Re: [HEADS-UP] Please test kdbus in Rawhide!

Orion Poplawski <orion@xxxxxxxxxxxxx> · Thu, 30 Jul 2015 16:59:09 -0600

On 07/30/2015 04:54 PM, Orion Poplawski wrote:
> On 07/30/2015 11:57 AM, Lennart Poettering wrote:
>> Heya!
>>
>> I'd like to ask everybody to test kdbus on Rawhide. Josh thankfully
>> added it to the Rawhide kernel packages, and our systemd RPMs come
>> with built-in support, too now. If you are running an up-to-date
>> Rawhide system adding "kdbus=1" to your kernel command line is hence
>> everything you need to run kdbus instead of dbus-daemon. (No
>> additional RPMs need to be installed.) If you do, things should just
>> work the same way as before, if we did everything right. By adding or
>> dropping "kdbus=1" to/from the command line you can enable kdbus or
>> revert back to dbus1 on each individual boot.
> 
> What I see:
> 

Also plenty of AVC denials.  Looks like there's no label yet for the kdbus
filesystem?

Jul 30 16:31:33 vmrawhide audit: AVC avc:  denied  { read write } for  pid=698
comm="systemd-logind" name="bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:33 vmrawhide audit: AVC avc:  denied  { open } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:33 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:34 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:40 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:45 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:45 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:45 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:49 vmrawhide audit: AVC avc:  denied  { read write } for
pid=1184 comm="sddm-helper" name="bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:49 vmrawhide audit: AVC avc:  denied  { open } for  pid=1184
comm="sddm-helper" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:49 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=1184
comm="sddm-helper" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:31:49 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:33:03 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:41:28 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:02 vmrawhide audit: AVC avc:  denied  { read write } for
pid=5541 comm="sshd" name="bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:02 vmrawhide audit: AVC avc:  denied  { open } for  pid=5541
comm="sshd" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:02 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=5541
comm="sshd" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:02 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:03 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:03 vmrawhide audit: AVC avc:  denied  { read write } for
pid=5541 comm="sshd" name="control" dev="kdbusfs" ino=2
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:03 vmrawhide audit: AVC avc:  denied  { open } for  pid=5541
comm="sshd" path="/sys/fs/kdbus/control" dev="kdbusfs" ino=2
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:47:03 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=5541
comm="sshd" path="/sys/fs/kdbus/control" dev="kdbusfs" ino=2
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:35 vmrawhide audit: AVC avc:  denied  { read write } for
pid=5541 comm="sshd" name="bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:35 vmrawhide audit: AVC avc:  denied  { open } for  pid=5541
comm="sshd" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:35 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=5541
comm="sshd" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:35 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:50:44 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
Jul 30 16:52:59 vmrawhide audit: AVC avc:  denied  { ioctl } for  pid=698
comm="systemd-logind" path="/sys/fs/kdbus/0-system/bus" dev="kdbusfs" ino=4
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1

-- 
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder/CoRA Office             FAX: 303-415-9702
3380 Mitchell Lane                       orion@xxxxxxxx
Boulder, CO 80301                   http://www.nwra.com
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct