858209 – Thin reports a lots of avc: denied messages.

Bug 858209 - Thin reports a lots of avc: denied messages.

Summary: Thin reports a lots of avc: denied messages.

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Infrastructure
Sub Component:
Version:	Nightly
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	Unspecified
Assignee:	Katello Bug Bin
QA Contact:	Katello QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-09-18 10:22 UTC by Miroslav Suchý
Modified:	2018-08-30 21:57 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-02-18 14:20:14 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Miroslav Suchý 2012-09-18 10:22:49 UTC

Description of problem:
After clean installation of Katello on F16 I see a lot of denied lines in audit.log related to thin.

Version-Release number of selected component (if applicable):
katello-1.1.12-1.git.76.e73b105.fc16.noarch

Additional info:
# grep denied /var/log/audit/audit.log |grep thin
type=AVC msg=audit(1347962096.460:171): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/systemd-tmpfiles" dev="dm-1" ino=1180276 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_tmpfiles_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.460:172): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/dbus-daemon" dev="dm-1" ino=1180461 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:dbusd_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.460:173): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/dmesg" dev="dm-1" ino=1180117 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:dmesg_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.460:174): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/su" dev="dm-1" ino=1179710 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:su_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.460:175): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/systemctl" dev="dm-1" ino=1180275 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_systemctl_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.460:176): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.460:177): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/traceroute" dev="dm-1" ino=1190518 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:traceroute_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.467:178): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/systemd" dev="dm-1" ino=1180228 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:init_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.467:179): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/umount" dev="dm-1" ino=1180126 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:mount_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.467:180): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/login" dev="dm-1" ino=1180120 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:login_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.467:181): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/mailx" dev="dm-1" ino=1179718 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.467:182): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/ping6" dev="dm-1" ino=1180485 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:ping_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.467:183): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/systemd-tty-ask-password-agent" dev="dm-1" ino=1180233 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_passwd_agent_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.467:184): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/rpm" dev="dm-1" ino=1179719 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.467:185): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.468:186): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/systemd-notify" dev="dm-1" ino=1180232 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_notify_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.468:187): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/bin/loadkeys" dev="dm-1" ino=1185736 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:loadkeys_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.534:188): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/modules" dev="dm-1" ino=917506 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=dir
type=AVC msg=audit(1347962096.534:189): avc:  denied  { read } for  pid=21047 comm="thin" name="modules" dev="dm-1" ino=917506 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=dir
type=AVC msg=audit(1347962096.534:189): avc:  denied  { open } for  pid=21047 comm="thin" name="modules" dev="dm-1" ino=917506 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=dir
type=AVC msg=audit(1347962096.534:190): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/modules/3.4.9-2.fc16.x86_64/modules.ieee1394map" dev="dm-1" ino=923948 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=file
type=AVC msg=audit(1347962096.535:191): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/modules/3.4.9-2.fc16.x86_64/build" dev="dm-1" ino=923726 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=lnk_file
type=AVC msg=audit(1347962096.535:192): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/modules/3.4.9-2.fc16.x86_64/modules.networking" dev="dm-1" ino=923931 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_dep_t:s0 tclass=file
type=AVC msg=audit(1347962096.841:193): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/fedora-configure" dev="dm-1" ino=1180193 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.841:194): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/systemd-readahead-replay" dev="dm-1" ino=1180253 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:readahead_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.841:195): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/systemd-fsck" dev="dm-1" ino=1180243 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:fsadm_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.841:196): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/systemd-kmsg-syslogd" dev="dm-1" ino=1180246 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:syslogd_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.846:197): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system" dev="dm-1" ino=1180170 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=dir
type=AVC msg=audit(1347962096.846:198): avc:  denied  { read } for  pid=21047 comm="thin" name="system" dev="dm-1" ino=1180170 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=dir
type=AVC msg=audit(1347962096.846:198): avc:  denied  { open } for  pid=21047 comm="thin" name="system" dev="dm-1" ino=1180170 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=dir
type=AVC msg=audit(1347962096.846:199): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/gpm.service" dev="dm-1" ino=1182042 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.846:200): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/final.target.wants/halt-local.service" dev="dm-1" ino=1180298 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=lnk_file
type=AVC msg=audit(1347962096.846:201): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/nfs-idmap.service" dev="dm-1" ino=1186620 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:nfsd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.846:202): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/httpd.service" dev="dm-1" ino=1191838 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:httpd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.847:203): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/rpcbind.target" dev="dm-1" ino=1180362 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:rpcd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.847:204): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/dnsmasq.service" dev="dm-1" ino=1182231 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:dnsmasq_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.848:205): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/crond.service" dev="dm-1" ino=1182195 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:crond_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.849:206): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/NetworkManager.service" dev="dm-1" ino=1185820 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:NetworkManager_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.864:207): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/ypbind.service" dev="dm-1" ino=1181872 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:ypbind_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.864:208): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/system/iptables.service" dev="dm-1" ino=1180475 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:iptables_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962096.864:209): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/systemd-logind" dev="dm-1" ino=1180248 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_logind_exec_t:s0 tclass=file
type=AVC msg=audit(1347962096.864:210): avc:  denied  { getattr } for  pid=21047 comm="thin" path="/lib/systemd/systemd-cryptsetup" dev="dm-1" ino=1180240 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file
type=AVC msg=audit(1347962097.099:211): avc:  denied  { execute } for  pid=21057 comm="thin" name="bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962097.099:211): avc:  denied  { read open } for  pid=21057 comm="thin" name="bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962097.099:211): avc:  denied  { execute_no_trans } for  pid=21057 comm="thin" path="/bin/bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962097.102:212): avc:  denied  { execute_no_trans } for  pid=21057 comm="sh" path="/usr/bin/thin" dev="dm-1" ino=150002 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:thin_exec_t:s0 tclass=file
type=AVC msg=audit(1347962097.249:213): avc:  denied  { create } for  pid=21057 comm="thin" name="pids" scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir
type=AVC msg=audit(1347962099.699:215): avc:  denied  { execute } for  pid=21129 comm="thin" name="bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962099.699:215): avc:  denied  { read open } for  pid=21129 comm="thin" name="bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962099.699:215): avc:  denied  { execute_no_trans } for  pid=21129 comm="thin" path="/bin/bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962099.701:216): avc:  denied  { getattr } for  pid=21129 comm="sh" path="/bin/bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962099.722:217): avc:  denied  { getattr } for  pid=21138 comm="which" path="/bin/hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962099.723:218): avc:  denied  { execute } for  pid=21139 comm="thin" name="hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962099.723:219): avc:  denied  { read open } for  pid=21139 comm="thin" name="hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962099.723:219): avc:  denied  { execute_no_trans } for  pid=21139 comm="thin" path="/bin/hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962099.760:220): avc:  denied  { execute } for  pid=21059 comm="thin" name="sendmail.sendmail" dev="dm-1" ino=139412 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=file
type=AVC msg=audit(1347962100.320:221): avc:  denied  { create } for  pid=21059 comm="thin" name="69D" scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir
type=AVC msg=audit(1347962100.320:222): avc:  denied  { rmdir } for  pid=21059 comm="thin" name="entries_per_page20120918-21059-17z3dos-0.lock" dev="tmpfs" ino=60218 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir
type=AVC msg=audit(1347962101.271:225): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/systemd-tmpfiles" dev="dm-1" ino=1180276 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_tmpfiles_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:226): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/dbus-daemon" dev="dm-1" ino=1180461 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:dbusd_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:227): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/dmesg" dev="dm-1" ino=1180117 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:dmesg_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:228): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/su" dev="dm-1" ino=1179710 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:su_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:229): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/systemctl" dev="dm-1" ino=1180275 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_systemctl_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:230): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:231): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/traceroute" dev="dm-1" ino=1190518 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:traceroute_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:232): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/systemd" dev="dm-1" ino=1180228 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:init_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:233): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/umount" dev="dm-1" ino=1180126 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:mount_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:234): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/login" dev="dm-1" ino=1180120 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:login_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:235): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/mailx" dev="dm-1" ino=1179718 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:236): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/ping6" dev="dm-1" ino=1180485 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:ping_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:237): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/systemd-tty-ask-password-agent" dev="dm-1" ino=1180233 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_passwd_agent_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:238): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/rpm" dev="dm-1" ino=1179719 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:239): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:240): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/systemd-notify" dev="dm-1" ino=1180232 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_notify_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.271:241): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/bin/loadkeys" dev="dm-1" ino=1185736 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:loadkeys_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.272:242): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/modules" dev="dm-1" ino=917506 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=dir
type=AVC msg=audit(1347962101.272:243): avc:  denied  { read } for  pid=21194 comm="thin" name="modules" dev="dm-1" ino=917506 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=dir
type=AVC msg=audit(1347962101.272:243): avc:  denied  { open } for  pid=21194 comm="thin" name="modules" dev="dm-1" ino=917506 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=dir
type=AVC msg=audit(1347962101.272:244): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/modules/3.4.9-2.fc16.x86_64/modules.ieee1394map" dev="dm-1" ino=923948 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=file
type=AVC msg=audit(1347962101.272:245): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/modules/3.4.9-2.fc16.x86_64/build" dev="dm-1" ino=923726 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_object_t:s0 tclass=lnk_file
type=AVC msg=audit(1347962101.272:246): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/modules/3.4.9-2.fc16.x86_64/modules.networking" dev="dm-1" ino=923931 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:modules_dep_t:s0 tclass=file
type=AVC msg=audit(1347962101.293:247): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/fedora-configure" dev="dm-1" ino=1180193 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.293:248): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/systemd-readahead-replay" dev="dm-1" ino=1180253 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:readahead_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.293:249): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/systemd-fsck" dev="dm-1" ino=1180243 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:fsadm_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.293:250): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/systemd-kmsg-syslogd" dev="dm-1" ino=1180246 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:syslogd_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.293:251): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system" dev="dm-1" ino=1180170 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=dir
type=AVC msg=audit(1347962101.293:252): avc:  denied  { read } for  pid=21194 comm="thin" name="system" dev="dm-1" ino=1180170 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=dir
type=AVC msg=audit(1347962101.293:252): avc:  denied  { open } for  pid=21194 comm="thin" name="system" dev="dm-1" ino=1180170 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=dir
type=AVC msg=audit(1347962101.293:253): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/gpm.service" dev="dm-1" ino=1182042 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.293:254): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/final.target.wants/halt-local.service" dev="dm-1" ino=1180298 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=lnk_file
type=AVC msg=audit(1347962101.293:255): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/nfs-idmap.service" dev="dm-1" ino=1186620 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:nfsd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.293:256): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/kexec.target" dev="dm-1" ino=1180312 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.293:257): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/httpd.service" dev="dm-1" ino=1191838 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:httpd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.294:258): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/rpcbind.target" dev="dm-1" ino=1180362 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:rpcd_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.294:259): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/dnsmasq.service" dev="dm-1" ino=1182231 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:dnsmasq_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.294:260): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/crond.service" dev="dm-1" ino=1182195 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:crond_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.294:261): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/NetworkManager.service" dev="dm-1" ino=1185820 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:NetworkManager_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.294:262): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/ypbind.service" dev="dm-1" ino=1181872 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:ypbind_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.294:263): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/system/iptables.service" dev="dm-1" ino=1180475 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:iptables_unit_file_t:s0 tclass=file
type=AVC msg=audit(1347962101.294:264): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/systemd-logind" dev="dm-1" ino=1180248 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:systemd_logind_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.294:265): avc:  denied  { getattr } for  pid=21194 comm="thin" path="/lib/systemd/systemd-cryptsetup" dev="dm-1" ino=1180240 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:lvm_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.422:266): avc:  denied  { execute } for  pid=21196 comm="thin" name="bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.422:266): avc:  denied  { read open } for  pid=21196 comm="thin" name="bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.422:266): avc:  denied  { execute_no_trans } for  pid=21196 comm="thin" path="/bin/bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962101.425:267): avc:  denied  { execute_no_trans } for  pid=21196 comm="sh" path="/usr/bin/thin" dev="dm-1" ino=150002 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:thin_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.076:281): avc:  denied  { execute } for  pid=21369 comm="thin" name="bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.076:281): avc:  denied  { read open } for  pid=21369 comm="thin" name="bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.076:281): avc:  denied  { execute_no_trans } for  pid=21369 comm="thin" path="/bin/bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.078:282): avc:  denied  { getattr } for  pid=21369 comm="sh" path="/bin/bash" dev="dm-1" ino=1179651 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.100:283): avc:  denied  { getattr } for  pid=21378 comm="which" path="/bin/hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.102:284): avc:  denied  { execute } for  pid=21379 comm="thin" name="hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.102:285): avc:  denied  { read open } for  pid=21379 comm="thin" name="hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.102:285): avc:  denied  { execute_no_trans } for  pid=21379 comm="thin" path="/bin/hostname" dev="dm-1" ino=1179672 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:hostname_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.140:286): avc:  denied  { getattr } for  pid=21198 comm="thin" path="/usr/sbin/sendmail.sendmail" dev="dm-1" ino=139412 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=file
type=AVC msg=audit(1347962104.140:287): avc:  denied  { execute } for  pid=21198 comm="thin" name="sendmail.sendmail" dev="dm-1" ino=139412 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=file
type=AVC msg=audit(1347962107.193:288): avc:  denied  { name_bind } for  pid=21198 comm="thin" src=5500 scontext=system_u:system_r:thin_t:s0 tcontext=system_u:object_r:unreserved_port_t:s0 tclass=tcp_socket

Comment 1 Lukas Zapletal 2012-10-29 16:00:47 UTC

I recommend to focus on F17 and F18 now. There are big changes in the thin selinux policy now. Let's retest this on F17 next week.

Comment 2 Miroslav Suchý 2012-12-18 10:27:40 UTC

This will be solved by migrating to mod_passanger on January.
Do not waste time on this now.

Comment 3 Bryan Kearney 2014-01-21 19:07:51 UTC

Moving to Sat6 to be tracked there. Upstream bugs are moving to redmine.

Comment 5 Bryan Kearney 2014-02-18 14:20:14 UTC

We have moved to passenger. I am closing this out.

Note You need to log in before you can comment on or make changes to this bug.