Gentoo Archives: gentoo-hardened

From: guo walter <walter.d.guo.newsgroup@×××××.com>
To: gentoo-hardened@l.g.o
Subject: [gentoo-hardened] lots of avcs when running dmesg, is this nomal ?
Date: Sat, 08 Sep 2007 04:13:05
Message-Id: b77d63970709072104w4f69677v5c071096a8f4be9a@mail.gmail.com
1 Hi, guys, I got lots of avc lines (more than 700 lines) when running dmesg,
2 How to deal with it?
3
4
5 #dmesg
6 ......
7 SELinux: initialized (dev pipefs, type pipefs), uses task SIDs
8 SELinux: initialized (dev sockfs, type sockfs), uses task SIDs
9 SELinux: initialized (dev cpuset, type cpuset), not configured for labeling
10 SELinux: initialized (dev proc, type proc), uses genfs_contexts
11 SELinux: initialized (dev bdev, type bdev), uses genfs_contexts
12 SELinux: initialized (dev rootfs, type rootfs), uses genfs_contexts
13 SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts
14 audit(1188994315.739:2): policy loaded auid=4294967295
15 audit(1188994315.739:3): avc: denied { read write } for pid=1 comm="init"
16 name="console" dev=sda5 ino=13470 scontext=system_u:system_r:init_t
17 tcontext=system_u:object_r:file_t tclass=chr_file
18 audit(1188994315.739:4): avc: denied { ioctl } for pid=1 comm="init"
19 name="tty0" dev=sda5 ino=13339 scontext=system_u:system_r:init_t
20 tcontext=system_u:object_r:file_t tclass=chr_file
21 audit(1188994316.239 :5): avc: denied { read write } for pid=523
22 comm="rc" name="console" dev=sda5 ino=13470
23 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:file_t
24 tclass=chr_file
25 audit(1188994316.739 :6): avc: denied { read write } for pid=525
26 comm="consoletype" name="console" dev=sda5 ino=13470
27 scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
28 tclass=chr_file
29 audit(1188994316.739:7): avc: denied { search } foraudit(1188994316.739:8):
30 avc: denied { getattr } for pid=525 comm="consoletype" name="console"
31 dev=sda5 ino=13470 scontext=system_u:system_r:consoletype_t
32 tcontext=system_u:object_r:file_t tclass=chr_file
33 audit(1188994316.739:9): avc: denied { ioctl } for pid=525
34 comm="consoletype" name="console" dev=sda5 ino=13470
35 scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
36 tclass=chr_file
37 audit(1188994316.739:10): avc: denied { ioctl } for pid=528 comm="stty"
38 name="console" dev=sda5 ino=13470 scontext=system_u:system_r:initrc_t
39 tcontext=system_u:object_r:file_t tclass=chr_file
40 audit(1188994317.239:11): avc: denied { getattr } for pid=523 comm="bash"
41 name="null" dev=sda5 ino=13139 scontext=system_u:system_r:initrc_t
42 tcontext=system_u:object_r:file_t tclass=chr_file
43 audit( 1188994317.239:12): avc: denied { read write } for pid=532
44 comm="dmesg" name="console" dev=sda5 ino=13470
45 scontext=system_u:system_r:dmesg_t tcontext=system_u:object_r:file_t
46 tclass=chr_file
47 audit( 1188994317.239:13): avc: denied { read write } for pid=535
48 comm="mount" name="console" dev=sda5 ino=13470
49 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:file_t
50 tclass=chr_file
51 audit( 1188994317.239:14): avc: denied { read write } for pid=580
52 comm="restorecon" name="console" dev=sda5 ino=13470
53 scontext=system_u:system_r:restorecon_t tcontext=system_u:object_r:file_t
54 tclass=chr_file
55 pid=525 comm="consoletype" name="dev" dev=sda5 ino=12288
56 scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
57 tclass=dir
58 audit(1188994316.739:8): avc: denied { getattr } for pid=525
59 comm="consoletype" name="console" dev=sda5 ino=13470
60 scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
61 tclass=chr_file
62 audit(1188994316.739:9): avc: denied { ioctl } for pid=525
63 comm="consoletype" name="console" dev=sda5 ino=13470
64 scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
65 tclass=chr_file
66 ......
67
68 Thanks,
69 Walter.

Replies

Subject Author
[gentoo-hardened] Re: lots of avcs when running dmesg, is this nomal ? guo walter <walter.d.guo.newsgroup@×××××.com>