FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor


 
 
LinkBack Thread Tools
 
Old 01-31-2008, 09:08 PM
Paul Howarth
 
Default AVC from smartd

One of the drives in my RAID1 array failed this evening, so smartd let
me know about it by email. Along the way, it generated an AVC (F8):

type=AVC msg=audit(1201808872.737:2426): avc: denied { read } for
pid=27830 comm="sh" name="urandom" dev=tmpfs ino=2374
scontext=system_u:system_r:fsdaemon_t:s0
tcontext=system_ubject_r:urandom_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1201808872.737:2426): arch=c000003e syscall=2
success=no exit=-13 a0=48cb94 a1=0 a2=6cb6 a3=3324f529f0 items=0
ppid=27829 pid=27830 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash"
subj=system_u:system_r:fsdaemon_t:s0 key=(null)

Not quite sure why it needed to access /dev/urandom, and it doesn't
appear to have stopped the mail being sent, so maybe this is one to be
dontaudit-ed?

Paul.

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 01:15 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org