Bug 922203 - Cgroup audit events with path are not escaped
Cgroup audit events with path are not escaped
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libvirt (Show other bugs)
6.4
Unspecified Unspecified
urgent Severity urgent
: rc
: ---
Assigned To: Eric Blake
Virtualization Bugs
: ZStream
Depends On: 642785 922186
Blocks: 958839
  Show dependency treegraph
 
Reported: 2013-03-15 13:41 EDT by Eric Blake
Modified: 2013-11-21 03:51 EST (History)
19 users (show)

See Also:
Fixed In Version: libvirt-0.10.2-19.el6
Doc Type: Bug Fix
Doc Text:
Previously, libvirt used the wrong variable when constructing audit messages. This led to invalid audit messages, causing ausearch to format certain entries as having "path=(null)" instead of the correct path. This could prevent ausearch from locating events related to cgroup device ACL modifications for guests managed by libvirt. With this update, the audit messages are generated correctly, preventing loss of audit coverage.
Story Points: ---
Clone Of: 922186
Environment:
Last Closed: 2013-11-21 03:51:41 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Eric Blake 2013-03-15 13:41:56 EDT
Cloning to RHEL

+++ This bug was initially created as a clone of Bug #922186 +++

Description of problem:
Cgroup assignment events with path are not escaped like in other places. For example, this one is bad:

type=VIRT_RESOURCE msg=audit(1363276478.481:2935): pid=1993 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm="rawhide-builder" uuid=f5eed9fe-5226-c751-3946-26c01619aa71 cgroup="/sys/fs/cgroup/devices/libvirt/qemu/rawhide-builder/" class=path path=/dev/hpet rdev=0A:E4 acl=rw exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=? res=success'

As compared to this good event:

type=VIRT_RESOURCE msg=audit(1363276478.580:2938): pid=1993 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=net reason=open vm="rawhide-builder" uuid=f5eed9fe-5226-c751-3946-26c01619aa71 net=52:54:00:5D:63:CE path="/dev/vhost-net" rdev=0A:EE exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=? res=success'

Version-Release number of selected component (if applicable):
libvirt-0.10.2.3-1.fc18.x86_64

How reproducible:
ausearch --start this week

Steps to Reproduce:
1. Run a vm
2. ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '^/dev'

  
Actual results:
Nothing

Expected results:
Events
Comment 3 Eric Blake 2013-04-19 13:44:09 EDT
Upstream fix proposed here:
https://www.redhat.com/archives/libvir-list/2013-April/msg01508.html
Comment 4 Eric Blake 2013-04-19 17:05:35 EDT
This bug has been broken since libvirt-0.8.7-11.el6 introduced audit support in RHEL 6.1, since that build backported upstream commit d04916fa.

Meanwhile, RHEL 6.5 will be fixed by virtue of rebasing, with this commit:

commit 31c6bf35b9d9de04158318658f4fbf6a9e54ff28
Author: Eric Blake <eblake@redhat.com>
Date:   Fri Apr 19 11:30:44 2013 -0600

    audit: properly encode device path in cgroup audit
    
    https://bugzilla.redhat.com/show_bug.cgi?id=922186
    
    Commit d04916fa introduced a regression in audit quality - even
    though the code was computing the proper escaped name for a
    path, it wasn't feeding that escaped name on to the audit message.
    As a result, /var/log/audit/audit.log would mention a pair of
    fields class=path path=/dev/hpet instead of the intended
    class=path path="/dev/hpet", which in turn caused ausearch to
    format the audit log with path=(null).
    
    * src/conf/domain_audit.c (virDomainAuditCgroupPath): Use
    constructed encoding.
    
    Signed-off-by: Eric Blake <eblake@redhat.com>
Comment 6 EricLee 2013-05-01 23:45:40 EDT
I can reproduce this bug in 6.4.z:

# rpm -qa libvirt
libvirt-0.10.2-18.el6_4.4.x86_64

# tailf /var/log/audit/audit.log    and then start a guest:
...
type=VIRT_RESOURCE msg=audit(1367494520.726:10424): user pid=993 uid=0 auid=0 ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm="r6u3" uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup="/cgroup/devices/libvirt/qemu/r6u3/" class=path path=/dev/rtc rdev=FE:00 acl=rw exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=? res=success'
...
type=VIRT_RESOURCE msg=audit(1367494520.726:10425): user pid=993 uid=0 auid=0 ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm="r6u3" uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup="/cgroup/devices/libvirt/qemu/r6u3/" class=path path=/dev/hpet rdev=0A:E4 acl=rw exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=? res=success'
...
type=VIRT_RESOURCE msg=audit(1367494520.734:10427): user pid=993 uid=0 auid=0 ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=net reason=open vm="r6u3" uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 net=52:54:00:57:FF:68 path="/dev/net/tun" rdev=0A:C8 exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=? res=success'
...

and 
# ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '^/dev'
return nothing.
Comment 7 Eric Blake 2013-05-02 00:04:37 EDT
(In reply to comment #6)
> I can reproduce this bug in 6.4.z:
> 
> and 
> # ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '^/dev'
> return nothing.

Fix the last grep - it should be for '=/dev' not '^/dev'.
Comment 8 EricLee 2013-05-02 01:38:32 EDT
(In reply to comment #7)
> (In reply to comment #6)
> > I can reproduce this bug in 6.4.z:
> > 
> > and 
> > # ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '^/dev'
> > return nothing.
> 
> Fix the last grep - it should be for '=/dev' not '^/dev'.

Thanks.

That will get some events:
# ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '/dev'
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.327:10516) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=deny vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=all exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.327:10517) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=major category=pty maj=88 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.327:10518) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=01:03 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.328:10519) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=01:07 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.328:10520) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=01:05 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.328:10521) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=01:08 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.328:10522) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=01:09 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.328:10523) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=05:02 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.328:10524) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=0A:E8 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.328:10525) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=? acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=failed' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.329:10526) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=FE:00 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(05/02/2013 21:20:45.329:10527) : user pid=993 uid=root auid=root ses=1695 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=r6u3 uuid=5c7367e5-0ddb-d040-dfe9-a9c6eaa66ea1 cgroup=/cgroup/devices/libvirt/qemu/r6u3/ class=path path=(null) rdev=0A:E4 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 

Will list cgroup events(class=path path=(null)) as the comment #4 said.
Comment 10 CongDong 2013-05-15 05:09:44 EDT
I can't reproduce this bug.

libvirt-0.10.2-18.el6_4.5.x86_64

Step:
1. Run a vm
2. ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '=/dev'

Result:
...
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.614:4545) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/null rdev=01:03 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.614:4546) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/full rdev=01:07 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.615:4547) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/zero rdev=01:05 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.615:4548) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/random rdev=01:08 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.615:4549) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/urandom rdev=01:09 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.615:4550) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/ptmx rdev=05:02 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.615:4551) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/kvm rdev=0A:E8 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.615:4552) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/rtc rdev=FE:00 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
type=VIRT_RESOURCE msg=audit(05/15/2013 17:06:28.615:4553) : user pid=13707 uid=root auid=root ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel-test uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup=/cgroup/devices/libvirt/qemu/rhel-test/ class=path path=/dev/hpet rdev=0A:E4 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/18 res=success' 
...


Check the file "/var/log/audit/audit.log", I think it's right:
...
type=VIRT_RESOURCE msg=audit(1368608788.615:4553): user pid=13707 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm="rhel-test" uuid=1165de5d-5671-6492-6b6f-b1c58473772d cgroup="/cgroup/devices/libvirt/qemu/rhel-test/" class=path path="/dev/hpet" rdev=0A:E4 acl=rw exe="/usr/sbin/libvirtd" hostname=? addr=? terminal=pts/18 res=success'
...
Comment 11 CongDong 2013-05-16 02:33:44 EDT
I can reproduce the bug with :  libvirt-0.10.2-18.el6_4.4.x86_64

Steps:
1. Run a vm
2. ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '=/dev'

Result:
Nothing

If I use "ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '/dev'", I can get the same result with commont #8
Comment 13 CongDong 2013-07-09 09:09:21 EDT
I can reproduce this bug:
Version:
libvirt-0.10.2-18.el6_4.4.x86_64

Steps:
1. Run a vm
2. ausearch --start recent -m VIRT_RESOURCE -i  | grep cgroup | grep '=/dev'

Result:
Nothing

Verify:
# rpm -qa libvirt
libvirt-0.10.2-19.el6.x86_64

Steps:
As the steps above.

Result:
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.004:76607) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/null rdev=01:03 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.004:76608) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/full rdev=01:07 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.004:76609) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/zero rdev=01:05 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.004:76610) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/random rdev=01:08 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.004:76611) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/urandom rdev=01:09 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.004:76612) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/ptmx rdev=05:02 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.004:76613) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/kvm rdev=0A:E8 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.005:76614) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/rtc rdev=FE:00 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 
type=VIRT_RESOURCE msg=audit(07/09/2013 21:07:30.005:76615) : user pid=31415 uid=root auid=root ses=153 subj=unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=rhel6.4 uuid=170584cc-2107-5e71-ca16-e6bd366afbb6 cgroup=/cgroup/devices/libvirt/qemu/rhel6.4/ class=path path=/dev/hpet rdev=0A:E4 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' 


As the result, change this to verified
Comment 15 errata-xmlrpc 2013-11-21 03:51:41 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1581.html

Note You need to log in before you can comment on or make changes to this bug.