Hi,

Any idea?

Thanks/Walter

On 9/8/07, guo walter <[EMAIL PROTECTED]> wrote:
>
> Hi, guys, I got lots of avc lines (more than 700 lines) when running
> dmesg, How to deal with it?
>
>
> #dmesg
> ......
> SELinux: initialized (dev pipefs, type pipefs), uses task SIDs
> SELinux: initialized (dev sockfs, type sockfs), uses task SIDs
> SELinux: initialized (dev cpuset, type cpuset), not configured for
> labeling
> SELinux: initialized (dev proc, type proc), uses genfs_contexts
> SELinux: initialized (dev bdev, type bdev), uses genfs_contexts
> SELinux: initialized (dev rootfs, type rootfs), uses genfs_contexts
> SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts
> audit(1188994315.739:2): policy loaded auid=4294967295
> audit(1188994315.739:3): avc:  denied  { read write } for  pid=1
> comm="init" name="console" dev=sda5 ino=13470 
> scontext=system_u:system_r:init_t
> tcontext=system_u:object_r:file_t tclass=chr_file
> audit(1188994315.739:4): avc:  denied  { ioctl } for  pid=1 comm="init"
> name="tty0" dev=sda5 ino=13339 scontext=system_u:system_r:init_t
> tcontext=system_u:object_r:file_t tclass=chr_file
> audit(1188994316.239 :5): avc:  denied  { read write } for  pid=523
> comm="rc" name="console" dev=sda5 ino=13470
> scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:file_t
> tclass=chr_file
> audit(1188994316.739 :6): avc:  denied  { read write } for  pid=525
> comm="consoletype" name="console" dev=sda5 ino=13470
> scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
> tclass=chr_file
> audit(1188994316.739:7): avc:  denied  { search } foraudit(1188994316.739:8):
> avc:  denied  { getattr } for  pid=525 comm="consoletype" name="console"
> dev=sda5 ino=13470 scontext=system_u:system_r:consoletype_t
> tcontext=system_u:object_r:file_t tclass=chr_file
> audit(1188994316.739:9): avc:  denied  { ioctl } for  pid=525
> comm="consoletype" name="console" dev=sda5 ino=13470
> scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
> tclass=chr_file
> audit(1188994316.739:10): avc:  denied  { ioctl } for  pid=528 comm="stty"
> name="console" dev=sda5 ino=13470 scontext=system_u:system_r:initrc_t
> tcontext=system_u:object_r:file_t tclass=chr_file
> audit(1188994317.239:11): avc:  denied  { getattr } for  pid=523
> comm="bash" name="null" dev=sda5 ino=13139
> scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:file_t
> tclass=chr_file
> audit( 1188994317.239:12): avc:  denied  { read write } for  pid=532
> comm="dmesg" name="console" dev=sda5 ino=13470
> scontext=system_u:system_r:dmesg_t tcontext=system_u:object_r:file_t
> tclass=chr_file
> audit( 1188994317.239:13): avc:  denied  { read write } for  pid=535
> comm="mount" name="console" dev=sda5 ino=13470
> scontext=system_u:system_r:mount_t tcontext=system_u:object_r:file_t
> tclass=chr_file
> audit( 1188994317.239:14): avc:  denied  { read write } for  pid=580
> comm="restorecon" name="console" dev=sda5 ino=13470
> scontext=system_u:system_r:restorecon_t tcontext=system_u:object_r:file_t
> tclass=chr_file
>   pid=525 comm="consoletype" name="dev" dev=sda5 ino=12288
> scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
> tclass=dir
> audit(1188994316.739:8): avc:  denied  { getattr } for  pid=525
> comm="consoletype" name="console" dev=sda5 ino=13470
> scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
> tclass=chr_file
> audit(1188994316.739:9): avc:  denied  { ioctl } for  pid=525
> comm="consoletype" name="console" dev=sda5 ino=13470
> scontext=system_u:system_r:consoletype_t tcontext=system_u:object_r:file_t
> tclass=chr_file
> ......
>
> Thanks,
> Walter.
>

Reply via email to