RE: setroubleshootd dead but pid file exists

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dan,

Yes, we are seeing setroubleshoot related avc messages. Attached is the
output of "ausearch -m avc | grep setroubleshoot".

Thanks,
Radha. 


-----Original Message-----
From: Daniel J Walsh [mailto:dwalsh@xxxxxxxxxx] 
Sent: Tuesday, August 31, 2010 8:24 AM
To: Radha Venkatesh (radvenka)
Cc: fedora-selinux-list@xxxxxxxxxx
Subject: Re: setroubleshootd dead but pid file exists

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/31/2010 11:17 AM, Radha Venkatesh (radvenka) wrote:
> Hi,
>  
> The problem we face is
>  
>>> service setroubleshoot status
> setroubleshootd dead but pid file exists
>  
> We are running into Bug 480432
> <https://bugzilla.redhat.com/show_bug.cgi?id=480432>  - 
> setroubleshootd killed - apparently by selinux on our system. The 
> kernel we are running on is 2.6.18-194.el5PAE and the selinux, 
> setroubleshoot rpms being used are
>  
> libselinux-1.33.4-5.5.el5
> selinux-policy-strict-2.4.6-279.el5
> platform-selinux-2.0.0.0-1
> cm-selinux-2.0.0.0-0
> libselinux-python-1.33.4-5.5.el5
> libselinux-utils-1.33.4-5.5.el5
> selinux-policy-2.4.6-279.el5
> 
> setroubleshoot-server-2.0.5-5.el5
> setroubleshoot-plugins-2.0.4-2.el5
>  
> Is there a workaround for the above issue, if we cannot go to the 
> latest kernel?
>  
> Thanks,
> Radha.
> 
>  
>  
> 
> 
> 
> 
> --
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Are you seeing an AVC about setroubleshoot?

ausearch -m avc -ts recent


Or ausearch -m avc | grep setroubleshoot

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkx9HqIACgkQrlYvE4MpobNcPgCfSZvENkOdQiEcw7hmW38U9w4s
0WkAoKZNuj0XoFB1Uyc95ysGr7mvbRpS
=AGIr
-----END PGP SIGNATURE-----

type=SYSCALL msg=audit(1282265971.884:152): arch=40000003 syscall=192 success=yes exit=15065088 a0=0 a1=118de8 a2=5 a3=802 items=0 ppid=11433 pid=11434 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1282265971.884:152): avc:  denied  { execute } for  pid=11434 comm="setroubleshootd" path="/usr/lib/libpython2.4.so.1.0" dev=sda1 ino=7757266 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:lib_t:s0 tclass=file
type=SYSCALL msg=audit(1282265971.991:153): arch=40000003 syscall=192 success=yes exit=1114112 a0=0 a1=175cc a2=5 a3=802 items=0 ppid=11433 pid=11434 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1282265971.991:153): avc:  denied  { execute } for  pid=11434 comm="setroubleshootd" path="/usr/lib/python2.4/site-packages/selinux/_selinux.so" dev=sda1 ino=7949377 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:lib_t:s0 tclass=file
type=SYSCALL msg=audit(1282265972.074:154): arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=bf87b9b0 a2=25a118 a3=b7fa3d40 items=1 ppid=11433 pid=11434 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1282265972.074:154): avc:  denied  { sendto } for  pid=11434 comm="setroubleshootd" path="/dev/log" scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=unix_dgram_socket
type=AVC msg=audit(1282265972.074:154): avc:  denied  { write } for  pid=11434 comm="setroubleshootd" name="log" dev=tmpfs ino=12943 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=sock_file
type=SYSCALL msg=audit(1282265975.457:189): arch=40000003 syscall=195 success=yes exit=0 a0=b769c240 a1=b769c294 a2=a89ff4 a3=b769c25c items=1 ppid=1 pid=11557 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1282265975.457:189): avc:  denied  { read } for  pid=11557 comm="setroubleshootd" name="active" dev=sda1 ino=2714532 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=lnk_file
type=SYSCALL msg=audit(1283199422.269:138): arch=40000003 syscall=192 success=yes exit=14712832 a0=0 a1=118de8 a2=5 a3=802 items=0 ppid=8958 pid=8959 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1283199422.269:138): avc:  denied  { execute } for  pid=8959 comm="setroubleshootd" path="/usr/lib/libpython2.4.so.1.0" dev=sda1 ino=7757266 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:lib_t:s0 tclass=file
type=SYSCALL msg=audit(1283199422.461:139): arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=bfe301a0 a2=13c118 a3=b7f59d40 items=1 ppid=8958 pid=8959 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1283199422.461:139): avc:  denied  { sendto } for  pid=8959 comm="setroubleshootd" path="/dev/log" scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=unix_dgram_socket
type=AVC msg=audit(1283199422.461:139): avc:  denied  { write } for  pid=8959 comm="setroubleshootd" name="log" dev=tmpfs ino=11226 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=sock_file
type=SYSCALL msg=audit(1283199425.540:173): arch=40000003 syscall=195 success=yes exit=0 a0=b7652240 a1=b7652294 a2=dc6ff4 a3=b765225c items=1 ppid=1 pid=9090 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1283199425.540:173): avc:  denied  { read } for  pid=9090 comm="setroubleshootd" name="active" dev=sda1 ino=2714532 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=lnk_file
type=EXECVE msg=audit(1283199985.402:4805): argc=3 a0="/bin/sh" a1="/sbin/service" a2="setroubleshoot"
type=EXECVE msg=audit(1283199985.402:4805): argc=4 a0="/bin/sh" a1="/sbin/service" a2="setroubleshoot" a3="status"
type=PATH msg=audit(1283199985.494:4807): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=AVC msg=audit(1283199985.494:4807): avc:  denied  { getattr } for  pid=17087 comm="service" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283199985.494:4808): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=AVC msg=audit(1283199985.494:4808): avc:  denied  { execute } for  pid=17087 comm="service" name="setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283199985.495:4809): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=EXECVE msg=audit(1283199985.495:4809): argc=2 a0="/bin/bash" a1="/etc/init.d/setroubleshoot"
type=EXECVE msg=audit(1283199985.495:4809): argc=3 a0="/bin/bash" a1="/etc/init.d/setroubleshoot" a2="status"
type=SYSCALL msg=audit(1283199985.495:4809): arch=40000003 syscall=11 per=400000 success=yes exit=0 a0=bf958c19 a1=bf957848 a2=85cf858 a3=5 items=3 ppid=17087 pid=17092 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283199985.495:4809): avc:  denied  { read } for  pid=17092 comm="env" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1283199985.495:4809): avc:  denied  { execute_no_trans } for  pid=17092 comm="env" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1283199985.496:4810): arch=40000003 syscall=54 per=400000 success=no exit=-25 a0=3 a1=5401 a2=bfa48ad8 a3=bfa48b18 items=0 ppid=17087 pid=17092 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283199985.496:4810): avc:  denied  { ioctl } for  pid=17092 comm="setroubleshoot" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283199985.503:4811): item=0 name="/var/run/setroubleshootd.pid" inode=2714651 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=SYSCALL msg=audit(1283199985.503:4811): arch=40000003 syscall=195 per=400000 success=yes exit=0 a0=9201b78 a1=bfa46488 a2=b7f64ff4 a3=9201b78 items=1 ppid=17087 pid=17092 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283199985.503:4811): avc:  denied  { getattr } for  pid=17092 comm="setroubleshoot" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714651 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=PATH msg=audit(1283199985.503:4812): item=0 name="/var/run/setroubleshootd.pid" inode=2714651 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=SYSCALL msg=audit(1283199985.503:4812): arch=40000003 syscall=5 per=400000 success=yes exit=3 a0=91eb0a0 a1=8000 a2=0 a3=8000 items=1 ppid=17087 pid=17092 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283199985.503:4812): avc:  denied  { read } for  pid=17092 comm="setroubleshoot" name="setroubleshootd.pid" dev=sda1 ino=2714651 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=SYSCALL msg=audit(1283199985.503:4813): arch=40000003 syscall=54 per=400000 success=no exit=-25 a0=0 a1=5401 a2=bfa45b98 a3=bfa45bd8 items=0 ppid=17087 pid=17092 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283199985.503:4813): avc:  denied  { ioctl } for  pid=17092 comm="setroubleshoot" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714651 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=EXECVE msg=audit(1283227292.132:14428): argc=3 a0="/bin/sh" a1="/sbin/service" a2="setroubleshoot"
type=EXECVE msg=audit(1283227292.132:14428): argc=4 a0="/bin/sh" a1="/sbin/service" a2="setroubleshoot" a3="status"
type=PATH msg=audit(1283227292.146:14430): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=AVC msg=audit(1283227292.146:14430): avc:  denied  { getattr } for  pid=29005 comm="service" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283227292.146:14431): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=AVC msg=audit(1283227292.146:14431): avc:  denied  { execute } for  pid=29005 comm="service" name="setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283227292.147:14432): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=EXECVE msg=audit(1283227292.147:14432): argc=2 a0="/bin/bash" a1="/etc/init.d/setroubleshoot"
type=EXECVE msg=audit(1283227292.147:14432): argc=3 a0="/bin/bash" a1="/etc/init.d/setroubleshoot" a2="status"
type=SYSCALL msg=audit(1283227292.147:14432): arch=40000003 syscall=11 per=400000 success=yes exit=0 a0=bfd1fc1b a1=bfd1ee38 a2=8fd7858 a3=5 items=3 ppid=29005 pid=29011 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=70 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227292.147:14432): avc:  denied  { read } for  pid=29011 comm="env" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1283227292.147:14432): avc:  denied  { execute_no_trans } for  pid=29011 comm="env" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1283227292.149:14433): arch=40000003 syscall=54 per=400000 success=no exit=-25 a0=3 a1=5401 a2=bf9df128 a3=bf9df168 items=0 ppid=29005 pid=29011 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=70 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227292.149:14433): avc:  denied  { ioctl } for  pid=29011 comm="setroubleshoot" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283227292.155:14434): item=0 name="/var/run/setroubleshootd.pid" inode=2714651 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=SYSCALL msg=audit(1283227292.155:14434): arch=40000003 syscall=195 per=400000 success=yes exit=0 a0=95ccb78 a1=bf9dcad8 a2=b7f67ff4 a3=95ccb78 items=1 ppid=29005 pid=29011 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=70 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227292.155:14434): avc:  denied  { getattr } for  pid=29011 comm="setroubleshoot" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714651 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=PATH msg=audit(1283227292.155:14435): item=0 name="/var/run/setroubleshootd.pid" inode=2714651 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=SYSCALL msg=audit(1283227292.155:14435): arch=40000003 syscall=5 per=400000 success=yes exit=3 a0=95b60a0 a1=8000 a2=0 a3=8000 items=1 ppid=29005 pid=29011 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=70 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227292.155:14435): avc:  denied  { read } for  pid=29011 comm="setroubleshoot" name="setroubleshootd.pid" dev=sda1 ino=2714651 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=SYSCALL msg=audit(1283227292.155:14436): arch=40000003 syscall=54 per=400000 success=no exit=-25 a0=0 a1=5401 a2=bf9dc1e8 a3=bf9dc228 items=0 ppid=29005 pid=29011 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=70 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227292.155:14436): avc:  denied  { ioctl } for  pid=29011 comm="setroubleshoot" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714651 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=PATH msg=audit(1283227310.513:14585): item=0 name="setroubleshootd" inode=7758841 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshootd_exec_t:s0
type=AVC msg=audit(1283227310.513:14585): avc:  denied  { getattr } for  pid=29021 comm="restorecon" path="/usr/sbin/setroubleshootd" dev=sda1 ino=7758841 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshootd_exec_t:s0 tclass=file
type=PATH msg=audit(1283227321.077:14726): item=0 name="setroubleshootd.conf" inode=4677618 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:dbusd_etc_t:s0
type=AVC msg=audit(1283227321.077:14726): avc:  denied  { getattr } for  pid=29021 comm="restorecon" path="/etc/dbus-1/system.d/setroubleshootd.conf" dev=sda1 ino=4677618 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dbusd_etc_t:s0 tclass=file
type=PATH msg=audit(1283227321.142:14748): item=0 name="setroubleshoot" inode=2714523 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_log_t:s0
type=AVC msg=audit(1283227321.142:14748): avc:  denied  { read } for  pid=29021 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714523 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_log_t:s0 tclass=dir
type=PATH msg=audit(1283227321.183:14772): item=0 name="setroubleshoot" inode=2714522 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_lib_t:s0
type=AVC msg=audit(1283227321.183:14772): avc:  denied  { getattr } for  pid=29021 comm="restorecon" path="/var/lib/setroubleshoot" dev=sda1 ino=2714522 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_lib_t:s0 tclass=dir
type=PATH msg=audit(1283227321.183:14773): item=0 name="setroubleshoot" inode=2714522 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_lib_t:s0
type=AVC msg=audit(1283227321.183:14773): avc:  denied  { read } for  pid=29021 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714522 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_lib_t:s0 tclass=dir
type=PATH msg=audit(1283227321.183:14774): item=0 name="audit_listener_database.xml" inode=2714659 dev=08:01 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_lib_t:s0
type=AVC msg=audit(1283227321.183:14774): avc:  denied  { getattr } for  pid=29021 comm="restorecon" path="/var/lib/setroubleshoot/audit_listener_database.xml" dev=sda1 ino=2714659 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_lib_t:s0 tclass=file
type=AVC msg=audit(1283227321.183:14774): avc:  denied  { search } for  pid=29021 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714522 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_lib_t:s0 tclass=dir
type=PATH msg=audit(1283227321.200:14804): item=0 name="setroubleshoot" inode=2714524 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=AVC msg=audit(1283227321.200:14804): avc:  denied  { getattr } for  pid=29021 comm="restorecon" path="/var/run/setroubleshoot" dev=sda1 ino=2714524 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=dir
type=PATH msg=audit(1283227321.200:14805): item=0 name="setroubleshoot" inode=2714524 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=AVC msg=audit(1283227321.200:14805): avc:  denied  { read } for  pid=29021 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714524 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=dir
type=PATH msg=audit(1283227321.200:14806): item=0 name="setroubleshoot_server" inode=2714661 dev=08:01 mode=0140666 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=AVC msg=audit(1283227321.200:14806): avc:  denied  { getattr } for  pid=29021 comm="restorecon" path="/var/run/setroubleshoot/setroubleshoot_server" dev=sda1 ino=2714661 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=sock_file
type=AVC msg=audit(1283227321.200:14806): avc:  denied  { search } for  pid=29021 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714524 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=dir
type=PATH msg=audit(1283227327.230:15039): item=0 name="setroubleshoot" inode=2714523 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_log_t:s0
type=AVC msg=audit(1283227327.230:15039): avc:  denied  { read } for  pid=29020 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714523 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_log_t:s0 tclass=dir
type=PATH msg=audit(1283227327.270:15052): item=0 name="setroubleshoot" inode=2714522 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_lib_t:s0
type=AVC msg=audit(1283227327.270:15052): avc:  denied  { getattr } for  pid=29020 comm="restorecon" path="/var/lib/setroubleshoot" dev=sda1 ino=2714522 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_lib_t:s0 tclass=dir
type=PATH msg=audit(1283227327.271:15053): item=0 name="setroubleshoot" inode=2714522 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_lib_t:s0
type=AVC msg=audit(1283227327.271:15053): avc:  denied  { read } for  pid=29020 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714522 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_lib_t:s0 tclass=dir
type=PATH msg=audit(1283227327.271:15054): item=0 name="audit_listener_database.xml" inode=2714659 dev=08:01 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_lib_t:s0
type=AVC msg=audit(1283227327.271:15054): avc:  denied  { getattr } for  pid=29020 comm="restorecon" path="/var/lib/setroubleshoot/audit_listener_database.xml" dev=sda1 ino=2714659 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_lib_t:s0 tclass=file
type=AVC msg=audit(1283227327.271:15054): avc:  denied  { search } for  pid=29020 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714522 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_lib_t:s0 tclass=dir
type=PATH msg=audit(1283227327.293:15065): item=0 name="setroubleshoot" inode=2714524 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=AVC msg=audit(1283227327.293:15065): avc:  denied  { getattr } for  pid=29020 comm="restorecon" path="/var/run/setroubleshoot" dev=sda1 ino=2714524 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=dir
type=PATH msg=audit(1283227327.293:15066): item=0 name="setroubleshoot" inode=2714524 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=AVC msg=audit(1283227327.293:15066): avc:  denied  { read } for  pid=29020 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714524 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=dir
type=PATH msg=audit(1283227327.294:15067): item=0 name="setroubleshoot_server" inode=2714661 dev=08:01 mode=0140666 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=AVC msg=audit(1283227327.294:15067): avc:  denied  { search } for  pid=29020 comm="restorecon" name="setroubleshoot" dev=sda1 ino=2714524 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=dir
type=PATH msg=audit(1283227327.297:15073): item=0 name="setroubleshootd.pid" inode=2714651 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=AVC msg=audit(1283227327.297:15073): avc:  denied  { getattr } for  pid=29020 comm="restorecon" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714651 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=SYSCALL msg=audit(1283227484.583:99): arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=bf887270 a2=485118 a3=b7ecdd40 items=1 ppid=8950 pid=8951 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1283227484.583:99): avc:  denied  { sendto } for  pid=8951 comm="setroubleshootd" path="/dev/log" scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=unix_dgram_socket
type=AVC msg=audit(1283227484.583:99): avc:  denied  { write } for  pid=8951 comm="setroubleshootd" name="log" dev=tmpfs ino=11176 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=sock_file
type=SYSCALL msg=audit(1283227486.509:119): arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=b75c7728 a2=301ff4 a3=0 items=1 ppid=1 pid=9074 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1283227486.509:119): avc:  denied  { write } for  pid=9074 comm="setroubleshootd" name="log" dev=tmpfs ino=11176 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=sock_file
type=EXECVE msg=audit(1283227948.107:4467): argc=3 a0="/bin/sh" a1="/sbin/service" a2="setroubleshoot"
type=EXECVE msg=audit(1283227948.107:4467): argc=4 a0="/bin/sh" a1="/sbin/service" a2="setroubleshoot" a3="status"
type=PATH msg=audit(1283227948.138:4469): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=AVC msg=audit(1283227948.138:4469): avc:  denied  { getattr } for  pid=16733 comm="service" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283227948.139:4470): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=AVC msg=audit(1283227948.139:4470): avc:  denied  { execute } for  pid=16733 comm="service" name="setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283227948.140:4471): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=EXECVE msg=audit(1283227948.140:4471): argc=2 a0="/bin/bash" a1="/etc/init.d/setroubleshoot"
type=EXECVE msg=audit(1283227948.140:4471): argc=3 a0="/bin/bash" a1="/etc/init.d/setroubleshoot" a2="status"
type=SYSCALL msg=audit(1283227948.140:4471): arch=40000003 syscall=11 per=400000 success=yes exit=0 a0=bfd30c1b a1=bfd305b8 a2=824a858 a3=5 items=3 ppid=16733 pid=16738 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227948.140:4471): avc:  denied  { read } for  pid=16738 comm="env" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1283227948.140:4471): avc:  denied  { execute_no_trans } for  pid=16738 comm="env" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1283227948.141:4472): arch=40000003 syscall=54 per=400000 success=no exit=-25 a0=3 a1=5401 a2=bfce5b58 a3=bfce5b98 items=0 ppid=16733 pid=16738 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227948.141:4472): avc:  denied  { ioctl } for  pid=16738 comm="setroubleshoot" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283227948.147:4473): item=0 name="/var/run/setroubleshootd.pid" inode=2714652 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=SYSCALL msg=audit(1283227948.147:4473): arch=40000003 syscall=195 per=400000 success=yes exit=0 a0=8cabb78 a1=bfce3508 a2=b7f62ff4 a3=8cabb78 items=1 ppid=16733 pid=16738 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227948.147:4473): avc:  denied  { getattr } for  pid=16738 comm="setroubleshoot" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714652 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=PATH msg=audit(1283227948.147:4474): item=0 name="/var/run/setroubleshootd.pid" inode=2714652 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=SYSCALL msg=audit(1283227948.147:4474): arch=40000003 syscall=5 per=400000 success=yes exit=3 a0=8c950a0 a1=8000 a2=0 a3=8000 items=1 ppid=16733 pid=16738 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227948.147:4474): avc:  denied  { read } for  pid=16738 comm="setroubleshoot" name="setroubleshootd.pid" dev=sda1 ino=2714652 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=SYSCALL msg=audit(1283227948.147:4475): arch=40000003 syscall=54 per=400000 success=no exit=-25 a0=0 a1=5401 a2=bfce2c18 a3=bfce2c58 items=0 ppid=16733 pid=16738 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283227948.147:4475): avc:  denied  { ioctl } for  pid=16738 comm="setroubleshoot" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714652 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=EXECVE msg=audit(1283267601.209:18738): argc=3 a0="/bin/sh" a1="/sbin/service" a2="setroubleshoot"
type=EXECVE msg=audit(1283267601.209:18738): argc=4 a0="/bin/sh" a1="/sbin/service" a2="setroubleshoot" a3="status"
type=PATH msg=audit(1283267601.220:18740): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=AVC msg=audit(1283267601.220:18740): avc:  denied  { getattr } for  pid=3971 comm="service" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283267601.220:18741): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=AVC msg=audit(1283267601.220:18741): avc:  denied  { execute } for  pid=3971 comm="service" name="setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283267601.221:18742): item=0 name="/etc/init.d/setroubleshoot" inode=4677620 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:initrc_exec_t:s0
type=EXECVE msg=audit(1283267601.221:18742): argc=2 a0="/bin/bash" a1="/etc/init.d/setroubleshoot"
type=EXECVE msg=audit(1283267601.221:18742): argc=3 a0="/bin/bash" a1="/etc/init.d/setroubleshoot" a2="status"
type=SYSCALL msg=audit(1283267601.221:18742): arch=40000003 syscall=11 per=400000 success=yes exit=0 a0=bf8abc1b a1=bf8ab1f8 a2=917d858 a3=5 items=3 ppid=3971 pid=3976 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=106 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283267601.221:18742): avc:  denied  { read } for  pid=3976 comm="env" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1283267601.221:18742): avc:  denied  { execute_no_trans } for  pid=3976 comm="env" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1283267601.222:18743): arch=40000003 syscall=54 per=400000 success=no exit=-25 a0=3 a1=5401 a2=bfad2c78 a3=bfad2cb8 items=0 ppid=3971 pid=3976 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=106 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283267601.222:18743): avc:  denied  { ioctl } for  pid=3976 comm="setroubleshoot" path="/etc/rc.d/init.d/setroubleshoot" dev=sda1 ino=4677620 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_exec_t:s0 tclass=file
type=PATH msg=audit(1283267601.228:18744): item=0 name="/var/run/setroubleshootd.pid" inode=2714652 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=SYSCALL msg=audit(1283267601.228:18744): arch=40000003 syscall=195 per=400000 success=yes exit=0 a0=9e79b78 a1=bfad0628 a2=b7ed7ff4 a3=9e79b78 items=1 ppid=3971 pid=3976 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=106 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283267601.228:18744): avc:  denied  { getattr } for  pid=3976 comm="setroubleshoot" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714652 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=PATH msg=audit(1283267601.229:18745): item=0 name="/var/run/setroubleshootd.pid" inode=2714652 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:setroubleshoot_var_run_t:s0
type=SYSCALL msg=audit(1283267601.229:18745): arch=40000003 syscall=5 per=400000 success=yes exit=3 a0=9e630a0 a1=8000 a2=0 a3=8000 items=1 ppid=3971 pid=3976 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=106 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283267601.229:18745): avc:  denied  { read } for  pid=3976 comm="setroubleshoot" name="setroubleshootd.pid" dev=sda1 ino=2714652 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=SYSCALL msg=audit(1283267601.229:18746): arch=40000003 syscall=54 per=400000 success=no exit=-25 a0=0 a1=5401 a2=bfacfd38 a3=bfacfd78 items=0 ppid=3971 pid=3976 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=106 comm="setroubleshoot" exe="/bin/bash" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1283267601.229:18746): avc:  denied  { ioctl } for  pid=3976 comm="setroubleshoot" path="/var/run/setroubleshootd.pid" dev=sda1 ino=2714652 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:setroubleshoot_var_run_t:s0 tclass=file
type=EXECVE msg=audit(1283268733.078:19188): argc=2 a0="grep" a1="setroubleshoot"
type=PATH msg=audit(1283269030.310:19294): item=1 name="setroubleshoot.txt" inode=10171215 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:sysadm_home_dir_t:s0
type=AVC msg=audit(1283269030.310:19294): avc:  denied  { create } for  pid=4603 comm="bash" name="setroubleshoot.txt" scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysadm_home_dir_t:s0 tclass=file
type=AVC msg=audit(1283269030.310:19294): avc:  denied  { add_name } for  pid=4603 comm="bash" name="setroubleshoot.txt" scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=root:object_r:sysadm_home_dir_t:s0 tclass=dir
type=AVC msg=audit(1283269030.334:19297): avc:  denied  { getattr } for  pid=4603 comm="grep" path="/root/setroubleshoot.txt" dev=sda1 ino=10171215 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysadm_home_dir_t:s0 tclass=file
type=AVC msg=audit(1283269038.424:19300): avc:  denied  { write } for  pid=4603 comm="grep" path="/root/setroubleshoot.txt" dev=sda1 ino=10171215 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysadm_home_dir_t:s0 tclass=file

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux