logrotate with audit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Here are the avc denied messages from a logrotate in permissive mode with auditing turned on.

Mar 26 16:04:20 old1 syslogd 1.4.1: restart.
Mar 26 16:04:20 old1 kernel: audit(1080335060.125:1634360): syscall=94,0x3 items=0 pid=2626 ppid=2585 loginuid=-1 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
Mar 26 16:04:20 old1 kernel: audit(1080335060.126:1634369): avc: denied { unlink } for pid=2626 exe=/usr/sbin/logrotate name=log.5 dev=hdc3 ino=834865 scontext=root:sysadm_r:logrotate_t tcontext=system_u:object_r:slrnpull_spool_t tclass=file
Mar 26 16:04:20 old1 kernel: audit(1080335060.126:1634369): syscall=10,0xfeec46dc items=1 pid=2626 ppid=2585 loginuid=-1 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
Mar 26 16:04:20 old1 kernel: audit(1080335060.126:1634369): item=0 name=/var/spool/slrnpull/log.5 inode=835221 dev=00:00

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux