Re: many avcs at startup, readahead and several others

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Sep 2, 2008 at 6:19 PM, Antonio Olivares
<olivares14031@xxxxxxxxx> wrote:
> --- On Tue, 9/2/08, Tom London <selinux@xxxxxxxxx> wrote:
>
>> From: Tom London <selinux@xxxxxxxxx>
>> Subject: Re: many avcs at startup, readahead and several others
>> To: olivares14031@xxxxxxxxx, "For testers of Fedora Core development releases" <fedora-test-list@xxxxxxxxxx>
>> Cc: fedora-selinux-list@xxxxxxxxxx
>> Date: Tuesday, September 2, 2008, 4:28 PM
>> On Tue, Sep 2, 2008 at 4:12 PM, Antonio Olivares
>> <olivares14031@xxxxxxxxx> wrote:
>> > Dear fellow selinux troubleshooters and testers,
>> >
>> > Using rawhide, I have seen several avcs at startup
>> namely readahead and others,  while I found out that the
>> sound problem is due to selinux getting in the way of pulse.
>>  Here's a few avcs.  Advise and/or workarounds
>> appreciated, setroubleshoot has not kicked in, these are
>> from dmesg | grep 'avcs'
>> >
>> > [root@localhost ~]# dmesg | grep 'avc'
>> > type=1400 audit(1220390408.063:4): avc:  denied  {
>> read write } for  pid=611 comm="readahead"
>> path="/dev/console" dev=tmpfs ino=408
>> scontext=system_u:system_r:readahead_t:s0
> .... removed to save BANDWITH  ........
>> >
>> >
>> > Thanks,
>> >
>> > Antonio
>> >
>> Try "restorecon -v -R ~"
>>
>> --
>> Tom London
>
> It did not work.  STILL I see the AVCS at startup :(
>
>
> Regards,
>
> Antonio
>
I'm running selinux-policy-targeted-3.5.5-3.fc10.noarch and
selinux-policy-3.5.5-3.fc10.noarch.

and on my system ~/.pulse is:
[tbl@tlondon ~]$ ls -ld .pulse
drwx------ 2 tbl tbl 4096 2008-09-02 19:48 .pulse
[tbl@tlondon ~]$ ls -ldZ .pulse
drwx------  tbl tbl system_u:object_r:gnome_home_t:s0 .pulse
[tbl@tlondon ~]$

On yours, it seems to be user_home_t.

type=1400 audit(1220391480.206:24): avc:  denied  { setattr } for
pid=3267 comm="npviewer.bin" name=".pulse" dev=dm-0 ino=7176200
scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir

You running the same policy?  Did you update from F9?

tom
-- 
Tom London

-- 
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: 
https://www.redhat.com/mailman/listinfo/fedora-test-list
[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux