FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 02-10-2008, 07:34 PM
"Tom London"
 
Default More consolekit_t and dbus_t AVCs (from today's Rawhide)

After doing today's rawhide thing, get this on targeted/enforcing boot/login:

#============= system_dbusd_t ==============
allow system_dbusd_t NetworkManager_t:dbus send_msg;
allow system_dbusd_t unconfined_t:dbus send_msg;

#============= xdm_t ==============
allow xdm_t consolekit_var_run_t:dir search;

[copy of /var/log/audit/audit.log attached.]

tom
--
Tom London
type=DAEMON_START msg=audit(1202673141.054:3366): auditd start, ver=1.6.7 format=raw kernel=2.6.24.1-26.fc9 auid=4294967295 pid=2162 res=success
type=CONFIG_CHANGE msg=audit(1202673141.155:5): audit_enabled=1 old=0 by auid=4294967295 subj=system_u:system_r:auditd_t:s0 res=1
type=CONFIG_CHANGE msg=audit(1202673141.155:6): audit_enabled=1 old=0 by auid=4294967295 res=1
type=CONFIG_CHANGE msg=audit(1202673141.406:7): audit_backlog_limit=320 old=64 by auid=4294967295 subj=system_u:system_r:auditctl_t:s0 res=1
type=CONFIG_CHANGE msg=audit(1202673141.406:8): audit_backlog_limit=320 old=64 by auid=4294967295 res=1
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.178:9): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Cups-PDF uri=cups-pdf:/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.421:10): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=HP5MP uri=hp:/par/HP_LaserJet_5MP?device=/dev/parport0 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.663:11): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_laserjet_1300 uri=hp:/usb/hp_LaserJet_1300?serial=00CNCB954325 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.775:12): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_LaserJet_1300_USB_1 uri=usb://HP/LaserJet%201300 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.070:13): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Kyocera_FS-C5030N_on_dc1 uri=socket://10.10.3.49:9100 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.353:14): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=SavinColor uri=ipp://10.10.3.47/ipp/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.477:15): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Innopath uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.478:16): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Local uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=USER_AVC msg=audit(1202673183.465:17): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.7 spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1202673183.465:18): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.7 spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1202673183.495:19): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=signal interface=org.freedesktop.NetworkManagerSettings member=NewConnection dest=org.freedesktop.DBus spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=AVC msg=audit(1202673238.082:20): avc: denied { search } for pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.082:20): arch=40000003 syscall=33 success=no exit=-13 a0=952c588 a1=4 a2=1ef264 a3=0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1202673238.083:21): avc: denied { search } for pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.083:21): arch=40000003 syscall=33 success=no exit=-13 a0=952c5b0 a1=4 a2=1ef264 a3=952c5b0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1202673238.084:22): avc: denied { search } for pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.084:22): arch=40000003 syscall=5 success=no exit=-13 a0=952c608 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=USER_AUTH msg=audit(1202673250.383:23): user pid=2787 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=? exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=failed)'
type=USER_LOGIN msg=audit(1202673250.385:24): user pid=2787 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='acct=unknown: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=failed)'
type=USER_AUTH msg=audit(1202673253.772:25): user pid=2826 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=? exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=failed)'
type=USER_LOGIN msg=audit(1202673253.775:26): user pid=2826 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='acct=unknown: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=failed)'
type=USER_AUTH msg=audit(1202673302.114:27): user pid=2827 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_ACCT msg=audit(1202673302.120:28): user pid=2827 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=CRED_ACQ msg=audit(1202673302.159:29): user pid=2827 uid=500 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=LOGIN msg=audit(1202673302.200:30): login pid=2827 uid=500 old auid=4294967295 new auid=500
type=USER_ROLE_CHANGE msg=audit(1202673302.291:31): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0 selected-context=unconfined_u:unconfined_r:unconfined_t:s0: exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=? res=success)'
type=USER_START msg=audit(1202673303.234:32): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_LOGIN msg=audit(1202673303.236:33): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=success)'
type=USER_AVC msg=audit(1202673317.011:34): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.42 spid=2633 tpid=3061 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AUTH msg=audit(1202674234.777:35): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:authentication acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_ACCT msg=audit(1202674234.785:36): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:accounting acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_START msg=audit(1202674234.914:37): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_open acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=CRED_ACQ msg=audit(1202674234.915:38): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 02-10-2008, 07:47 PM
"Tom London"
 
Default More consolekit_t and dbus_t AVCs (from today's Rawhide)

On Sun, Feb 10, 2008 at 12:34 PM, Tom London <selinux@gmail.com> wrote:
> After doing today's rawhide thing, get this on targeted/enforcing boot/login:
>
> #============= system_dbusd_t ==============
> allow system_dbusd_t NetworkManager_t:dbus send_msg;
> allow system_dbusd_t unconfined_t:dbus send_msg;
>
> #============= xdm_t ==============
> allow xdm_t consolekit_var_run_t:dir search;
>
> [copy of /var/log/audit/audit.log attached.]
>
Sorry, got a few more in permissive mode:

#============= system_dbusd_t ==============
allow system_dbusd_t NetworkManager_t:dbus send_msg;
allow system_dbusd_t unconfined_t:dbus send_msg;

#============= xdm_t ==============
allow xdm_t consolekit_var_run_t:dir search;
allow xdm_t consolekit_var_run_t:file { read getattr };

[complete audit.log attached.]

tom
--
Tom London
type=DAEMON_START msg=audit(1202673141.054:3366): auditd start, ver=1.6.7 format=raw kernel=2.6.24.1-26.fc9 auid=4294967295 pid=2162 res=success
type=CONFIG_CHANGE msg=audit(1202673141.155:5): audit_enabled=1 old=0 by auid=4294967295 subj=system_u:system_r:auditd_t:s0 res=1
type=CONFIG_CHANGE msg=audit(1202673141.155:6): audit_enabled=1 old=0 by auid=4294967295 res=1
type=CONFIG_CHANGE msg=audit(1202673141.406:7): audit_backlog_limit=320 old=64 by auid=4294967295 subj=system_u:system_r:auditctl_t:s0 res=1
type=CONFIG_CHANGE msg=audit(1202673141.406:8): audit_backlog_limit=320 old=64 by auid=4294967295 res=1
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.178:9): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Cups-PDF uri=cups-pdf:/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.421:10): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=HP5MP uri=hp:/par/HP_LaserJet_5MP?device=/dev/parport0 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.663:11): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_laserjet_1300 uri=hp:/usb/hp_LaserJet_1300?serial=00CNCB954325 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673160.775:12): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=hp_LaserJet_1300_USB_1 uri=usb://HP/LaserJet%201300 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.070:13): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Kyocera_FS-C5030N_on_dc1 uri=socket://10.10.3.49:9100 banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.353:14): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=SavinColor uri=ipp://10.10.3.47/ipp/ banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.477:15): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Innopath uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1202673161.478:16): user pid=2383 uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 msg='printer=Local uri=file:/dev/null banners=none,none range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1, terminal=? res=success)'
type=USER_AVC msg=audit(1202673183.465:17): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.7 spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1202673183.465:18): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.7 spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1202673183.495:19): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=signal interface=org.freedesktop.NetworkManagerSettings member=NewConnection dest=org.freedesktop.DBus spid=2633 tpid=2612 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=AVC msg=audit(1202673238.082:20): avc: denied { search } for pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.082:20): arch=40000003 syscall=33 success=no exit=-13 a0=952c588 a1=4 a2=1ef264 a3=0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1202673238.083:21): avc: denied { search } for pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.083:21): arch=40000003 syscall=33 success=no exit=-13 a0=952c5b0 a1=4 a2=1ef264 a3=952c5b0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1202673238.084:22): avc: denied { search } for pid=2815 comm="ck-history" name="ConsoleKit" dev=dm-0 ino=67157 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1202673238.084:22): arch=40000003 syscall=5 success=no exit=-13 a0=952c608 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=2815 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=USER_AUTH msg=audit(1202673250.383:23): user pid=2787 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=? exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=failed)'
type=USER_LOGIN msg=audit(1202673250.385:24): user pid=2787 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='acct=unknown: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=failed)'
type=USER_AUTH msg=audit(1202673253.772:25): user pid=2826 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=? exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=failed)'
type=USER_LOGIN msg=audit(1202673253.775:26): user pid=2826 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='acct=unknown: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=failed)'
type=USER_AUTH msg=audit(1202673302.114:27): user pid=2827 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_ACCT msg=audit(1202673302.120:28): user pid=2827 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=CRED_ACQ msg=audit(1202673302.159:29): user pid=2827 uid=500 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=LOGIN msg=audit(1202673302.200:30): login pid=2827 uid=500 old auid=4294967295 new auid=500
type=USER_ROLE_CHANGE msg=audit(1202673302.291:31): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0 selected-context=unconfined_u:unconfined_r:unconfined_t:s0: exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=? res=success)'
type=USER_START msg=audit(1202673303.234:32): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_LOGIN msg=audit(1202673303.236:33): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=success)'
type=USER_AVC msg=audit(1202673317.011:34): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.42 spid=2633 tpid=3061 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AUTH msg=audit(1202674234.777:35): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:authentication acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_ACCT msg=audit(1202674234.785:36): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:accounting acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_START msg=audit(1202674234.914:37): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_open acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=CRED_ACQ msg=audit(1202674234.915:38): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_AVC msg=audit(1202675939.602:39): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: received policyload notice (seqno=2) : exe="?" (sauid=81, hostname=?, addr=?, terminal=?)'
type=MAC_POLICY_LOAD msg=audit(1202675938.629:40): policy loaded auid=500
type=SYSCALL msg=audit(1202675938.629:40): arch=40000003 syscall=4 success=yes exit=3630069 a0=4 a1=b7810008 a2=3763f5 a3=bf986cc8 items=0 ppid=5248 pid=5262 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 comm="load_policy" exe="/usr/sbin/load_policy" subj=unconfined_u:unconfined_r:load_policy_t:s0 key=(null)
type=CRED_DISP msg=audit(1202675959.538:41): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_END msg=audit(1202675959.541:42): user pid=3981 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_close acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=ANOM_ABEND msg=audit(1202675960.026:43): auid=500 uid=500 gid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 pid=3042 comm="pulseaudio" sig=6
type=CRED_DISP msg=audit(1202675960.053:44): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_END msg=audit(1202675960.229:45): user pid=2827 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=AVC msg=audit(1202675963.963:46): avc: denied { read } for pid=5360 comm="ck-history" name="history" dev=dm-0 ino=67254 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=file
type=SYSCALL msg=audit(1202675963.963:46): arch=40000003 syscall=5 success=no exit=-13 a0=9f7f608 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=5360 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=USER_AUTH msg=audit(1202675981.187:47): user pid=5352 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=failed)'
type=USER_LOGIN msg=audit(1202675981.189:48): user pid=5352 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='acct=unknown: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=failed)'
type=USER_AUTH msg=audit(1202675994.748:49): user pid=5376 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_ACCT msg=audit(1202675994.757:50): user pid=5376 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=CRED_ACQ msg=audit(1202675994.759:51): user pid=5376 uid=500 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=LOGIN msg=audit(1202675994.795:52): login pid=5376 uid=500 old auid=4294967295 new auid=500
type=USER_ROLE_CHANGE msg=audit(1202675994.831:53): user pid=5376 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0 selected-context=unconfined_u:unconfined_r:unconfined_t:s0: exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=? res=success)'
type=USER_START msg=audit(1202675995.262:54): user pid=5376 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_LOGIN msg=audit(1202675995.269:55): user pid=5376 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=success)'
type=USER_AUTH msg=audit(1202676027.863:56): user pid=5823 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:authentication acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=failed)'
type=USER_AUTH msg=audit(1202676030.643:57): user pid=5830 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:authentication acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_ACCT msg=audit(1202676030.649:58): user pid=5830 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:accounting acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_START msg=audit(1202676030.668:59): user pid=5830 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_open acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=CRED_ACQ msg=audit(1202676030.668:60): user pid=5830 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=MAC_STATUS msg=audit(1202676087.274:61): enforcing=0 old_enforcing=1 auid=500
type=SYSCALL msg=audit(1202676087.274:61): arch=40000003 syscall=4 success=yes exit=1 a0=3 a1=bfdaa524 a2=1 a3=bfdaa524 items=0 ppid=5836 pid=5913 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 comm="setenforce" exe="/usr/sbin/setenforce" subj=unconfined_u:unconfined_r:unconfined_t:s0 key=(null)
type=USER_AVC msg=audit(1202676087.275:62): user pid=2178 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc: received setenforce notice (enforcing=0) : exe="?" (sauid=81, hostname=?, addr=?, terminal=?)'
type=CRED_DISP msg=audit(1202676092.610:63): user pid=5830 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_END msg=audit(1202676092.612:64): user pid=5830 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_close acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=ANOM_ABEND msg=audit(1202676093.303:65): auid=500 uid=500 gid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 pid=5550 comm="pulseaudio" sig=6
type=CRED_DISP msg=audit(1202676093.340:66): user pid=5376 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_END msg=audit(1202676093.361:67): user pid=5376 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_close acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=AVC msg=audit(1202676097.150:68): avc: denied { read } for pid=6003 comm="ck-history" name="history" dev=dm-0 ino=67254 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=file
type=SYSCALL msg=audit(1202676097.150:68): arch=40000003 syscall=5 success=yes exit=3 a0=9b1b608 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=6003 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1202676097.152:69): avc: denied { getattr } for pid=6003 comm="ck-history" path="/var/log/ConsoleKit/history" dev=dm-0 ino=67254 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_ubject_r:consolekit_var_run_t:s0 tclass=file
type=SYSCALL msg=audit(1202676097.152:69): arch=40000003 syscall=197 success=yes exit=0 a0=3 a1=bfb19cb8 a2=74aff4 a3=9b1cf00 items=0 ppid=1 pid=6003 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="ck-history" exe="/usr/bin/ck-history" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=USER_AUTH msg=audit(1202676118.914:70): user pid=5995 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_ACCT msg=audit(1202676118.921:71): user pid=5995 uid=0 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:accounting acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=CRED_ACQ msg=audit(1202676118.923:72): user pid=5995 uid=500 auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:setcred acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=LOGIN msg=audit(1202676118.959:73): login pid=5995 uid=500 old auid=4294967295 new auid=500
type=USER_ROLE_CHANGE msg=audit(1202676118.989:74): user pid=5995 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0 selected-context=unconfined_u:unconfined_r:unconfined_t:s0: exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=? res=success)'
type=USER_START msg=audit(1202676119.394:75): user pid=5995 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='op=PAM:session_open acct=tbl exe="/usr/libexec/gdm-session-worker" (hostname=?, addr=?, terminal=:0 res=success)'
type=USER_LOGIN msg=audit(1202676119.397:76): user pid=5995 uid=500 auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500: exe="/usr/libexec/gdm-session-worker" (hostname=, addr=?, terminal=/dev/tty7 res=success)'
type=USER_AUTH msg=audit(1202676132.236:77): user pid=6426 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:authentication acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_ACCT msg=audit(1202676132.243:78): user pid=6426 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:accounting acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=USER_START msg=audit(1202676132.264:79): user pid=6426 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:session_open acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
type=CRED_ACQ msg=audit(1202676132.265:80): user pid=6426 uid=500 auid=500 subj=unconfined_u:unconfined_r:unconfined_t:s0 msg='op=PAM:setcred acct=root exe="/bin/su" (hostname=?, addr=?, terminal=pts/0 res=success)'
--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 04:49 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org