loadkey avc denied

Laurent Jacquot <jk@xxxxxxxxx> · Thu, 10 Apr 2008 19:58:32 +0200

Hello,
Every time I reboot, I have those 9 AVCs in /var/log/messages:

Apr  3 19:18:35 jack kernel: audit(1207243095.907:4): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr  3 19:18:35 jack kernel: audit(1207243095.907:5): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr  3 19:18:35 jack kernel: audit(1207243095.907:6): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr  3 19:18:35 jack kernel: audit(1207243095.907:7): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr  3 19:18:35 jack kernel: audit(1207243095.907:8): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr  3 19:18:35 jack kernel: audit(1207243095.907:9): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr  3 19:18:35 jack kernel: audit(1207243095.907:10): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr  3 19:18:35 jack kernel: audit(1207243095.907:11): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability
Apr  3 19:18:35 jack kernel: audit(1207243095.907:12): avc:  denied
{ sys_admin } for  pid=1707 comm="loadkeys" capability=21
scontext=system_u:system_r:loadkeys_t:s0
tcontext=system_u:system_r:loadkeys_t:s0 tclass=capability

They are generated before audit runs.
What are they trying to tell me? Should I relabel something or bug it?

TIA
	Laurent

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list