haldaemon, run_init

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Running strict/enforcing w/ latest from Dan's tree.
When haldaemon starts:

Sep 16 07:52:29 fedora haldaemon: haldaemon startup succeeded
Sep 16 07:52:30 fedora fstab-sync[3132]: removed all generated mount points
Sep 16 07:52:30 fedora kernel: audit(1095346350.044:0): avc: denied { execute } for pid=3134 exe=/usr/sbin/hald name=bash dev=hda2 ino=229395 scontext=system_u:system_r:hald_t tcontext=system_u:object_r:shell_exec_t tclass=file
Sep 16 07:52:30 fedora mdmonitor: mdadm startup succeeded

Believe the AVC is generated when hald tries to run hal_lpadmin from
/etc/hal/device.d/printer_remove.hal

When I put system into permissive mode and restart haldaemon, I get
(sorry for running this as root, but run_init seems busted:
Sep 16 11:03:12 fedora kernel: audit(1095357792.163:0): avc: denied { use } for pid=4262 exe=/usr/sbin/run_init path=/dev/pts/2 dev=devpts ino=4 scontext=root:sysadm_r:run_init_t tcontext=user_u:user_r:user_t tclass=fd
Sep 16 11:03:12 fedora last message repeated 2 times
Sep 16 11:03:12 fedora run_init(pam_unix)[4262]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=root
)

Here are the permissive AVCs:
Sep 16 10:44:43 fedora kernel: audit(1095356683.853:0): avc: denied { relabelfrom } for pid=8333 exe=/usr/sbin/fstab-sync name=fstab dev=hda2 ino=4475247 scontext=root:system_r:updfstab_t tcontext=root:object_r:etc_t tclass=file
Sep 16 10:44:43 fedora kernel: audit(1095356683.854:0): avc: denied { relabelto } for pid=8333 exe=/usr/sbin/fstab-sync name=fstab dev=hda2 ino=4475247 scontext=root:system_r:updfstab_t tcontext=system_u:object_r:etc_t tclass=file
Sep 16 10:44:43 fedora fstab-sync[8333]: removed all generated mount points
Sep 16 10:44:43 fedora kernel: audit(1095356683.893:0): avc: denied { execute } for pid=8335 exe=/usr/sbin/hald name=bash dev=hda2 ino=229395 scontext=root:system_r:hald_t tcontext=system_u:object_r:shell_exec_t tclass=file
Sep 16 10:44:43 fedora kernel: audit(1095356683.894:0): avc: denied { read } for pid=8335 exe=/usr/sbin/hald path=/bin/bash dev=hda2 ino=229395 scontext=root:system_r:hald_t tcontext=system_u:object_r:shell_exec_t tclass=file
Sep 16 10:44:43 fedora kernel: audit(1095356683.899:0): avc: denied { execute } for pid=8336 exe=/bin/bash name=hal_lpadmin dev=hda2 ino=278545 scontext=root:system_r:hald_t tcontext=system_u:object_r:sbin_t tclass=file
Sep 16 10:44:43 fedora kernel: audit(1095356683.900:0): avc: denied { execute_no_trans } for pid=8336 exe=/bin/bash path=/usr/sbin/hal_lpadmin dev=hda2 ino=278545 scontext=root:system_r:hald_t tcontext=system_u:object_r:sbin_t tclass=file
Sep 16 10:44:43 fedora kernel: audit(1095356683.900:0): avc: denied { read } for pid=8336 exe=/bin/bash path=/usr/sbin/hal_lpadmin dev=hda2 ino=278545 scontext=root:system_r:hald_t tcontext=system_u:object_r:sbin_t tclass=file
Sep 16 10:44:44 fedora kernel: audit(1095356684.672:0): avc: denied { search } for pid=8381 exe=/usr/libexec/hal-hotplug-map name=hotplug dev=hda2 ino=4472955 scontext=root:system_r:hald_t tcontext=system_u:object_r:hotplug_etc_t tclass=dir
Sep 16 10:44:44 fedora kernel: audit(1095356684.674:0): avc: denied { read } for pid=8381 exe=/usr/libexec/hal-hotplug-map name=usb.usermap dev=hda2 ino=4474609 scontext=root:system_r:hald_t tcontext=system_u:object_r:hotplug_etc_t tclass=file
Sep 16 10:44:44 fedora kernel: audit(1095356684.674:0): avc: denied { getattr } for pid=8381 exe=/usr/libexec/hal-hotplug-map path=/etc/hotplug/usb.usermap dev=hda2 ino=4474609 scontext=root:system_r:hald_t tcontext=system_u:object_r:hotplug_etc_t tclass=file
Sep 16 10:44:45 fedora kernel: audit(1095356685.450:0): avc: denied { use } for pid=8430 exe=/bin/mount path=pipe:[13184] dev=pipefs ino=13184 scontext=user_u:user_r:user_mount_t tcontext=system_u:system_r:xdm_t tclass=fd
Sep 16 10:44:45 fedora kernel: audit(1095356685.450:0): avc: denied { write } for pid=8430 exe=/bin/mount path=pipe:[13184] dev=pipefs ino=13184 scontext=user_u:user_r:user_mount_t tcontext=system_u:system_r:xdm_t tclass=fifo_file
Sep 16 10:44:46 fedora kernel: audit(1095356686.042:0): avc: denied { execute } for pid=8330 exe=/usr/sbin/hald name=printer_update.hal dev=hda2 ino=280646 scontext=root:system_r:hald_t tcontext=system_u:object_r:etc_t tclass=file
Sep 16 10:44:46 fedora kernel: audit(1095356686.075:0): avc: denied { read write } for pid=8330 exe=/usr/sbin/hald name=lp0 dev=tmpfs ino=6883 scontext=root:system_r:hald_t tcontext=system_u:object_r:printer_device_t tclass=chr_file
Sep 16 10:44:46 fedora kernel: audit(1095356686.121:0): avc: denied { execute_no_trans } for pid=8479 exe=/usr/sbin/hald path=/etc/hal/capability.d/printer_update.hal dev=hda2 ino=280646 scontext=root:system_r:hald_t tcontext=system_u:object_r:etc_t tclass=file
Sep 16 10:44:46 fedora kernel: audit(1095356686.140:0): avc: denied { ioctl } for pid=8479 exe=/bin/bash path=/etc/hal/capability.d/printer_update.hal dev=hda2 ino=280646 scontext=root:system_r:hald_t tcontext=system_u:object_r:etc_t tclass=file


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux