Classification: UNCLASSIFIED Caveats: NONE Attached. I did notice some cron + bash related messages, so hopefully the answer is in there. They seemed to refer to our su wrapper, which I admit could be the problem, if cron is calling su in some way. I believe it's needed for some form of 2-factor authentication when using su. It was previously labeled as unconfined; yesterday I changed the labeling to match that of the su binary in the original RHEL6 coreutils package, but that didn't seem to help. I also tried reinstalling coreutils and using the standard su binary, but that didn't help either (I just get the same messages for "su" instead of "su.real"). bash-4.1# ls -lZ /bin/su* lrwxrwxrwx. root root unconfined_u:object_r:bin_t:s0 /bin/su -> /bin/su.wrapper -r-xr-xr-x. root root system_u:object_r:su_exec_t:s0 /bin/su.real -r-sr-xr-x. root root system_u:object_r:su_exec_t:s0 /bin/su.wrapper The attached file shows the commands run both with and without dontaudit disabled: 10:12:30 runcon -u system_u -r system_r -t system_cronjob_t /etc/cron.daily/puppet-state 10:14:25 semodule -B 10:15:06 runcon -u system_u -r system_r -t system_cronjob_t /etc/cron.daily/puppet-state 10:15:16 ausearch -m avc -ts recent &> /root/avc3.txt -- Ray Shaw (Contractor, STG) Army Research Laboratory CIO, Unix Support > -----Original Message----- > From: Jeremy Young [mailto:jrm16020@xxxxxxxxx] > Sent: Thursday, August 14, 2014 9:43 AM > To: Shaw, Ray V CTR USARMY ARL (US) > Cc: selinux@xxxxxxxxxxxxxxxxxxxxxxx > Subject: Re: cron issues with bash source (UNCLASSIFIED) > > There are a few ways that you could speed up your troubleshooting: > > 1. Schedule your job with a file in /etc/cron.d to run the script in > /etc/cron.daily on a much more frequent interval 2. Use runcon to run > your script with the same context that crond would have when executing. > For example: > runcon -u system_u -r system_r -t system_cronjob_t > /etc/cron.daily/logrotate > > After you run the scripts (or at the end of the scripts), can you run > this and provide the raw audit messages? > ausearch -m avc -ts recent > > > On Thu, Aug 14, 2014 at 8:17 AM, Shaw, Ray V CTR USARMY ARL (US) > <ray.v.shaw.ctr@xxxxxxxx> wrote: > > > Classification: UNCLASSIFIED > Caveats: NONE > > Background info: running RHEL6 with the latest updates, so > selinux-policy-targeted-3.7.19-231.el6_5.3.noarch. > > When moving from Permissive to Enforcing, two scripts in > /etc/cron.daily that use the bash "." operator to include a functions > file can no longer do so. The functions file sets $PATH and other > environment variables, so subsequent commands in the scripts fail. > > Interestingly, when run out of root's crontab, the scripts work > just fine. The context when doing that (gathered by placing id -Z in > the script) is: > > unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 > > Not sure why; the script itself isn't unlabeled: > > bash-4.1# ls -lZ /usr/local/sbin/puppet-state > -rwx------. root root system_u:object_r:bin_t:s0 > /usr/local/sbin/puppet-state > > When run from /etc/cron.daily (or cron.hourly, where I placed a > copy for faster testing), the context is: > > system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 > > bash-4.1# ls -lZ /etc/cron.hourly/puppet-state > -rwx------. root root system_u:object_r:bin_t:s0 > /etc/cron.hourly/puppet-state > > The exact command in question it's failing to run is: > > . /opt/puppet/scripts/functions > > Which is labeled thusly: > > bash-4.1# ls -lZ /opt/puppet/scripts/functions > -r-x------. root root unconfined_u:object_r:usr_t:s0 > /opt/puppet/scripts/functions > > In either Enforcing or Permissive, I wasn't seeing anything that > looked relevant, so I ran semodule -DB. This is the only thing cron- > related, but (and I'm not very experienced with SELinux, so maybe I'm > missing something) that doesn't seem like it: > > bash-4.1# cat /var/log/audit/audit.log-20140814 | grep cron | > audit2allow -w > type=AVC msg=audit(1407915503.212:155119): avc: denied { > rlimitinh } for pid=26239 comm="prelink" > scontext=system_u:system_r:prelink_cron_system_t:s0-s0:c0.c1023 > tcontext=system_u:system_r:prelink_t:s0-s0:c0.c1023 tclass=process > > Was caused by: > Missing type enforcement (TE) allow rule. > > You can use audit2allow to generate a loadable > module to allow this access. > > type=AVC msg=audit(1407915503.212:155119): avc: denied { siginh > } for pid=26239 comm="prelink" > scontext=system_u:system_r:prelink_cron_system_t:s0-s0:c0.c1023 > tcontext=system_u:system_r:prelink_t:s0-s0:c0.c1023 tclass=process > > Was caused by: > Missing type enforcement (TE) allow rule. > > You can use audit2allow to generate a loadable > module to allow this access. > > I suppose we could run them out of root's crontab, but they're > easier to manage in cron.daily, and I'd like to solve the problem. Any > assistance is greatly appreciated. A search of the list archives > didn't turn up this issue; sorry if I've missed it. > > -- > Ray Shaw (Contractor, STG) > Army Research Laboratory > > Classification: UNCLASSIFIED > Caveats: NONE > > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > > > > > -- > > Jeremy Young <mailto:jrm16020@xxxxxxxxx> , M.S., RHCSA > > Classification: UNCLASSIFIED Caveats: NONE
----
time->Thu Aug 14 10:05:49 2014
type=AVC msg=audit(1408025149.282:222359): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:06:52 2014
type=AVC msg=audit(1408025212.284:222391): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:07:55 2014
type=AVC msg=audit(1408025275.287:222430): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:08:58 2014
type=AVC msg=audit(1408025338.291:222463): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:10:01 2014
type=SOCKADDR msg=audit(1408025401.295:222496): saddr=02000259803F30480000000000000000
type=SYSCALL msg=audit(1408025401.295:222496): arch=c000003e syscall=42 success=yes exit=0 a0=7 a1=7f0cd8007140 a2=10 a3=7f0cdfba7f58 items=0 ppid=1 pid=1532 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=72733A6D61696E20513A526567 exe="/sbin/rsyslogd" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1408025401.295:222496): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:10:01 2014
type=PATH msg=audit(1408025401.886:222521): item=0 name="/root" inode=4849665 dev=fd:00 mode=040700 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:admin_home_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025401.886:222521): cwd="/root"
type=SYSCALL msg=audit(1408025401.886:222521): arch=c000003e syscall=4 success=yes exit=0 a0=2152f30 a1=7fff622a36a0 a2=7fff622a36a0 a3=355b8807c0 items=1 ppid=22769 pid=22776 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8479 comm="sa1" exe="/bin/bash" subj=system_u:system_r:sysstat_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025401.886:222521): avc: denied { getattr } for pid=22776 comm="sa1" path="/root" dev=dm-0 ino=4849665 scontext=system_u:system_r:sysstat_t:s0-s0:c0.c1023 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
----
time->Thu Aug 14 10:10:01 2014
type=PATH msg=audit(1408025401.886:222522): item=0 name="." inode=4849665 dev=fd:00 mode=040700 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:admin_home_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025401.886:222522): cwd="/root"
type=SYSCALL msg=audit(1408025401.886:222522): arch=c000003e syscall=4 success=yes exit=0 a0=4a3bcb a1=7fff622a3610 a2=7fff622a3610 a3=355b8807c0 items=1 ppid=22769 pid=22776 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8479 comm="sa1" exe="/bin/bash" subj=system_u:system_r:sysstat_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025401.886:222522): avc: denied { search } for pid=22776 comm="sa1" name="root" dev=dm-0 ino=4849665 scontext=system_u:system_r:sysstat_t:s0-s0:c0.c1023 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
----
time->Thu Aug 14 10:11:01 2014
type=AVC msg=audit(1408025461.876:222555): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:12:04 2014
type=AVC msg=audit(1408025524.878:222605): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:12:31 2014
type=PATH msg=audit(1408025551.400:222620): item=1 name=(null) inode=4063679 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL
type=PATH msg=audit(1408025551.400:222620): item=0 name="/bin/bash" inode=1048622 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025551.400:222620): cwd="/bin"
type=EXECVE msg=audit(1408025551.400:222620): argc=3 a0="bash" a1="-c" a2=72706D202D7161207C206772657020277075707065742D5B302D395D27207C20637574202D642D202D662032207C20637574202D632031
type=SYSCALL msg=audit(1408025551.400:222620): arch=40000003 syscall=11 success=yes exit=0 a0=ffc7c797 a1=8733578 a2=ffc7b1f0 a3=0 items=2 ppid=22923 pid=22926 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025551.400:222620): avc: denied { append } for pid=22926 comm="bash" path="/dev/pts/2" dev=devpts ino=5 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_devpts_t:s0 tclass=chr_file
type=AVC msg=audit(1408025551.400:222620): avc: denied { read write } for pid=22926 comm="bash" name="2" dev=devpts ino=5 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_devpts_t:s0 tclass=chr_file
type=AVC msg=audit(1408025551.400:222620): avc: denied { entrypoint } for pid=22926 comm="su.real" path="/bin/bash" dev=dm-0 ino=1048622 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1408025551.400:222620): avc: denied { transition } for pid=22926 comm="su.real" path="/bin/bash" dev=dm-0 ino=1048622 scontext=system_u:system_r:system_cronjob_t:s0 tcontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=process
----
time->Thu Aug 14 10:12:31 2014
type=PATH msg=audit(1408025551.411:222621): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025551.411:222621): cwd="/bin"
type=SYSCALL msg=audit(1408025551.411:222621): arch=c000003e syscall=21 success=yes exit=0 a0=1cf3d10 a1=1 a2=0 a3=9 items=1 ppid=22926 pid=22927 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025551.411:222621): avc: denied { execute } for pid=22927 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:12:31 2014
type=PATH msg=audit(1408025551.413:222622): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025551.413:222622): cwd="/bin"
type=SYSCALL msg=audit(1408025551.413:222622): arch=c000003e syscall=21 success=yes exit=0 a0=1cf3d10 a1=4 a2=0 a3=9 items=1 ppid=22926 pid=22927 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025551.413:222622): avc: denied { read } for pid=22927 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:12:31 2014
type=PATH msg=audit(1408025551.414:222623): item=1 name=(null) inode=4063679 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL
type=PATH msg=audit(1408025551.414:222623): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025551.414:222623): cwd="/bin"
type=EXECVE msg=audit(1408025551.414:222623): argc=2 a0="rpm" a1="-qa"
type=SYSCALL msg=audit(1408025551.414:222623): arch=c000003e syscall=59 success=yes exit=0 a0=1cf3d10 a1=1cf44d0 a2=1cf3860 a3=18 items=2 ppid=22926 pid=22927 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025551.414:222623): avc: denied { execute_no_trans } for pid=22927 comm="bash" path="/bin/rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
type=AVC msg=audit(1408025551.414:222623): avc: denied { open } for pid=22927 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:12:31 2014
type=PATH msg=audit(1408025551.449:222624): item=0 name="/var/lib/rpm/Packages" inode=389383 dev=fd:07 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_var_lib_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025551.449:222624): cwd="/bin"
type=SYSCALL msg=audit(1408025551.449:222624): arch=c000003e syscall=4 success=yes exit=0 a0=1187fb0 a1=7fff80ba8710 a2=7fff80ba8710 a3=16 items=1 ppid=22926 pid=22927 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025551.449:222624): avc: denied { getattr } for pid=22927 comm="rpm" path="/var/lib/rpm/Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
----
time->Thu Aug 14 10:12:31 2014
type=PATH msg=audit(1408025551.450:222625): item=0 name="/var/lib/rpm/Packages" inode=389383 dev=fd:07 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_var_lib_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025551.450:222625): cwd="/bin"
type=SYSCALL msg=audit(1408025551.450:222625): arch=c000003e syscall=2 success=yes exit=3 a0=1187fb0 a1=0 a2=0 a3=16 items=1 ppid=22926 pid=22927 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025551.450:222625): avc: denied { open } for pid=22927 comm="rpm" name="Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
type=AVC msg=audit(1408025551.450:222625): avc: denied { read } for pid=22927 comm="rpm" name="Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
----
time->Thu Aug 14 10:12:31 2014
type=SYSCALL msg=audit(1408025551.452:222626): arch=c000003e syscall=72 success=yes exit=0 a0=3 a1=6 a2=7fff80ba8cc0 a3=1 items=0 ppid=22926 pid=22927 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025551.452:222626): avc: denied { lock } for pid=22927 comm="rpm" path="/var/lib/rpm/Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
----
time->Thu Aug 14 10:12:33 2014
type=PATH msg=audit(1408025553.224:222638): item=1 name=(null) inode=4063679 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL
type=PATH msg=audit(1408025553.224:222638): item=0 name="/bin/bash" inode=1048622 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025553.224:222638): cwd="/bin"
type=EXECVE msg=audit(1408025553.224:222638): argc=3 a0="bash" a1="-c" a2=72706D202D71617C6772657020727562792D61726C7C736F72747C68656164202D317C637574202D642D202D6633
type=SYSCALL msg=audit(1408025553.224:222638): arch=40000003 syscall=11 success=yes exit=0 a0=ffaea7a0 a1=83ca578 a2=ffae8bb0 a3=0 items=2 ppid=22934 pid=22936 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025553.224:222638): avc: denied { append } for pid=22936 comm="bash" path="/dev/pts/2" dev=devpts ino=5 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_devpts_t:s0 tclass=chr_file
type=AVC msg=audit(1408025553.224:222638): avc: denied { read write } for pid=22936 comm="bash" name="2" dev=devpts ino=5 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_devpts_t:s0 tclass=chr_file
type=AVC msg=audit(1408025553.224:222638): avc: denied { entrypoint } for pid=22936 comm="su.real" path="/bin/bash" dev=dm-0 ino=1048622 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1408025553.224:222638): avc: denied { transition } for pid=22936 comm="su.real" path="/bin/bash" dev=dm-0 ino=1048622 scontext=system_u:system_r:system_cronjob_t:s0 tcontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=process
----
time->Thu Aug 14 10:12:33 2014
type=PATH msg=audit(1408025553.230:222639): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025553.230:222639): cwd="/bin"
type=SYSCALL msg=audit(1408025553.230:222639): arch=c000003e syscall=21 success=yes exit=0 a0=151bcf0 a1=1 a2=0 a3=9 items=1 ppid=22936 pid=22937 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025553.230:222639): avc: denied { execute } for pid=22937 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:12:33 2014
type=PATH msg=audit(1408025553.230:222640): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025553.230:222640): cwd="/bin"
type=SYSCALL msg=audit(1408025553.230:222640): arch=c000003e syscall=21 success=yes exit=0 a0=151bcf0 a1=4 a2=0 a3=9 items=1 ppid=22936 pid=22937 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025553.230:222640): avc: denied { read } for pid=22937 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:12:33 2014
type=PATH msg=audit(1408025553.230:222641): item=1 name=(null) inode=4063679 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL
type=PATH msg=audit(1408025553.230:222641): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025553.230:222641): cwd="/bin"
type=EXECVE msg=audit(1408025553.230:222641): argc=2 a0="rpm" a1="-qa"
type=SYSCALL msg=audit(1408025553.230:222641): arch=c000003e syscall=59 success=yes exit=0 a0=151bcf0 a1=151c4f0 a2=151b840 a3=18 items=2 ppid=22936 pid=22937 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025553.230:222641): avc: denied { execute_no_trans } for pid=22937 comm="bash" path="/bin/rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
type=AVC msg=audit(1408025553.230:222641): avc: denied { open } for pid=22937 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:12:33 2014
type=PATH msg=audit(1408025553.266:222642): item=0 name="/var/lib/rpm/Packages" inode=389383 dev=fd:07 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_var_lib_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025553.266:222642): cwd="/bin"
type=SYSCALL msg=audit(1408025553.266:222642): arch=c000003e syscall=4 success=yes exit=0 a0=1a30fb0 a1=7fff985a7f90 a2=7fff985a7f90 a3=16 items=1 ppid=22936 pid=22937 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025553.266:222642): avc: denied { getattr } for pid=22937 comm="rpm" path="/var/lib/rpm/Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
----
time->Thu Aug 14 10:12:33 2014
type=PATH msg=audit(1408025553.266:222643): item=0 name="/var/lib/rpm/Packages" inode=389383 dev=fd:07 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_var_lib_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025553.266:222643): cwd="/bin"
type=SYSCALL msg=audit(1408025553.266:222643): arch=c000003e syscall=2 success=yes exit=3 a0=1a30fb0 a1=0 a2=0 a3=16 items=1 ppid=22936 pid=22937 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025553.266:222643): avc: denied { open } for pid=22937 comm="rpm" name="Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
type=AVC msg=audit(1408025553.266:222643): avc: denied { read } for pid=22937 comm="rpm" name="Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
----
time->Thu Aug 14 10:12:33 2014
type=SYSCALL msg=audit(1408025553.268:222644): arch=c000003e syscall=72 success=yes exit=0 a0=3 a1=6 a2=7fff985a8540 a3=1 items=0 ppid=22936 pid=22937 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025553.268:222644): avc: denied { lock } for pid=22937 comm="rpm" path="/var/lib/rpm/Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
----
time->Thu Aug 14 10:13:07 2014
type=AVC msg=audit(1408025587.882:222683): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:14:10 2014
type=AVC msg=audit(1408025650.886:222720): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
----
time->Thu Aug 14 10:15:07 2014
type=PATH msg=audit(1408025707.657:223717): item=1 name=(null) inode=4063679 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL
type=PATH msg=audit(1408025707.657:223717): item=0 name="/bin/bash" inode=1048622 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025707.657:223717): cwd="/bin"
type=EXECVE msg=audit(1408025707.657:223717): argc=3 a0="bash" a1="-c" a2=72706D202D7161207C206772657020277075707065742D5B302D395D27207C20637574202D642D202D662032207C20637574202D632031
type=SYSCALL msg=audit(1408025707.657:223717): arch=40000003 syscall=11 success=yes exit=0 a0=ff986797 a1=8a89578 a2=ff985370 a3=0 items=2 ppid=23105 pid=23108 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025707.657:223717): avc: denied { append } for pid=23108 comm="bash" path="/dev/pts/2" dev=devpts ino=5 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_devpts_t:s0 tclass=chr_file
type=AVC msg=audit(1408025707.657:223717): avc: denied { read write } for pid=23108 comm="bash" name="2" dev=devpts ino=5 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_devpts_t:s0 tclass=chr_file
type=AVC msg=audit(1408025707.657:223717): avc: denied { entrypoint } for pid=23108 comm="su.real" path="/bin/bash" dev=dm-0 ino=1048622 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1408025707.657:223717): avc: denied { transition } for pid=23108 comm="su.real" path="/bin/bash" dev=dm-0 ino=1048622 scontext=system_u:system_r:system_cronjob_t:s0 tcontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=process
----
time->Thu Aug 14 10:15:07 2014
type=PATH msg=audit(1408025707.677:223718): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025707.677:223718): cwd="/bin"
type=SYSCALL msg=audit(1408025707.677:223718): arch=c000003e syscall=21 success=yes exit=0 a0=1525d10 a1=1 a2=0 a3=9 items=1 ppid=23108 pid=23109 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025707.677:223718): avc: denied { execute } for pid=23109 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:15:07 2014
type=PATH msg=audit(1408025707.677:223719): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025707.677:223719): cwd="/bin"
type=SYSCALL msg=audit(1408025707.677:223719): arch=c000003e syscall=21 success=yes exit=0 a0=1525d10 a1=4 a2=0 a3=9 items=1 ppid=23108 pid=23109 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025707.677:223719): avc: denied { read } for pid=23109 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:15:07 2014
type=PATH msg=audit(1408025707.677:223720): item=1 name=(null) inode=4063679 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL
type=PATH msg=audit(1408025707.677:223720): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025707.677:223720): cwd="/bin"
type=EXECVE msg=audit(1408025707.677:223720): argc=2 a0="rpm" a1="-qa"
type=SYSCALL msg=audit(1408025707.677:223720): arch=c000003e syscall=59 success=yes exit=0 a0=1525d10 a1=15264d0 a2=1525860 a3=18 items=2 ppid=23108 pid=23109 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025707.677:223720): avc: denied { execute_no_trans } for pid=23109 comm="bash" path="/bin/rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
type=AVC msg=audit(1408025707.677:223720): avc: denied { open } for pid=23109 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:15:07 2014
type=PATH msg=audit(1408025707.717:223721): item=0 name="/var/lib/rpm/Packages" inode=389383 dev=fd:07 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_var_lib_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025707.717:223721): cwd="/bin"
type=SYSCALL msg=audit(1408025707.717:223721): arch=c000003e syscall=2 success=yes exit=3 a0=82afb0 a1=0 a2=0 a3=16 items=1 ppid=23108 pid=23109 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025707.717:223721): avc: denied { open } for pid=23109 comm="rpm" name="Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
----
time->Thu Aug 14 10:15:09 2014
type=PATH msg=audit(1408025709.381:223733): item=1 name=(null) inode=4063679 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL
type=PATH msg=audit(1408025709.381:223733): item=0 name="/bin/bash" inode=1048622 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025709.381:223733): cwd="/bin"
type=EXECVE msg=audit(1408025709.381:223733): argc=3 a0="bash" a1="-c" a2=72706D202D71617C6772657020727562792D61726C7C736F72747C68656164202D317C637574202D642D202D6633
type=SYSCALL msg=audit(1408025709.381:223733): arch=40000003 syscall=11 success=yes exit=0 a0=fff817a0 a1=8326578 a2=fff800c0 a3=0 items=2 ppid=23114 pid=23116 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025709.381:223733): avc: denied { append } for pid=23116 comm="bash" path="/dev/pts/2" dev=devpts ino=5 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_devpts_t:s0 tclass=chr_file
type=AVC msg=audit(1408025709.381:223733): avc: denied { read write } for pid=23116 comm="bash" name="2" dev=devpts ino=5 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:initrc_devpts_t:s0 tclass=chr_file
type=AVC msg=audit(1408025709.381:223733): avc: denied { entrypoint } for pid=23116 comm="su.real" path="/bin/bash" dev=dm-0 ino=1048622 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file
type=AVC msg=audit(1408025709.381:223733): avc: denied { transition } for pid=23116 comm="su.real" path="/bin/bash" dev=dm-0 ino=1048622 scontext=system_u:system_r:system_cronjob_t:s0 tcontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=process
----
time->Thu Aug 14 10:15:09 2014
type=PATH msg=audit(1408025709.392:223734): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025709.392:223734): cwd="/bin"
type=SYSCALL msg=audit(1408025709.392:223734): arch=c000003e syscall=21 success=yes exit=0 a0=c45cf0 a1=1 a2=0 a3=9 items=1 ppid=23116 pid=23117 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025709.392:223734): avc: denied { execute } for pid=23117 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:15:09 2014
type=PATH msg=audit(1408025709.392:223735): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025709.392:223735): cwd="/bin"
type=SYSCALL msg=audit(1408025709.392:223735): arch=c000003e syscall=21 success=yes exit=0 a0=c45cf0 a1=4 a2=0 a3=9 items=1 ppid=23116 pid=23117 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="bash" exe="/bin/bash" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025709.392:223735): avc: denied { read } for pid=23117 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:15:09 2014
type=PATH msg=audit(1408025709.392:223736): item=1 name=(null) inode=4063679 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 nametype=NORMAL
type=PATH msg=audit(1408025709.392:223736): item=0 name="/bin/rpm" inode=1048704 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_exec_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025709.392:223736): cwd="/bin"
type=EXECVE msg=audit(1408025709.392:223736): argc=2 a0="rpm" a1="-qa"
type=SYSCALL msg=audit(1408025709.392:223736): arch=c000003e syscall=59 success=yes exit=0 a0=c45cf0 a1=c464f0 a2=c45840 a3=18 items=2 ppid=23116 pid=23117 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025709.392:223736): avc: denied { execute_no_trans } for pid=23117 comm="bash" path="/bin/rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
type=AVC msg=audit(1408025709.392:223736): avc: denied { open } for pid=23117 comm="bash" name="rpm" dev=dm-0 ino=1048704 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file
----
time->Thu Aug 14 10:15:09 2014
type=PATH msg=audit(1408025709.411:223737): item=0 name="/var/lib/rpm/Packages" inode=389383 dev=fd:07 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:rpm_var_lib_t:s0 nametype=NORMAL
type=CWD msg=audit(1408025709.411:223737): cwd="/bin"
type=SYSCALL msg=audit(1408025709.411:223737): arch=c000003e syscall=2 success=yes exit=3 a0=1560fb0 a1=0 a2=0 a3=16 items=1 ppid=23116 pid=23117 auid=7538 uid=52 gid=52 euid=52 suid=52 fsuid=52 egid=52 sgid=52 fsgid=52 tty=pts2 ses=2019 comm="rpm" exe="/bin/rpm" subj=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1408025709.411:223737): avc: denied { open } for pid=23117 comm="rpm" name="Packages" dev=dm-7 ino=389383 scontext=unconfined_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file
----
time->Thu Aug 14 10:15:13 2014
type=AVC msg=audit(1408025713.893:223739): avc: denied { name_connect } for pid=1532 comm=72733A6D61696E20513A526567 dest=601 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:hi_reserved_port_t:s0 tclass=tcp_socket
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
