3=4000 items=0 ppid=2044 pid=19519 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.795:532238): avc:  denied  { send } for  pid=19519 comm="smtp" saddr=10.16.66.113 src=47903 daddr=10.16.255.3 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.801:532239): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fffffa8a530 a2=1c a3=4000 items=0 ppid=2044 pid=19523 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.801:532239): avc:  denied  { send } for  pid=19523 comm="smtp" saddr=10.16.66.113 src=55506 daddr=10.16.36.29 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.801:532240): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fffffa8a530 a2=1c a3=4000 items=0 ppid=2044 pid=19523 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.801:532240): avc:  denied  { send } for  pid=19523 comm="smtp" saddr=10.16.66.113 src=36435 daddr=10.16.255.2 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.801:532241): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fffffa8a530 a2=1c a3=4000 items=0 ppid=2044 pid=19523 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.801:532241): avc:  denied  { send } for  pid=19523 comm="smtp" saddr=10.16.66.113 src=42024 daddr=10.16.255.3 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.801:532242): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fffffa8a530 a2=1c a3=4000 items=0 ppid=2044 pid=19523 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.801:532242): avc:  denied  { send } for  pid=19523 comm="smtp" saddr=10.16.66.113 src=51866 daddr=10.16.36.29 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.801:532243): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fffffa8a530 a2=1c a3=4000 items=0 ppid=2044 pid=19523 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.801:532243): avc:  denied  { send } for  pid=19523 comm="smtp" saddr=10.16.66.113 src=52632 daddr=10.16.255.2 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Fri Oct 14 21:40:30 2011
type=SYSCALL msg=audit(1318642830.802:532244): arch=c000003e syscall=44 success=no exit=-111 a0=c a1=7fffffa8a530 a2=1c a3=4000 items=0 ppid=2044 pid=19523 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318642830.802:532244): avc:  denied  { send } for  pid=19523 comm="smtp" saddr=10.16.66.113 src=58477 daddr=10.16.255.3 dest=53 netif=eth1 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result.emwzQO | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.9JxHgB 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch


arch: ppc64
log:
Info: Searching AVC errors produced since 1318652783.29 (Sat Oct 15 00:26:23 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/15/2011 00:26:23 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result.g2cVW_ 2>&1'
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.381:581033): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=ffff0c061a0 a2=1c a3=4000 items=0 ppid=2012 pid=18264 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.381:581033): avc:  denied  { send } for  pid=18264 comm="smtp" saddr=10.16.67.64 src=53158 daddr=10.16.36.29 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.381:581034): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=ffff0c061a0 a2=1c a3=4000 items=0 ppid=2012 pid=18264 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.381:581034): avc:  denied  { send } for  pid=18264 comm="smtp" saddr=10.16.67.64 src=54145 daddr=10.16.255.2 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.381:581035): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=ffff0c061a0 a2=1c a3=4000 items=0 ppid=2012 pid=18264 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.381:581035): avc:  denied  { send } for  pid=18264 comm="smtp" saddr=10.16.67.64 src=32941 daddr=10.16.255.3 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.381:581036): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=ffff0c061a0 a2=1c a3=4000 items=0 ppid=2012 pid=18264 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.381:581036): avc:  denied  { send } for  pid=18264 comm="smtp" saddr=10.16.67.64 src=42275 daddr=10.16.36.29 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.381:581037): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=ffff0c061a0 a2=1c a3=4000 items=0 ppid=2012 pid=18264 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.381:581037): avc:  denied  { send } for  pid=18264 comm="smtp" saddr=10.16.67.64 src=46307 daddr=10.16.255.2 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.381:581038): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=ffff0c061a0 a2=1c a3=4000 items=0 ppid=2012 pid=18264 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.381:581038): avc:  denied  { send } for  pid=18264 comm="smtp" saddr=10.16.67.64 src=56015 daddr=10.16.255.3 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.391:581039): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=fffdb2e7240 a2=1c a3=4000 items=0 ppid=2012 pid=18266 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.391:581039): avc:  denied  { send } for  pid=18266 comm="smtp" saddr=10.16.67.64 src=56017 daddr=10.16.36.29 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.391:581040): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=fffdb2e7240 a2=1c a3=4000 items=0 ppid=2012 pid=18266 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.391:581040): avc:  denied  { send } for  pid=18266 comm="smtp" saddr=10.16.67.64 src=33365 daddr=10.16.255.2 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.391:581041): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=fffdb2e7240 a2=1c a3=4000 items=0 ppid=2012 pid=18266 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.391:581041): avc:  denied  { send } for  pid=18266 comm="smtp" saddr=10.16.67.64 src=52280 daddr=10.16.255.3 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:26:24 2011
type=SYSCALL msg=audit(1318652784.391:581042): arch=80000015 syscall=102 success=no exit=-111 a0=9 a1=fffdb2e7240 a2=1c a3=4000 items=0 ppid=2012 pid=18266 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318652784.391:581042): avc:  denied  { send } for  pid=18266 comm="smtp" saddr=10.16.67.64 src=33929 daddr=10.16.36.29 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result.g2cVW_ | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.PUQGpK 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch


arch: i386
log:
Info: Searching AVC errors produced since 1318651746.51 (Sat Oct 15 00:09:06 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/15/2011 00:09:06 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result.sZTvYX 2>&1'
----
time->Sat Oct 15 00:09:06 2011
type=SYSCALL msg=audit(1318651746.658:177789): arch=40000003 syscall=102 success=no exit=-111 a0=b a1=bf84f610 a2=25b0d4 a3=ffffffff items=0 ppid=1 pid=1412 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318651746.658:177789): avc:  denied  { send } for  pid=1412 comm="ntpd" saddr=10.16.64.82 src=123 daddr=10.16.255.2 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.840:177790): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bfbbe698 a2=5b7ff4 a3=1045b60 items=0 ppid=1488 pid=21717 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.840:177790): avc:  denied  { send } for  pid=21717 comm="smtp" saddr=10.16.64.82 src=57273 daddr=10.16.36.29 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.840:177791): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bfbbe698 a2=5b7ff4 a3=1045b60 items=0 ppid=1488 pid=21717 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.840:177791): avc:  denied  { send } for  pid=21717 comm="smtp" saddr=10.16.64.82 src=48176 daddr=10.16.255.2 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.841:177792): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bfbbe698 a2=5b7ff4 a3=1045b60 items=0 ppid=1488 pid=21717 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.841:177792): avc:  denied  { send } for  pid=21717 comm="smtp" saddr=10.16.64.82 src=46957 daddr=10.16.255.3 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.842:177793): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bfbbe698 a2=5b7ff4 a3=1045b60 items=0 ppid=1488 pid=21717 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.842:177793): avc:  denied  { send } for  pid=21717 comm="smtp" saddr=10.16.64.82 src=41141 daddr=10.16.36.29 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.842:177794): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bfbbe698 a2=5b7ff4 a3=1045b60 items=0 ppid=1488 pid=21717 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.842:177794): avc:  denied  { send } for  pid=21717 comm="smtp" saddr=10.16.64.82 src=41683 daddr=10.16.255.2 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.842:177795): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bfbbe698 a2=5b7ff4 a3=1045b60 items=0 ppid=1488 pid=21717 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.842:177795): avc:  denied  { send } for  pid=21717 comm="smtp" saddr=10.16.64.82 src=46740 daddr=10.16.255.3 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.870:177796): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bf8dff78 a2=ea3ff4 a3=b69b60 items=0 ppid=1488 pid=21718 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.870:177796): avc:  denied  { send } for  pid=21718 comm="smtp" saddr=10.16.64.82 src=34732 daddr=10.16.36.29 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.871:177797): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bf8dff78 a2=ea3ff4 a3=b69b60 items=0 ppid=1488 pid=21718 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.871:177797): avc:  denied  { send } for  pid=21718 comm="smtp" saddr=10.16.64.82 src=54575 daddr=10.16.255.2 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.871:177798): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bf8dff78 a2=ea3ff4 a3=b69b60 items=0 ppid=1488 pid=21718 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.871:177798): avc:  denied  { send } for  pid=21718 comm="smtp" saddr=10.16.64.82 src=56023 daddr=10.16.255.3 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.872:177799): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bf8dff78 a2=ea3ff4 a3=b69b60 items=0 ppid=1488 pid=21718 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.872:177799): avc:  denied  { send } for  pid=21718 comm="smtp" saddr=10.16.64.82 src=60797 daddr=10.16.36.29 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.872:177800): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bf8dff78 a2=ea3ff4 a3=b69b60 items=0 ppid=1488 pid=21718 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.872:177800): avc:  denied  { send } for  pid=21718 comm="smtp" saddr=10.16.64.82 src=50487 daddr=10.16.255.2 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
----
time->Sat Oct 15 00:09:08 2011
type=SYSCALL msg=audit(1318651748.872:177801): arch=40000003 syscall=102 success=no exit=-111 a0=9 a1=bf8dff78 a2=ea3ff4 a3=b69b60 items=0 ppid=1488 pid=21718 auid=4294967295 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=4294967295 comm="smtp" exe="/usr/libexec/postfix/smtp" subj=system_u:system_r:postfix_smtp_t:s0 key=(null)
type=AVC msg=audit(1318651748.872:177801): avc:  denied  { send } for  pid=21718 comm="smtp" saddr=10.16.64.82 src=58448 daddr=10.16.255.3 dest=53 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result.sZTvYX | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.BvhwQV 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch
Comment 5 Juraj Marko 2011-10-17 10:11:45 UTC 
test: /CoreOS/logrotate/bug208538

arch: ppc64
log:
Info: Searching AVC errors produced since 1318652806.75 (Sat Oct 15 00:26:46 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/15/2011 00:26:46 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result.6gluLI 2>&1'
----
time->Sat Oct 15 00:26:46 2011
type=SYSCALL msg=audit(1318652806.621:581052): arch=80000015 syscall=102 success=no exit=-111 a0=b a1=fffe8b31c00 a2=30 a3=0 items=0 ppid=1 pid=1936 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318652806.621:581052): avc:  denied  { send } for  pid=1936 comm="ntpd" saddr=10.16.67.64 src=123 daddr=10.16.71.254 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result.6gluLI | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.QfObJc 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch


arch: i386
log:
Info: Searching AVC errors produced since 1318651793.67 (Sat Oct 15 00:09:53 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/15/2011 00:09:53 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result.D5hshT 2>&1'
----
time->Sat Oct 15 00:09:53 2011
type=SYSCALL msg=audit(1318651793.654:177807): arch=40000003 syscall=102 success=no exit=-111 a0=b a1=bf84f610 a2=25b0d4 a3=ffffffff items=0 ppid=1 pid=1412 auid=4294967295 uid=38 gid=38 euid=38 suid=38 fsuid=38 egid=38 sgid=38 fsgid=38 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
type=AVC msg=audit(1318651793.654:177807): avc:  denied  { send } for  pid=1412 comm="ntpd" saddr=10.16.64.82 src=123 daddr=10.16.71.254 dest=123 netif=eth0 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result.D5hshT | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.du3YIL 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch
Comment 11 Paul Moore 2011-10-17 20:53:58 UTC 
Looks like there is some amount of Secmark configuration on the system (this explains the packet:{send recv} access control points becoming active) but not all traffic is being labeled via Secmark (the reason why tcontext is unlabeled_t).  From a quick glance at the logs above, everything looks correct to me.

Depending on your point of view, this is either a configuration issue or a policy issue.  Personally, I tend to think it is the former.
Comment 12 Jan Ščotka 2011-10-18 09:36:25 UTC 
I found another one, I'm not sure if it is same or not?

Info: Searching AVC errors produced since 1318901755.08 (Mon Oct 17 21:35:55 2011)
Searching logs...
Running '/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -m AVC -m USER_AVC -m SELINUX_ERR -ts 10/17/2011 21:35:55 < /dev/null >/mnt/testarea/tmp.rhts-db-submit-result.tTLweP 2>&1'
----
time->Mon Oct 17 21:35:59 2011
type=SYSCALL msg=audit(1318901759.229:342151): arch=40000003 syscall=11 success=no exit=-13 a0=9ee5438 a1=9ee5498 a2=9eea388 a3=9ee5498 items=0 ppid=21106 pid=21108 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="ldd" exe="/bin/bash" subj=system_u:system_r:prelink_cron_system_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1318901759.229:342151): avc:  denied  { execute_no_trans } for  pid=21108 comm="ldd" path="/lib/ld-2.12.so" dev=dm-0 ino=1183575 scontext=system_u:system_r:prelink_cron_system_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:lib_t:s0 tclass=file
Fail: AVC messages found.
Checking for errors...
Using stronger AVC checks.
	Define empty RHTS_OPTION_STRONGER_AVC parameter if this causes any problems.
Running 'cat /mnt/testarea/tmp.rhts-db-submit-result.tTLweP | /sbin/ausearch -m AVC -m SELINUX_ERR'
Fail: AVC messages found.
Running 'cat %s | /sbin/ausearch -m USER_AVC >/mnt/testarea/tmp.rhts-db-submit-result.rmSllf 2>&1'
Info: No AVC messages found.
/bin/grep 'avc: ' /mnt/testarea/dmesg.log | /bin/grep --invert-match TESTOUT.log
No AVC messages found in dmesg
Running '/usr/sbin/sestatus'
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted
Running 'rpm -q selinux-policy || true'
selinux-policy-3.7.19-115.el6.noarch
Comment 13 Milos Malik 2011-10-18 09:53:11 UTC 
The AVC displayed in comment#12 does not contain "unlabeled_t" substring in tcontext="..." which means it is not related to the unlabelednet module / this bug.
Comment 14 Jan Ščotka 2011-10-18 09:55:55 UTC 
ok, I fill new one
Comment 15 Miroslav Grepl 2011-10-18 13:19:56 UTC 
Needs to go to snapshot 3.
Comment 16 Miroslav Grepl 2011-10-18 14:07:46 UTC 
Fixed in selinux-policy-3.7.19-118.el6.noarch

# sesearch -A -s ntpd_t -t unlabeled_t -c packet
Found 3 semantic av rules:
   allow ntpd_t unlabeled_t : packet { send recv } ;
Comment 22 errata-xmlrpc 2011-12-06 10:20:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1511.html
Note You need to log in before you can comment on or make changes to this bug.