-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Once upon a time Thursday 15 April 2004 7:16 pm, Russell Coker wrote:
> On Thu, 15 Apr 2004 18:33, Dennis Gilmore <dennis@xxxxxxxx> wrote:
> > Apr 15 11:26:06 asgard kernel: audit(1081992347.449:0): avc: denied
> > { getattr } for pid=774 exe=/sbin/pam_console_apply path=/dev/input/js2
> > dev=hde2 ino=234962788 scontext=system_u:system_r:pam_console_t
> > tcontext=system_u:object_r:unlabeled_t tclass=chr_file
>
> /dev/input/js* should have the type mouse_device_t. Please do a "ls -Z" on
> them and tell me what it says. NB It is not going to say unlabeled_t, it
> will say whatever is on disk, the kernel uses unlabeled_t if what's on disk
> makes no sense with the currently loaded policy.
>
system_u:object_r:mouse_device_t
> > Apr 15 11:26:06 asgard kernel: audit(1081992347.464:0): avc: denied
> > { dac_override } for pid=774 exe=/sbin/pam_console_apply capability=1
> > scontext=system_u:system_r:pam_console_t
> > tcontext=system_u:system_r:pam_console_t tclass=capability
>
> What is it trying to do here?
that im not sure of there is lots of them logged but they dont seem to be
affecting things too much just thought i would bring it up
> > Apr 15 11:26:06 asgard kernel: inode_doinit_with_dentry: getxattr
> > returned 13 for dev=hde2 ino=234962799
>
> 13 == EACCES? That can't be right. Steve, what do you think about this?
>
> > Apr 15 11:27:19 asgard /sbin/mingetty[1796]: tty1: Operation not
> > permitted Apr 15 11:27:19 asgard /sbin/mingetty[1797]: tty2: Operation
> > not permitted Apr 15 11:27:19 asgard /sbin/mingetty[1798]: tty3:
> > Operation not permitted Apr 15 11:27:19 asgard kernel:
> > audit(1081992439.217:0): avc: denied { fowner } for pid=1796
> > exe=/sbin/mingetty capability=3
> > scontext=system_u:system_r:getty_t tcontext=system_u:system_r:getty_t
> > tclass=capability
>
> Interesting. Who owns your tty devices?
root:root
> Granting this capability should not cause a problem so please test allowing
> this and see if it does some good. We don't want to grant capabilities
> wildly, but this will be OK if there are cases that need it.
>
<snip>
> > Apr 15 11:27:19 asgard kernel: audit(1081992439.921:0): avc: denied
> > { getattr } for pid=1818 exe=/usr/X11R6/bin/Xorg
> > path=/var/log/Xorg.0.log dev=hde2 ino=302135865
> > scontext=system_u:system_r:xdm_t
> > tcontext=system_u:object_r:var_log_t tclass=file
>
> Put the following in file_contexts/program/xserver.fc
> /var/log/XOrg.* -- system_u:object_r:xserver_log_t
>
> I have attached a suitable xserver.fc file.
>
> Then you have to relabel /var/log after rebuilding the file_contexts file.
>
> Regarding the long message, all the messages after 11:27:19 appeared to be
> repeats. The X server and getty will continue restarting forever so will
> produce an unlimited amount of messages if they can't startup correctly.
Sorry i should have picked up the repeats and sorry it took me so long to get
back i had a hdd failure in my server.
With latest updates all seems ok except when i log in x dies and restarts so
i efectivly cant log in i treid starting at run level 3 and x would start
but hang
Dennis
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAhlQmkSxm47BaWfcRAtXNAJ4kPPoegHGsxryF/3M93JkHXrmphQCgi1gI
dJUnl1YZW4FCntUzkyfFBIs=
=kDiD
-----END PGP SIGNATURE-----
