Mar 11 04:19:44 dell kernel: audit(1079007536.909:0): avc: denied { execute } for pid=15 exe=/sbin/init name=bash dev=hda2 ino=3662881 scontext=system_u:system_r:init_t tcontext=system_u:object_r:shell_exec_t tclass=file
Mar 11 04:19:49 dell kernel: audit(1079007547.555:0): avc: denied { mounton } for pid=327 exe=/bin/mount path=/var/lib/rpc_pipes dev=hda2 ino=425580 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:var_lib_t tclass=dir
Mar 11 04:19:49 dell kernel: audit(1079007550.054:0): avc: denied { execute } for pid=378 exe=/sbin/init name=bash dev=hda2 ino=3662881 scontext=system_u:system_r:init_t tcontext=system_u:object_r:shell_exec_t tclass=file
Mar 11 04:19:49 dell kernel: audit(1079007582.402:0): avc: denied { mounton } for pid=1179 exe=/bin/mount path=/var/lib/rpc_pipes dev=hda2 ino=425580 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:var_lib_t tclass=dir
Mar 11 04:19:49 dell kernel: audit(1079007583.849:0): avc: denied { dac_override } for pid=1296 exe=/bin/bash capability=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability
Mar 11 04:19:50 dell kernel: audit(1079007590.445:0): avc: denied { fsetid } for pid=1504 exe=/bin/chmod capability=4 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability
Mar 11 04:19:53 dell kernel: audit(1079007591.541:0): avc: denied { dac_override } for pid=1614 exe=/usr/sbin/sendmail.sendmail capability=1 scontext=system_u:system_r:sendmail_t tcontext=system_u:system_r:sendmail_t tclass=capability
Mar 11 04:19:53 dell kernel: audit(1079007592.875:0): avc: denied { read write } for pid=1661 exe=/usr/sbin/gpm name=gpmdata dev=hda2 ino=72912 scontext=system_u:system_r:gpm_t tcontext=system_u:object_r:device_t tclass=fifo_file
Mar 11 04:19:53 dell kernel: audit(1079007592.976:0): avc: denied { read write } for pid=1665 exe=/usr/sbin/gpm name=event0 dev=hda2 ino=4219044 scontext=system_u:system_r:gpm_t tcontext=system_u:object_r:device_t tclass=chr_file
Mar 11 04:19:53 dell kernel: audit(1079007592.976:0): avc: denied { ioctl } for pid=1665 exe=/usr/sbin/gpm path=/dev/input/event0 dev=hda2 ino=4219044 scontext=system_u:system_r:gpm_t tcontext=system_u:object_r:device_t tclass=chr_file
Mar 11 04:20:25 dell kernel: audit(1079007625.518:0): avc: denied { execute } for pid=2098 exe=/sbin/init name=bash dev=hda2 ino=3662881 scontext=system_u:system_r:init_t tcontext=system_u:object_r:shell_exec_t tclass=file
Mar 11 04:20:29 dell kernel: audit(1079007629.554:0): avc: denied { read } for pid=2098 exe=/usr/bin/kdm name=mem dev=hda2 ino=2683359 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:memory_device_t tclass=chr_file
Mar 11 04:20:36 dell kernel: audit(1079007636.465:0): avc: denied { read } for pid=2112 exe=/usr/X11R6/bin/XFree86 name=event0 dev=hda2 ino=4219044 scontext=system_u:system_r:xdm_xserver_t tcontext=system_u:object_r:device_t tclass=chr_file
Mar 11 04:20:36 dell kernel: audit(1079007636.466:0): avc: denied { ioctl } for pid=2112 exe=/usr/X11R6/bin/XFree86 path=/dev/input/event0 dev=hda2 ino=4219044 scontext=system_u:system_r:xdm_xserver_t tcontext=system_u:object_r:device_t tclass=chr_file
Mar 11 04:20:36 dell kernel: audit(1079007636.466:0): avc: denied { write } for pid=2112 exe=/usr/X11R6/bin/XFree86 name=event0 dev=hda2 ino=4219044 scontext=system_u:system_r:xdm_xserver_t tcontext=system_u:object_r:device_t tclass=chr_file
Mar 11 04:20:38 dell kernel: audit(1079007638.174:0): avc: denied { getattr } for pid=2112 exe=/usr/X11R6/bin/XFree86 path=/dev/input/event0 dev=hda2 ino=4219044 scontext=system_u:system_r:xdm_xserver_t tcontext=system_u:object_r:device_t tclass=chr_file
Mar 11 04:20:39 dell kernel: audit(1079007639.611:0): avc: denied { search } for pid=2113 exe=/usr/bin/kdm name=root dev=hda2 ino=294337 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:default_t tclass=dir
Mar 11 04:20:42 dell kernel: audit(1079007642.899:0): avc: denied { write } for pid=2121 exe=/usr/bin/kdm_greet name=.qtrc.lock dev=hda2 ino=670527 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:lib_t tclass=file
Mar 11 04:20:47 dell kernel: audit(1079007647.551:0): avc: denied { write } for pid=2122 exe=/usr/bin/krootimage name=.qtrc.lock dev=hda2 ino=670527 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:lib_t tclass=file
Mar 11 04:20:52 dell kernel: audit(1079007652.672:0): avc: denied { setattr } for pid=2113 exe=/usr/bin/kdm name=sg0 dev=hda2 ino=2688146 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file
Mar 11 04:20:52 dell kernel: audit(1079007652.936:0): avc: denied { entrypoint } for pid=2131 exe=/usr/bin/kdm path=/etc/kde/kdm/Xsession dev=hda2 ino=1226634 scontext=user_u:user_r:user_t tcontext=system_u:object_r:etc_t tclass=file
Mar 11 04:20:54 dell kernel: audit(1079007654.232:0): avc: denied { getattr } for pid=2131 exe=/bin/tcsh path=/var/log/messages dev=hda2 ino=3613840 scontext=user_u:user_r:user_t tcontext=system_u:object_r:var_log_t tclass=file
And another interesting one I saw later:
Mar 11 04:21:32 dell kernel: audit(1079007691.925:0): avc: denied { search } for pid=2363 exe=/usr/bin/ksysguardd scontext=user_u:user_r:user_t tcontext=system_u:object_r:sysctl_dev_t tclass=dir
-- Aleksey Nogin
Home Page: http://nogin.org/ E-Mail: nogin@xxxxxxxxxxxxxx (office), aleksey@xxxxxxxxx (personal) Office: Jorgensen 70, tel: (626) 395-2907