New AVCs with today's rawhide.... (mostly xdm related)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Running rawhide, targeted.

Had problems after today's rawhide update.

Booting in permissive mode produced:


module localxdm 1.0;

require {
	type unconfined_t;
	type security_t;
	type xdm_var_lib_t;
	type syslogd_t;
	type unconfined_execmem_t;
	type xdm_xserver_t;
	type system_map_t;
	type mono_t;
	type xdm_t;
	type mount_t;
	class unix_stream_socket { read write };
	class x_property read;
	class security { check_context compute_create compute_av };
	class file { read write getattr };
	class dir { write read mounton };
}

#============= mono_t ==============
allow mono_t unconfined_t:x_property read;

#============= mount_t ==============
allow mount_t xdm_t:unix_stream_socket { read write };
allow mount_t xdm_var_lib_t:dir { write read mounton };

#============= syslogd_t ==============
allow syslogd_t system_map_t:file { read getattr };

#============= unconfined_execmem_t ==============
allow unconfined_execmem_t unconfined_t:x_property read;
allow unconfined_execmem_t xdm_t:x_property read;

#============= xdm_t ==============
allow xdm_t xdm_var_lib_t:dir mounton;

#============= xdm_xserver_t ==============
allow xdm_xserver_t security_t:dir read;
allow xdm_xserver_t security_t:file { write read };
allow xdm_xserver_t security_t:security { check_context compute_create
compute_av };

I'll attach the raw audit file below.

In addition, there were two avcs produced in /var/log/messages before
the start of audit:

Mar  8 09:49:52 localhost kernel: type=1400 audit(1204998591.798:3):
avc:  denied  { read } for  pid=2257 comm="rsyslogd"
name="System.map-2.6.25-0.95.rc4.local2.fc9" dev=sda3 ino=6064
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:system_map_t:s0 tclass=file
Mar  8 09:49:52 localhost kernel: type=1400 audit(1204998591.798:4):
avc:  denied  { getattr } for  pid=2257 comm="rsyslogd"
path="/boot/System.map-2.6.25-0.95.rc4.local2.fc9" dev=sda3 ino=6064
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:system_map_t:s0 tclass=file

Not sure all of these need to be "allow", but "semodule -i
localxdm.pp" makes the system boot and run in enforcing mode.

tom

-- 
Tom London
type=DAEMON_START msg=audit(1204998592.546:6588): auditd start, ver=1.6.8 format=raw kernel=2.6.25-0.95.rc4.local2.fc9 auid=4294967295 pid=2274 res=success
type=CONFIG_CHANGE msg=audit(1204998593.077:5): audit_backlog_limit=320 old=64 by auid=4294967295 subj=system_u:system_r:auditctl_t:s0 res=1
type=LABEL_LEVEL_CHANGE msg=audit(1204998616.453:6): user pid=2535 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Cups-PDF uri=cups-pdf:/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1204998616.636:7): user pid=2535 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=HP5MP uri=hp:/par/HP_LaserJet_5MP?device=/dev/parport0 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1204998616.751:8): user pid=2535 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_laserjet_1300 uri=hp:/usb/hp_LaserJet_1300?serial=00CNCB954325 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1204998616.877:9): user pid=2535 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_LaserJet_1300_USB_1 uri=usb://HP/LaserJet%201300 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1204998616.964:10): user pid=2535 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Kyocera_FS-C5030N_on_dc1 uri=socket://10.10.3.49:9100 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1204998617.110:11): user pid=2535 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=SavinColor uri=ipp://10.10.3.47/ipp/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1204998617.221:12): user pid=2535 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Innopath uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1204998617.222:13): user pid=2535 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Local uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=AVC msg=audit(1204998641.098:14): avc:  denied  { read } for  pid=2801 comm="Xorg" name="perms" dev=selinuxfs ino=67111368 scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=dir
type=SYSCALL msg=audit(1204998641.098:14): arch=40000003 syscall=5 success=yes exit=15 a0=bf8db554 a1=98800 a2=b80c47b0 a3=2 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998641.480:15): avc:  denied  { write } for  pid=2801 comm="Xorg" name="create" dev=selinuxfs ino=7 scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file
type=SYSCALL msg=audit(1204998641.480:15): arch=40000003 syscall=5 success=yes exit=17 a0=bf8db528 a1=8002 a2=0 a3=8002 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998641.480:16): avc:  denied  { compute_create } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998641.480:16): arch=40000003 syscall=4 success=yes exit=96 a0=11 a1=99ac228 a2=60 a3=ffffffff items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998641.981:17): avc:  denied  { check_context } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998641.981:17): arch=40000003 syscall=4 success=yes exit=38 a0=12 a1=9a8e1c0 a2=26 a3=bf8db2e8 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998646.887:18): avc:  denied  { compute_av } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998646.887:18): arch=40000003 syscall=4 success=yes exit=91 a0=19 a1=9b6c2f8 a2=5b a3=20000 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998655.510:19): avc:  denied  { compute_create } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998655.510:19): arch=40000003 syscall=4 success=yes exit=80 a0=1d a1=9b80b68 a2=50 a3=ffffffff items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998655.516:20): avc:  denied  { compute_av } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998655.516:20): arch=40000003 syscall=4 success=yes exit=83 a0=1d a1=9b80df0 a2=53 a3=200 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998655.520:21): avc:  denied  { check_context } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998655.520:21): arch=40000003 syscall=4 success=yes exit=39 a0=1d a1=9b7dd10 a2=27 a3=bf8db2d8 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998667.720:22): avc:  denied  { mounton } for  pid=2905 comm="gvfs-fuse-daemo" path="/var/lib/gdm/.gvfs" dev=dm-0 ino=66829 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=dir
type=SYSCALL msg=audit(1204998667.720:22): arch=40000003 syscall=21 success=no exit=-1 a0=82274d0 a1=82269e8 a2=8227510 a3=6 items=0 ppid=1 pid=2905 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="gvfs-fuse-daemo" exe="/usr/libexec/gvfs-fuse-daemon" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998667.724:23): avc:  denied  { read write } for  pid=2906 comm="fusermount" path="socket:[10976]" dev=sockfs ino=10976 scontext=system_u:system_r:mount_t:s0-s0:c0.c1023 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=unix_stream_socket
type=SYSCALL msg=audit(1204998667.724:23): arch=40000003 syscall=11 success=yes exit=0 a0=d6c07d a1=bfc1a450 a2=8227578 a3=bfc1a450 items=0 ppid=2905 pid=2906 auid=4294967295 uid=42 gid=42 euid=0 suid=0 fsuid=0 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="fusermount" exe="/bin/fusermount" subj=system_u:system_r:mount_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998667.904:24): avc:  denied  { write } for  pid=2906 comm="fusermount" name=".gvfs" dev=dm-0 ino=66829 scontext=system_u:system_r:mount_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=dir
type=SYSCALL msg=audit(1204998667.904:24): arch=40000003 syscall=33 success=yes exit=0 a0=804c386 a1=2 a2=bfd75e90 a3=91cc04a items=0 ppid=2905 pid=2906 auid=4294967295 uid=42 gid=42 euid=0 suid=0 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="fusermount" exe="/bin/fusermount" subj=system_u:system_r:mount_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998667.905:25): avc:  denied  { read } for  pid=2906 comm="fusermount" name=".gvfs" dev=dm-0 ino=66829 scontext=system_u:system_r:mount_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=dir
type=SYSCALL msg=audit(1204998667.905:25): arch=40000003 syscall=5 success=yes exit=7 a0=804c386 a1=98800 a2=0 a3=4000 items=0 ppid=2905 pid=2906 auid=4294967295 uid=42 gid=42 euid=0 suid=0 fsuid=0 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="fusermount" exe="/bin/fusermount" subj=system_u:system_r:mount_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998667.906:26): avc:  denied  { mounton } for  pid=2906 comm="fusermount" path="/var/lib/gdm/.gvfs" dev=dm-0 ino=66829 scontext=system_u:system_r:mount_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=dir
type=SYSCALL msg=audit(1204998667.906:26): arch=40000003 syscall=21 success=yes exit=0 a0=91cd6a8 a1=804c386 a2=91cd6e8 a3=6 items=0 ppid=2905 pid=2906 auid=4294967295 uid=42 gid=42 euid=0 suid=0 fsuid=0 egid=42 sgid=42 fsgid=42 tty=(none) ses=4294967295 comm="fusermount" exe="/bin/fusermount" subj=system_u:system_r:mount_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998671.506:27): avc:  denied  { read write } for  pid=2801 comm="Xorg" name="create" dev=selinuxfs ino=7 scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file
type=SYSCALL msg=audit(1204998671.506:27): arch=40000003 syscall=5 success=yes exit=34 a0=bf8db498 a1=8002 a2=0 a3=8002 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=USER_AUTH msg=audit(1204998728.113:28): user pid=2897 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_ACCT msg=audit(1204998728.119:29): user pid=2897 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=CRED_ACQ msg=audit(1204998728.151:30): user pid=2897 uid=500 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=LOGIN msg=audit(1204998728.235:31): login pid=2897 uid=500 old auid=4294967295 new auid=500 old ses=4294967295 new ses=1
type=USER_ROLE_CHANGE msg=audit(1204998728.332:32): user pid=2897 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0 selected-context=unconfined_u:unconfined_r:unconfined_t:s0: exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=? res=success)'
type=USER_START msg=audit(1204998729.629:33): user pid=2897 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_LOGIN msg=audit(1204998729.633:34): user pid=2897 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=success)'
type=AVC msg=audit(1204998729.731:35): avc:  denied  { read write } for  pid=2801 comm="Xorg" name="access" dev=selinuxfs ino=6 scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file
type=SYSCALL msg=audit(1204998729.731:35): arch=40000003 syscall=5 success=yes exit=29 a0=bf8db398 a1=8002 a2=0 a3=8002 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998729.731:36): avc:  denied  { compute_av } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998729.731:36): arch=40000003 syscall=4 success=yes exit=83 a0=1d a1=9b6f318 a2=53 a3=20 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998729.732:37): avc:  denied  { compute_create } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998729.732:37): arch=40000003 syscall=4 success=yes exit=86 a0=1d a1=9b6f318 a2=56 a3=ffffffff items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=USER_AVC msg=audit(1204998743.938:38): user pid=2801 uid=0 auid=4294967295 subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 msg='avc:  denied  { read } for request=X11:GetProperty comm=rhythmbox property=_XSETTINGS_SETTINGS scontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tcontext=unconfined_u:object_r:unconfined_t:s0 tclass=x_property : exe="/usr/bin/Xorg" (sauid=0, hostname=?, addr=?, terminal=?)'
type=AVC msg=audit(1204998744.790:39): avc:  denied  { compute_create } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998744.790:39): arch=40000003 syscall=4 success=yes exit=77 a0=2d a1=9f52658 a2=4d a3=ffffffff items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998745.192:40): avc:  denied  { compute_av } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998745.192:40): arch=40000003 syscall=4 success=yes exit=84 a0=2e a1=9f58b20 a2=54 a3=1 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998746.489:41): avc:  denied  { read write } for  pid=2801 comm="Xorg" name="create" dev=selinuxfs ino=7 scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file
type=SYSCALL msg=audit(1204998746.489:41): arch=40000003 syscall=5 success=yes exit=49 a0=bf8db478 a1=8002 a2=0 a3=8002 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998746.774:42): avc:  denied  { check_context } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998746.774:42): arch=40000003 syscall=4 success=yes exit=37 a0=31 a1=9b48508 a2=25 a3=bf8db2e8 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=USER_AVC msg=audit(1204998755.259:43): user pid=2801 uid=0 auid=4294967295 subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 msg='avc:  denied  { read } for request=X11:GetProperty comm=mono property=_XSETTINGS_SETTINGS scontext=unconfined_u:unconfined_r:mono_t:s0 tcontext=unconfined_u:object_r:unconfined_t:s0 tclass=x_property : exe="/usr/bin/Xorg" (sauid=0, hostname=?, addr=?, terminal=?)'
type=AVC msg=audit(1204998769.939:44): avc:  denied  { compute_create } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998769.939:44): arch=40000003 syscall=4 success=yes exit=79 a0=35 a1=9f9ad90 a2=4f a3=ffffffff items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1204998770.857:45): avc:  denied  { compute_av } for  pid=2801 comm="Xorg" scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
type=SYSCALL msg=audit(1204998770.857:45): arch=40000003 syscall=4 success=yes exit=72 a0=36 a1=a21ef78 a2=48 a3=1 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=USER_AVC msg=audit(1204998784.356:46): user pid=2801 uid=0 auid=4294967295 subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 msg='avc:  denied  { read } for request=X11:GetProperty comm=rhythmbox property=_NET_SUPPORTING_WM_CHECK scontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tcontext=system_u:object_r:xdm_t:s0 tclass=x_property : exe="/usr/bin/Xorg" (sauid=0, hostname=?, addr=?, terminal=?)'
type=AVC msg=audit(1204998788.037:47): avc:  denied  { read write } for  pid=2801 comm="Xorg" name="create" dev=selinuxfs ino=7 scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file
type=SYSCALL msg=audit(1204998788.037:47): arch=40000003 syscall=5 success=yes exit=55 a0=bf8db4b8 a1=8002 a2=0 a3=8002 items=0 ppid=2800 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty7 ses=4294967295 comm="Xorg" exe="/usr/bin/Xorg" subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
type=USER_AUTH msg=audit(1204998801.842:48): user pid=3471 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:authentication acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_ACCT msg=audit(1204998801.848:49): user pid=3471 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:accounting acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_START msg=audit(1204998801.977:50): user pid=3471 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_open acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=CRED_ACQ msg=audit(1204998801.978:51): user pid=3471 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux