Phil Edwards wrote:
Hi. I've just installed FC7, updated its packages, but made few other
changes so far; no changes at all to selinux (I wouldn't know how, and
there is no full-time sysadmin).
The messages log is filling up with stuff like this:
dbus: Can't send to audit system: USER_AVC avc: received policyload
notice (seqno=2) : exe="/bin/dbus-daemon" (sauid=539, hostname=?,
addr=?, terminal=?)
nscd: Can't send to audit system: USER_AVC avc: received policyload
notice (seqno=2) : exe="?" (sauid=28, hostname=?, addr=?, terminal=?)
dbus and nscd are the nosiest culprits.
Googling for what look like the key phrases gets me tons of hits from
2005, but nothing recent and nothing pertaining to FC7 (but having
never used an FC release before, I could be wrong).
Could somebody please tell me how to turn this noise off?
These are not SELinux errors so to speak, they are auditing errors.
When you update policy probably during a yum update, any application
that is running as a SELinux policy enforcer, gets a message from the
kernel telling that the policy has been updated. These apps then
attempt to send a message to the audit system stating that they have
reloaded the policy. These errors are generated because the
applications are running as a normal user and are not allowed to send to
the audit.log. So the audit subsystem sends a message to
/var/log/messages. So other then filling you /var/log/messages file,
these errors can be ignored. The dbus error has been fixed in FC6 and
seems to have resurfaced. I have not seen the nscd error. Both should
be reported as bugzillas to nscd, and dbus.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
