1 |
I am in the midst of setting up my server as a SELinux box, but am plagued |
2 |
by a few denials on startup. At the top of my list of concerns are the |
3 |
following. If anyone could shed some light, it would be much appreciated: |
4 |
|
5 |
audit(1086055551.860:0): avc: denied { search } for pid=1 |
6 |
exe=/sbin/init name=vcs1 dev= ino=607 scontext=system_u:system_r:init_t |
7 |
tcontext=system_u:object_r:sysfs_t tclass=dir |
8 |
|
9 |
audit(1086055554.481:0): avc: denied { search } for pid=325 |
10 |
exe=/bin/bash name=run dev=hdb3 ino=1812855 |
11 |
scontext=system_u:system_r:update_modules_t |
12 |
tcontext=system_u:object_r:var_run_t tclass=dir |
13 |
|
14 |
audit(1086055582.167:0): avc: denied { append } for pid=5430 |
15 |
exe=/usr/sbin/syslog-ng name=tty12 dev=hdb3 ino=98640 |
16 |
scontext=system_u:system_r:syslogd_t |
17 |
tcontext=system_u:object_r:tty_device_t tclass=chr_file |
18 |
audit(1086055582.167:0): avc: denied { search } for pid=5430 |
19 |
exe=/usr/sbin/syslog-ng name=vc dev= ino=181 |
20 |
scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:sysfs_t |
21 |
tclass=dir |
22 |
audit(1086055582.168:0): avc: denied { setattr } for pid=5430 |
23 |
exe=/usr/sbin/syslog-ng name=tty12 dev=hdb3 ino=98640 |
24 |
scontext=system_u:system_r:syslogd_t |
25 |
tcontext=system_u:object_r:tty_device_t tclass=chr_file |
26 |
|
27 |
-Robert |
28 |
|
29 |
|
30 |
-- |
31 |
gentoo-hardened@g.o mailing list |