audit messages I do not understand

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi, I'm running rawhide, selinux=enforcing & permissive.  I get these
messages in the syslog: (sorry for the line wrap)

audit(1131013510.816:2): avc:  denied  { use } for  pid=409
comm="hwclock" name="hda3" dev=tmpfs ino=594
scontext=system_u:system_r:hwclock_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd

audit(1131035126.658:3): avc:  denied  { read } for  pid=1166
comm="restorecon" name="hda3" dev=tmpfs ino=594
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

audit(1131035127.718:4): avc:  denied  { use } for  pid=1174 comm="fsck"
name="hda3" dev=tmpfs ino=594 scontext=system_u:system_r:fsadm_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd

audit(1131035128.574:5): avc:  denied  { read } for  pid=1195
comm="restorecon" name="hda3" dev=tmpfs ino=594
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

audit(1131035128.802:6): avc:  denied  { read } for  pid=1196
comm="restorecon" name="hda3" dev=tmpfs ino=594
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

audit(1131035130.474:7): avc:  denied  { read } for  pid=1250
comm="restorecon" name="hda3" dev=tmpfs ino=594
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

audit(1131035130.878:8): avc:  denied  { read } for  pid=1255
comm="restorecon" name="hda3" dev=tmpfs ino=594
scontext=system_u:system_r:restorecon_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file

audit(1131035131.106:9): avc:  denied  { use } for  pid=1257
comm="swapon" name="hda3" dev=tmpfs ino=594
scontext=system_u:system_r:fsadm_t:s0
tcontext=system_u:system_r:kernel_t:s0 tclass=fd


I'm really trying to understand SELinux.  I've seen that something like
this is because the "file" needs to be relabeled.  But the name seems to
be the partition name "hda3" and the dev is the tmpfs.  It is
puzzling.  

What should I look for, or where should I start to trouble shoot this?

Thanks.
-- 
Brian Millett - [ Businessman and Lyta Alexander, "The Gathering"]
"Someday I'm going to find the guy that thought up the idea of renting
telepaths to businessman and I'm going to kill him."
'Funny, I just knew you were going to say that.'


-- 
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: 
https://www.redhat.com/mailman/listinfo/fedora-test-list
[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]