Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora SELinux Support (http://www.linux-archive.org/fedora-selinux-support/)
-   -   making a file context change work for initrc_t and unconfined_t (http://www.linux-archive.org/fedora-selinux-support/627493-making-file-context-change-work-initrc_t-unconfined_t.html)

Maria Iano 01-31-2012 09:33 PM

making a file context change work for initrc_t and unconfined_t
 
I have a RHEL 6.2 server running LikewiseOpen. It appears to me that I
will take care of a large number of denials if I can change the type
of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.


I added the file context rule with semanage, and used restorecon to
change it to lsassd_var_socket_t as desired. But later I found that /
var/lib/likewise/.lsassd had type var_lib_t again. I assume that is
because the likewise processes run as initrc_t.


I'd like to change the policy and tell it that services running in
either initrc_t or unconfined_t domains should create the file /var/
lib/likewise/.lsassd with type lsassd_var_socket_t. (A command line
tool lwsm for managing the processes runs in unconfined_t so I'd like
to include that domain to be safe. ) How can I go about doing that in
RHEL 6 (or can I)?


Thanks,
Maria
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Daniel J Walsh 02-01-2012 03:30 PM

making a file context change work for initrc_t and unconfined_t
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/31/2012 05:33 PM, Maria Iano wrote:
> I have a RHEL 6.2 server running LikewiseOpen. It appears to me
> that I will take care of a large number of denials if I can change
> the type of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.
>
> I added the file context rule with semanage, and used restorecon
> to change it to lsassd_var_socket_t as desired. But later I found
> that /var/lib/likewise/.lsassd had type var_lib_t again. I assume
> that is because the likewise processes run as initrc_t.
>
> I'd like to change the policy and tell it that services running in
> either initrc_t or unconfined_t domains should create the file
> /var/lib/likewise/.lsassd with type lsassd_var_socket_t. (A command
> line tool lwsm for managing the processes runs in unconfined_t so
> I'd like to include that domain to be safe. ) How can I go about
> doing that in RHEL 6 (or can I)?
>
> Thanks, Maria -- selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux

What label do you have on /var/lib/likewise?


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8paJ0ACgkQrlYvE4MpobOddQCffhDbvifkpq 4nQFHUZYa/eUSI
gn8AoNCgCN2tVhy16gLJx3HIOOBs6fa2
=kRm0
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Maria Iano 02-01-2012 03:37 PM

making a file context change work for initrc_t and unconfined_t
 
On Feb 1, 2012, at 11:30 AM, Daniel J Walsh wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/31/2012 05:33 PM, Maria Iano wrote:

I have a RHEL 6.2 server running LikewiseOpen. It appears to me
that I will take care of a large number of denials if I can change
the type of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.

I added the file context rule with semanage, and used restorecon
to change it to lsassd_var_socket_t as desired. But later I found
that /var/lib/likewise/.lsassd had type var_lib_t again. I assume
that is because the likewise processes run as initrc_t.

I'd like to change the policy and tell it that services running in
either initrc_t or unconfined_t domains should create the file
/var/lib/likewise/.lsassd with type lsassd_var_socket_t. (A command
line tool lwsm for managing the processes runs in unconfined_t so
I'd like to include that domain to be safe. ) How can I go about
doing that in RHEL 6 (or can I)?

Thanks, Maria -- selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux


What label do you have on /var/lib/likewise?


system_u:object_r:var_lib_t:s0
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Daniel J Walsh 02-01-2012 03:50 PM

making a file context change work for initrc_t and unconfined_t
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/01/2012 11:37 AM, Maria Iano wrote:
>
> On Feb 1, 2012, at 11:30 AM, Daniel J Walsh wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>> On 01/31/2012 05:33 PM, Maria Iano wrote:
>>> I have a RHEL 6.2 server running LikewiseOpen. It appears to
>>> me that I will take care of a large number of denials if I can
>>> change the type of /var/lib/likewise/.lsassd to be
>>> lsassd_var_socket_t.
>>>
>>> I added the file context rule with semanage, and used
>>> restorecon to change it to lsassd_var_socket_t as desired. But
>>> later I found that /var/lib/likewise/.lsassd had type var_lib_t
>>> again. I assume that is because the likewise processes run as
>>> initrc_t.
>>>
>>> I'd like to change the policy and tell it that services running
>>> in either initrc_t or unconfined_t domains should create the
>>> file /var/lib/likewise/.lsassd with type lsassd_var_socket_t.
>>> (A command line tool lwsm for managing the processes runs in
>>> unconfined_t so I'd like to include that domain to be safe. )
>>> How can I go about doing that in RHEL 6 (or can I)?
>>>
>>> Thanks, Maria -- selinux mailing list
>>> selinux@lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>> What label do you have on /var/lib/likewise?
>
> system_u:object_r:var_lib_t:s0
In that case why not just label it lsassd_var_lib_t

Currently the labeling is

/var/lib/likewise-open(/.*)?
gen_context(system_u:object_r:likewise_var_lib_t,s 0)


If you label it similar, then you have a step in the right direction.

I am not sure who wrote policy for the likewise domain, but I think I
would eliminate all of the different labels. But I guess that is the
way it is.

If unconfined_t is creating a socket in the directory then I guess it
would be listening on the socket, but other domains would not be
allowed to communicate.

One potential option if you got all of the labeling correct would be
to use restorecond.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8pbT0ACgkQrlYvE4MpobMsQACfVA416d9ger yTUiCEbRbiv22I
qdIAoMr3WAJI28iH7P0Bg33f6h8ehu+I
=RtZf
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Dominick Grift 02-01-2012 05:32 PM

making a file context change work for initrc_t and unconfined_t
 
On Tue, 2012-01-31 at 17:33 -0500, Maria Iano wrote:
> I have a RHEL 6.2 server running LikewiseOpen. It appears to me that I
> will take care of a large number of denials if I can change the type
> of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.
>
> I added the file context rule with semanage, and used restorecon to
> change it to lsassd_var_socket_t as desired. But later I found that /
> var/lib/likewise/.lsassd had type var_lib_t again. I assume that is
> because the likewise processes run as initrc_t.

Why are the likewise processes running in initrc_t?

Are the likewise executable files in their proper location:

/usr/sbin/dcerpcd -- gen_context(system_u:object_r:dcerpcd_exec_t,s0)
/usr/sbin/eventlogd --
gen_context(system_u:object_r:eventlogd_exec_t,s0)
/usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)
/usr/sbin/lwiod -- gen_context(system_u:object_r:lwiod_exec_t,s0)
/usr/sbin/lwregd -- gen_context(system_u:object_r:lwregd_exec_t,s0)
/usr/sbin/lwsmd -- gen_context(system_u:object_r:lwsmd_exec_t,s0)
/usr/sbin/netlogond --
gen_context(system_u:object_r:netlogond_exec_t,s0)
/usr/sbin/srvsvcd -- gen_context(system_u:object_r:srvsvcd_exec_t,s0)

> I'd like to change the policy and tell it that services running in
> either initrc_t or unconfined_t domains should create the file /var/
> lib/likewise/.lsassd with type lsassd_var_socket_t. (A command line
> tool lwsm for managing the processes runs in unconfined_t so I'd like
> to include that domain to be safe. ) How can I go about doing that in
> RHEL 6 (or can I)?

That is not possible but if you label /var/lib/likewise:

semanage fcontext -a -t likewise_var_lib_t "/var/lib/likewise(/.*)?"

And configure restorecond to watch /var/lib/likewise then the file will
be reset to the proper type when restorecond notices that its
mislabeled.

The policy for likewise was written by the people of likewise. I helped
with it a bit. I think we collaborated on the selinux maillist but i
could not find the thread about it in short noticed. (i was looking for
the e-mail address of the likewise policy author so that i can ask him
to see if the policy is still up-to-date)

It may be that the policy is not maintained optimally.

Maybe you can help us revisit it?

> Thanks,
> Maria
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux


--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Maria Iano 02-01-2012 06:53 PM

making a file context change work for initrc_t and unconfined_t
 
On Feb 1, 2012, at 11:50 AM, Daniel J Walsh wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/01/2012 11:37 AM, Maria Iano wrote:


On Feb 1, 2012, at 11:30 AM, Daniel J Walsh wrote:


-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On 01/31/2012 05:33 PM, Maria Iano wrote:

I have a RHEL 6.2 server running LikewiseOpen. It appears to
me that I will take care of a large number of denials if I can
change the type of /var/lib/likewise/.lsassd to be
lsassd_var_socket_t.

I added the file context rule with semanage, and used
restorecon to change it to lsassd_var_socket_t as desired. But
later I found that /var/lib/likewise/.lsassd had type var_lib_t
again. I assume that is because the likewise processes run as
initrc_t.

I'd like to change the policy and tell it that services running
in either initrc_t or unconfined_t domains should create the
file /var/lib/likewise/.lsassd with type lsassd_var_socket_t.
(A command line tool lwsm for managing the processes runs in
unconfined_t so I'd like to include that domain to be safe. )
How can I go about doing that in RHEL 6 (or can I)?

Thanks, Maria -- selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux


What label do you have on /var/lib/likewise?


system_u:object_r:var_lib_t:s0

In that case why not just label it lsassd_var_lib_t

Currently the labeling is

/var/lib/likewise-open(/.*)?
gen_context(system_u:object_r:likewise_var_lib_t,s 0)


If you label it similar, then you have a step in the right direction.

I am not sure who wrote policy for the likewise domain, but I think I
would eliminate all of the different labels. But I guess that is the
way it is.

If unconfined_t is creating a socket in the directory then I guess it
would be listening on the socket, but other domains would not be
allowed to communicate.

One potential option if you got all of the labeling correct would be
to use restorecond.



I actually had somehow not noticed those file contexts for the
likewise-open directories, thank you. I added all of the file contexts
for likewise (which involved replacing likewise-open with likewise to
match my system). I also turned on the restorecond service. When
restorecond is not running the file /var/lib/likewise/.lsassd does
get relabeled incorrectly but now that restorecond is running it's
being fixed immediately. Thank you!


--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Maria Iano 02-01-2012 07:05 PM

making a file context change work for initrc_t and unconfined_t
 
On Feb 1, 2012, at 1:32 PM, Dominick Grift wrote:


On Tue, 2012-01-31 at 17:33 -0500, Maria Iano wrote:
I have a RHEL 6.2 server running LikewiseOpen. It appears to me
that I

will take care of a large number of denials if I can change the type
of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.

I added the file context rule with semanage, and used restorecon to
change it to lsassd_var_socket_t as desired. But later I found that /
var/lib/likewise/.lsassd had type var_lib_t again. I assume that is
because the likewise processes run as initrc_t.


Why are the likewise processes running in initrc_t?

Are the likewise executable files in their proper location:

/usr/sbin/dcerpcd --
gen_context(system_u:object_r:dcerpcd_exec_t,s0)

/usr/sbin/eventlogd --
gen_context(system_u:object_r:eventlogd_exec_t,s0)
/usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)
/usr/sbin/lwiod -- gen_context(system_u:object_r:lwiod_exec_t,s0)
/usr/sbin/lwregd -- gen_context(system_u:object_r:lwregd_exec_t,s0)
/usr/sbin/lwsmd -- gen_context(system_u:object_r:lwsmd_exec_t,s0)
/usr/sbin/netlogond --
gen_context(system_u:object_r:netlogond_exec_t,s0)
/usr/sbin/srvsvcd --
gen_context(system_u:object_r:srvsvcd_exec_t,s0)



I'd like to change the policy and tell it that services running in
either initrc_t or unconfined_t domains should create the file /var/
lib/likewise/.lsassd with type lsassd_var_socket_t. (A command line
tool lwsm for managing the processes runs in unconfined_t so I'd like
to include that domain to be safe. ) How can I go about doing that in
RHEL 6 (or can I)?


That is not possible but if you label /var/lib/likewise:

semanage fcontext -a -t likewise_var_lib_t "/var/lib/likewise(/.*)?"

And configure restorecond to watch /var/lib/likewise then the file
will

be reset to the proper type when restorecond notices that its
mislabeled.

The policy for likewise was written by the people of likewise. I
helped

with it a bit. I think we collaborated on the selinux maillist but i
could not find the thread about it in short noticed. (i was looking
for

the e-mail address of the likewise policy author so that i can ask him
to see if the policy is still up-to-date)

It may be that the policy is not maintained optimally.

Maybe you can help us revisit it?


Those files are all under /opt/likewise/sbin on this system (although
there is no srvsvcd):

/opt/likewise/sbin/dcerpcd
/opt/likewise/sbin/eventlogd
/opt/likewise/sbin/lsassd
/opt/likewise/sbin/lwiod
/opt/likewise/sbin/lwregd
/opt/likewise/sbin/lwsmd
/opt/likewise/sbin/netlogond

Also the directories corresponding to /etc/likewise-open and /var/lib/
likewise-open are actually /etc/likewise and /var/lib/likewise on my
system.


My system is RHEL 6.2 and I installed LikewiseOpen by downloading
LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh, making it executable, and
typing:

./LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh install

So I think it is installed with all the defaults.

I would be very happy to help. I would really like for selinux and
likewise to coexist comfortably.


Thanks!
Maria
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Dominick Grift 02-01-2012 08:53 PM

making a file context change work for initrc_t and unconfined_t
 
On Wed, 2012-02-01 at 15:05 -0500, Maria Iano wrote:
> On Feb 1, 2012, at 1:32 PM, Dominick Grift wrote:
>
> > On Tue, 2012-01-31 at 17:33 -0500, Maria Iano wrote:
> >> I have a RHEL 6.2 server running LikewiseOpen. It appears to me
> >> that I
> >> will take care of a large number of denials if I can change the type
> >> of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.
> >>
> >> I added the file context rule with semanage, and used restorecon to
> >> change it to lsassd_var_socket_t as desired. But later I found that /
> >> var/lib/likewise/.lsassd had type var_lib_t again. I assume that is
> >> because the likewise processes run as initrc_t.
> >
> > Why are the likewise processes running in initrc_t?
> >
> > Are the likewise executable files in their proper location:
> >
> > /usr/sbin/dcerpcd --
> > gen_context(system_u:object_r:dcerpcd_exec_t,s0)
> > /usr/sbin/eventlogd --
> > gen_context(system_u:object_r:eventlogd_exec_t,s0)
> > /usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)
> > /usr/sbin/lwiod -- gen_context(system_u:object_r:lwiod_exec_t,s0)
> > /usr/sbin/lwregd -- gen_context(system_u:object_r:lwregd_exec_t,s0)
> > /usr/sbin/lwsmd -- gen_context(system_u:object_r:lwsmd_exec_t,s0)
> > /usr/sbin/netlogond --
> > gen_context(system_u:object_r:netlogond_exec_t,s0)
> > /usr/sbin/srvsvcd --
> > gen_context(system_u:object_r:srvsvcd_exec_t,s0)
> >
> >> I'd like to change the policy and tell it that services running in
> >> either initrc_t or unconfined_t domains should create the file /var/
> >> lib/likewise/.lsassd with type lsassd_var_socket_t. (A command line
> >> tool lwsm for managing the processes runs in unconfined_t so I'd like
> >> to include that domain to be safe. ) How can I go about doing that in
> >> RHEL 6 (or can I)?
> >
> > That is not possible but if you label /var/lib/likewise:
> >
> > semanage fcontext -a -t likewise_var_lib_t "/var/lib/likewise(/.*)?"
> >
> > And configure restorecond to watch /var/lib/likewise then the file
> > will
> > be reset to the proper type when restorecond notices that its
> > mislabeled.
> >
> > The policy for likewise was written by the people of likewise. I
> > helped
> > with it a bit. I think we collaborated on the selinux maillist but i
> > could not find the thread about it in short noticed. (i was looking
> > for
> > the e-mail address of the likewise policy author so that i can ask him
> > to see if the policy is still up-to-date)
> >
> > It may be that the policy is not maintained optimally.
> >
> > Maybe you can help us revisit it?
>
> Those files are all under /opt/likewise/sbin on this system (although
> there is no srvsvcd):
> /opt/likewise/sbin/dcerpcd
> /opt/likewise/sbin/eventlogd
> /opt/likewise/sbin/lsassd
> /opt/likewise/sbin/lwiod
> /opt/likewise/sbin/lwregd
> /opt/likewise/sbin/lwsmd
> /opt/likewise/sbin/netlogond
>
> Also the directories corresponding to /etc/likewise-open and /var/lib/
> likewise-open are actually /etc/likewise and /var/lib/likewise on my
> system.
>
> My system is RHEL 6.2 and I installed LikewiseOpen by downloading
> LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh, making it executable, and
> typing:
> ./LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh install
>
> So I think it is installed with all the defaults.
>
> I would be very happy to help. I would really like for selinux and
> likewise to coexist comfortably.

Why that's great

Here is a list with all file contexts for likewise files:

http://git.fedorahosted.org/git/?p=selinux-policy.git;a=blob;f=policy/modules/services/likewise.fc;h=57491fc406f6d309b258f6be978524a0b916 d531;hb=6a8b33a937d800e1f7ec5a148b73abedc1ea4f09

Basically what i would do if i were you is add file context
specifications using "semanage fcontext" or a custom .fc file of all the
entries in there matching files on your system:

example:

/usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)

would be:

semanage fcontext -a -t lsassd_exec_t -f -- "/opt/likewise/sbin/lsassd"

and:

/var/lib/likewise-open/.lsassd -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)

would be:

semanage fcontext -a -t lsassd_var_socket_t -f -s
"/var/lib/likewise-open/.lsassd"

When all is added you can use matchpathcon to verify whether the type
matches what youve specified. Example:

matchpathcon /opt/likewise/sbin/lsassd

and if that is verified to be correct actually apply the contexts by
running for example:

restorecon -R -v /opt/likewise/sbin/lsassd

Then you should try it out, collect any AVC denials that you are seeing
and enclose those so that we can analyze them and fix bugs where
possible.

If you have any questions or comments do not hesitate to ask.

I am looking forward to your reply.

> Thanks!
> Maria


--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Maria Iano 02-02-2012 09:58 PM

making a file context change work for initrc_t and unconfined_t
 
On Feb 1, 2012, at 4:53 PM, Dominick Grift wrote:


On Wed, 2012-02-01 at 15:05 -0500, Maria Iano wrote:

On Feb 1, 2012, at 1:32 PM, Dominick Grift wrote:


On Tue, 2012-01-31 at 17:33 -0500, Maria Iano wrote:

I have a RHEL 6.2 server running LikewiseOpen. It appears to me
that I
will take care of a large number of denials if I can change the
type

of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.

I added the file context rule with semanage, and used restorecon to
change it to lsassd_var_socket_t as desired. But later I found
that /

var/lib/likewise/.lsassd had type var_lib_t again. I assume that is
because the likewise processes run as initrc_t.


Why are the likewise processes running in initrc_t?

Are the likewise executable files in their proper location:

/usr/sbin/dcerpcd --
gen_context(system_u:object_r:dcerpcd_exec_t,s0)
/usr/sbin/eventlogd --
gen_context(system_u:object_r:eventlogd_exec_t,s0)
/usr/sbin/lsassd --
gen_context(system_u:object_r:lsassd_exec_t,s0)

/usr/sbin/lwiod -- gen_context(system_u:object_r:lwiod_exec_t,s0)
/usr/sbin/lwregd --
gen_context(system_u:object_r:lwregd_exec_t,s0)

/usr/sbin/lwsmd -- gen_context(system_u:object_r:lwsmd_exec_t,s0)
/usr/sbin/netlogond --
gen_context(system_u:object_r:netlogond_exec_t,s0)
/usr/sbin/srvsvcd --
gen_context(system_u:object_r:srvsvcd_exec_t,s0)


I'd like to change the policy and tell it that services running in
either initrc_t or unconfined_t domains should create the file /
var/

lib/likewise/.lsassd with type lsassd_var_socket_t. (A command line
tool lwsm for managing the processes runs in unconfined_t so I'd
like
to include that domain to be safe. ) How can I go about doing
that in

RHEL 6 (or can I)?


That is not possible but if you label /var/lib/likewise:

semanage fcontext -a -t likewise_var_lib_t "/var/lib/likewise(/.*)?"

And configure restorecond to watch /var/lib/likewise then the file
will
be reset to the proper type when restorecond notices that its
mislabeled.

The policy for likewise was written by the people of likewise. I
helped
with it a bit. I think we collaborated on the selinux maillist but i
could not find the thread about it in short noticed. (i was looking
for
the e-mail address of the likewise policy author so that i can ask
him

to see if the policy is still up-to-date)

It may be that the policy is not maintained optimally.

Maybe you can help us revisit it?


Those files are all under /opt/likewise/sbin on this system (although
there is no srvsvcd):
/opt/likewise/sbin/dcerpcd
/opt/likewise/sbin/eventlogd
/opt/likewise/sbin/lsassd
/opt/likewise/sbin/lwiod
/opt/likewise/sbin/lwregd
/opt/likewise/sbin/lwsmd
/opt/likewise/sbin/netlogond

Also the directories corresponding to /etc/likewise-open and /var/
lib/

likewise-open are actually /etc/likewise and /var/lib/likewise on my
system.

My system is RHEL 6.2 and I installed LikewiseOpen by downloading
LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh, making it executable,
and

typing:
./LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh install

So I think it is installed with all the defaults.

I would be very happy to help. I would really like for selinux and
likewise to coexist comfortably.


Why that's great

Here is a list with all file contexts for likewise files:

http://git.fedorahosted.org/git/?p=selinux-policy.git;a=blob;f=policy/modules/services/likewise.fc;h=57491fc406f6d309b258f6be978524a0b916 d531;hb=6a8b33a937d800e1f7ec5a148b73abedc1ea4f09

Basically what i would do if i were you is add file context
specifications using "semanage fcontext" or a custom .fc file of all
the

entries in there matching files on your system:

example:

/usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)

would be:

semanage fcontext -a -t lsassd_exec_t -f -- "/opt/likewise/sbin/
lsassd"


and:

/var/lib/likewise-open/.lsassd -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)

would be:

semanage fcontext -a -t lsassd_var_socket_t -f -s
"/var/lib/likewise-open/.lsassd"

When all is added you can use matchpathcon to verify whether the type
matches what youve specified. Example:

matchpathcon /opt/likewise/sbin/lsassd

and if that is verified to be correct actually apply the contexts by
running for example:

restorecon -R -v /opt/likewise/sbin/lsassd

Then you should try it out, collect any AVC denials that you are
seeing

and enclose those so that we can analyze them and fix bugs where
possible.

If you have any questions or comments do not hesitate to ask.

I am looking forward to your reply.


On a CentOS 6.2 system which had never had likewise installed, I ran
the corresponding semanage commands to these file contexts:


/etc/likewise(/.*)?
gen_context(system_u:object_r:likewise_etc_t,s0)
/etc/likewise/.pstore.lock --
gen_context(system_u:object_r:likewise_pstore_lock _t,s0)
/etc/likewise/likewise-krb5-ad.conf --
gen_context(system_u:object_r:likewise_krb5_ad_t,s 0)


/etc/rc.d/init.d/likewise --
gen_context(system_u:object_r:likewise_initrc_exec _t,s0)
/etc/rc.d/init.d/lwsmd --
gen_context(system_u:object_r:likewise_initrc_exec _t,s0)
/etc/rc.d/init.d/netlogond --
gen_context(system_u:object_r:likewise_initrc_exec _t,s0)


/opt/likewise/sbin/dcerpcd --
gen_context(system_u:object_r:dcerpcd_exec_t,s0)
/opt/likewise/sbin/eventlogd --
gen_context(system_u:object_r:eventlogd_exec_t,s0)
/opt/likewise/sbin/lsassd --
gen_context(system_u:object_r:lsassd_exec_t,s0)
/opt/likewise/sbin/lwiod --
gen_context(system_u:object_r:lwiod_exec_t,s0)
/opt/likewise/sbin/lwregd --
gen_context(system_u:object_r:lwregd_exec_t,s0)
/opt/likewise/sbin/lwsmd --
gen_context(system_u:object_r:lwsmd_exec_t,s0)
/opt/likewise/sbin/netlogond --
gen_context(system_u:object_r:netlogond_exec_t,s0)


/var/lib/likewise(/.*)?
gen_context(system_u:object_r:likewise_var_lib_t,s 0)
/var/lib/likewise/.lsassd -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)
/var/lib/likewise/.lwiod -s
gen_context(system_u:object_r:lwiod_var_socket_t,s 0)
/var/lib/likewise/.regsd -s
gen_context(system_u:object_r:lwregd_var_socket_t, s0)
/var/lib/likewise/.lwsm -s
gen_context(system_u:object_r:lwsmd_var_socket_t,s 0)
/var/lib/likewise/.netlogond -s
gen_context(system_u:object_r:netlogond_var_socket _t,s0)
/var/lib/likewise/.ntlmd -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)
/var/lib/likewise/krb5-affinity.conf --
gen_context(system_u:object_r:netlogond_var_lib_t, s0)
/var/lib/likewise/krb5ccr_lsass --
gen_context(system_u:object_r:lsassd_var_lib_t, s0)
/var/lib/likewise/LWNetsd.err --
gen_context(system_u:object_r:netlogond_var_lib_t, s0)
/var/lib/likewise/lsasd.err --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/regsd.err --
gen_context(system_u:object_r:lwregd_var_lib_t,s0)
/var/lib/likewise/db -d
gen_context(system_u:object_r:likewise_var_lib_t,s 0)
/var/lib/likewise/db/lwi_events.db --
gen_context(system_u:object_r:eventlogd_var_lib_t, s0)
/var/lib/likewise/db/sam.db --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/lsass-adcache.db --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/lsass-adstate.filedb --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/registry.db --
gen_context(system_u:object_r:lwregd_var_lib_t,s0)
/var/lib/likewise/rpc -d
gen_context(system_u:object_r:likewise_var_lib_t,s 0)
/var/lib/likewise/rpc/epmapper -s
gen_context(system_u:object_r:dcerpcd_var_socket_t , s0)
/var/lib/likewise/rpc/lsass -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)
/var/lib/likewise/rpc/socket -s
gen_context(system_u:object_r:eventlogd_var_socket _t, s0)
/var/lib/likewise/run -d
gen_context(system_u:object_r:likewise_var_lib_t,s 0)
/var/lib/likewise/run/rpcdep.dat --
gen_context(system_u:object_r:dcerpcd_var_lib_t, s0)


I then installed LikewiseOpen with LikewiseOpen-6.1.0.8729-linux-
x86_64-rpm.sh. I joined the computer to the AD domain and rebooted.


The first two denials were due to incorrect labeling of /var/lib/
likewise/db/registry.db and /var/lib/likewise/db/sam.db. Both were
labeled as unconfined_u:object_r:likewise_var_lib_t:s0. They should be
unconfined_u:object_r:lwregd_var_lib_t:s0 and
unconfined_u:object_r:lsassd_var_lib_t:s0 respectively. I ran
restorecon on both and have not had any of those type of denials
since. So far they have retained their correct context through a
reboot, so perhaps it's just something that doesn't work correctly
during the installation.


I've attached the remaining AVCs to this message, but since I'm not
sure the mailing list will allow that through I'll also paste them in
below. I removed duplicates. Also there were a large number of entries
where lsassd tried to getattr for many different /proc/xxxx but I only
included one. It didn't just try to do that for likewise processes,
but every process running at the time (or maybe almost every). I can
forward all of those as well if you'd like.


Here is the list:

type=AVC msg=audit(1328198424.686:20): avc: denied { write } for
pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=393091
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:netlogond_var_socket_t: s0 tclass=sock_file
type=AVC msg=audit(1328198424.686:20): avc: denied { connectto }
for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond"
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328198424.686:20): arch=c000003e syscall=42
success=yes exit=0 a0=a a1=7fdbec624450 a2=6e a3=10 items=0 ppid=1108
pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/
likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)


type=AVC msg=audit(1328203534.556:16): avc: denied { getattr } for
pid=1141 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf"
dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.556:16): arch=c000003e syscall=4
success=yes exit=0 a0=7f5e28001488 a1=7f5e33ffc8d0 a2=7f5e33ffc8d0
a3=0 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)


type=AVC msg=audit(1328203534.536:14): avc: denied { getattr } for
pid=1141 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf"
dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.536:14): arch=c000003e syscall=4
success=yes exit=0 a0=7f5e28001368 a1=7f5e33ffc8d0 a2=7f5e33ffc8d0
a3=7f5e33ffc650 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwsmd" exe="/opt/likewise/sbin/lwsmd"
subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198424.023:16): avc: denied { getattr } for
pid=1142 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf"
dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.023:16): arch=c000003e syscall=4
success=yes exit=0 a0=7f4894001488 a1=7f48ad2548d0 a2=7f48ad2548d0
a3=0 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)


type=AVC msg=audit(1328198423.995:14): avc: denied { getattr } for
pid=1142 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf"
dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.995:14): arch=c000003e syscall=4
success=yes exit=0 a0=7f4894001368 a1=7f48ad2548d0 a2=7f48ad2548d0
a3=7f48ad254650 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwsmd" exe="/opt/likewise/sbin/lwsmd"
subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203534.221:9): avc: denied { getattr } for
pid=1143 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db"
dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328203534.221:9): arch=c000003e syscall=4
success=yes exit=0 a0=40bc68 a1=7fff7f6d2520 a2=7fff7f6d2520
a3=7fff7f6d22a0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)


type=AVC msg=audit(1328198423.667:9): avc: denied { getattr } for
pid=1144 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db"
dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.667:9): arch=c000003e syscall=4
success=yes exit=0 a0=40bc68 a1=7fff6b605a50 a2=7fff6b605a50
a3=7fff6b6057d0 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)


type=AVC msg=audit(1328200531.030:128): avc: denied { getattr } for
pid=1486 comm="lsassd" path="/proc/1043" dev=proc ino=10798
scontext=system_u:system_r:lsassd_t:s0
tcontext=system_u:system_r:auditd_t:s0 tclass=dir
type=SYSCALL msg=audit(1328200531.030:128): arch=c000003e syscall=4
success=yes exit=0 a0=7f88fc004bb0 a1=7f88e9ff5cf0 a2=7f88e9ff5cf0
a3=fffffffc items=0 ppid=1108 pid=1486 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lsassd" exe="/opt/likewise/sbin/lsassd"
subj=system_u:system_r:lsassd_t:s0 key=(null)


type=AVC msg=audit(1328198350.870:21214): avc: denied { getattr }
for pid=1912 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf"
dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.870:21214): arch=c000003e syscall=4
success=yes exit=0 a0=7f2790001828 a1=7f27a25718c0 a2=7f27a25718c0
a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)


type=AVC msg=audit(1328198350.864:21212): avc: denied { getattr }
for pid=1912 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf"
dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.864:21212): arch=c000003e syscall=4
success=yes exit=0 a0=7f2790000e08 a1=7f27a25718c0 a2=7f27a25718c0
a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)


type=AVC msg=audit(1328203469.517:203): avc: denied { getattr } for
pid=2428 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf"
dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:203): arch=c000003e syscall=4
success=yes exit=0 a0=7f48980018f8 a1=7f48adc558c0 a2=7f48adc558c0
a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)


type=AVC msg=audit(1328203469.508:201): avc: denied { getattr } for
pid=2428 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf"
dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.508:201): arch=c000003e syscall=4
success=yes exit=0 a0=7f4898000a18 a1=7f48adc558c0 a2=7f48adc558c0
a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd"
exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0
key=(null)


type=AVC msg=audit(1328198423.037:5): avc: denied { lock } for
pid=1108 comm="lwsmd" path="/var/lib/likewise/.lwsmd-lock" dev=dm-0
ino=395380 scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.037:5): arch=c000003e syscall=72
success=yes exit=0 a0=3 a1=6 a2=7fff74251500 a3=7fff74251280 items=0
ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198424.260:19): avc: denied { lock } for
pid=1151 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db"
dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198424.260:19): arch=c000003e syscall=72
success=yes exit=0 a0=9 a1=6 a2=7f2341dd20f0 a3=7f2341dd1e60 items=0
ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/
opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0
key=(null)


type=AVC msg=audit(1328198423.032:4): avc: denied { write } for
pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380
scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=AVC msg=audit(1328198423.032:4): avc: denied { open } for
pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380
scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.032:4): arch=c000003e syscall=2
success=yes exit=3 a0=4081ff a1=241 a2=80 a3=7fff74251280 items=0
ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198423.043:6): avc: denied { read } for
pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.043:6): avc: denied { open } for
pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.043:6): arch=c000003e syscall=2
success=yes exit=7 a0=361cb6372e a1=80000 a2=1fffdd09458b
a3=7fff74251200 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwsmd" exe="/opt/likewise/sbin/lwsmd"
subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198423.343:8): avc: denied { read } for
pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwregd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.343:8): avc: denied { open } for
pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwregd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.343:8): arch=c000003e syscall=2
success=yes exit=5 a0=361cb6372e a1=80000 a2=1ffffbf31283
a3=7fffefcc4590 items=0 ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwregd" exe="/opt/likewise/sbin/lwregd"
subj=system_u:system_r:lwregd_t:s0 key=(null)


type=AVC msg=audit(1328203534.538:15): avc: denied { read } for
pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203534.538:15): avc: denied { open } for
pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.538:15): arch=c000003e syscall=2
success=yes exit=11 a0=7f5e28001368 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203534.557:17): avc: denied { read } for
pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203534.557:17): avc: denied { open } for
pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.557:17): arch=c000003e syscall=2
success=yes exit=11 a0=7f5e28001488 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198423.996:15): avc: denied { read } for
pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198423.996:15): avc: denied { open } for
pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.996:15): arch=c000003e syscall=2
success=yes exit=11 a0=7f4894001368 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198424.027:17): avc: denied { read } for
pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198424.027:17): avc: denied { open } for
pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.027:17): arch=c000003e syscall=2
success=yes exit=11 a0=7f4894001488 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203534.223:10): avc: denied { read } for
pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.223:10): avc: denied { open } for
pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.223:10): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdfdb4acf
a3=7fff7f6d25e0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)


type=AVC msg=audit(1328198423.672:10): avc: denied { read } for
pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.672:10): avc: denied { open } for
pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.672:10): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdad8181b
a3=7fff6b605b10 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)


type=AVC msg=audit(1328203534.286:11): avc: denied { read } for
pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.286:11): avc: denied { open } for
pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.286:11): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc0433b53
a3=7fff010ce7b0 items=0 ppid=1108 pid=1150 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="netlogond" exe="/opt/likewise/sbin/netlogond"
subj=system_u:system_r:netlogond_t:s0 key=(null)


type=AVC msg=audit(1328198424.259:18): avc: denied { read write }
for pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0
ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=AVC msg=audit(1328198424.259:18): avc: denied { open } for
pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0 ino=395386
scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198424.259:18): arch=c000003e syscall=2
success=yes exit=9 a0=7f231c0013e0 a1=42 a2=1a4 a3=7f2341dd2030
items=0 ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)


type=AVC msg=audit(1328198423.748:11): avc: denied { read } for
pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.748:11): avc: denied { open } for
pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.748:11): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffca9448f3
a3=7fff2a511e30 items=0 ppid=1108 pid=1152 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="netlogond" exe="/opt/likewise/sbin/netlogond"
subj=system_u:system_r:netlogond_t:s0 key=(null)


type=AVC msg=audit(1328198423.936:12): avc: denied { read } for
pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.936:12): avc: denied { open } for
pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.936:12): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc42643f7
a3=7fff10990980 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwiod" exe="/opt/likewise/sbin/lwiod"
subj=system_u:system_r:lwiod_t:s0 key=(null)


type=AVC msg=audit(1328198350.869:21213): avc: denied { read } for
pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198350.869:21213): avc: denied { open } for
pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.869:21213): arch=c000003e syscall=2
success=yes exit=4 a0=7f2790000e08 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198350.873:21215): avc: denied { read } for
pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198350.873:21215): avc: denied { open } for
pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.873:21215): arch=c000003e syscall=2
success=yes exit=4 a0=7f2790001828 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203469.517:202): avc: denied { read } for
pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203469.517:202): avc: denied { open } for
pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:202): arch=c000003e syscall=2
success=yes exit=4 a0=7f4898000a18 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203469.518:204): avc: denied { read } for
pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203469.518:204): avc: denied { open } for
pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.518:204): arch=c000003e syscall=2
success=yes exit=4 a0=7f48980018f8 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198424.259:18): avc: denied { read write }
for pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0
ino=395386 scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=AVC msg=audit(1328198424.259:18): avc: denied { open } for
pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0 ino=395386
scontext=system_u:system_r:eventlogd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198424.259:18): arch=c000003e syscall=2
success=yes exit=9 a0=7f231c0013e0 a1=42 a2=1a4 a3=7f2341dd2030
items=0 ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)


type=AVC msg=audit(1328198423.043:6): avc: denied { read } for
pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.043:6): avc: denied { open } for
pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.043:6): arch=c000003e syscall=2
success=yes exit=7 a0=361cb6372e a1=80000 a2=1fffdd09458b
a3=7fff74251200 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwsmd" exe="/opt/likewise/sbin/lwsmd"
subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198423.343:8): avc: denied { read } for
pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwregd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.343:8): avc: denied { open } for
pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwregd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.343:8): arch=c000003e syscall=2
success=yes exit=5 a0=361cb6372e a1=80000 a2=1ffffbf31283
a3=7fffefcc4590 items=0 ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwregd" exe="/opt/likewise/sbin/lwregd"
subj=system_u:system_r:lwregd_t:s0 key=(null)


type=AVC msg=audit(1328203534.538:15): avc: denied { read } for
pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203534.538:15): avc: denied { open } for
pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.538:15): arch=c000003e syscall=2
success=yes exit=11 a0=7f5e28001368 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203534.557:17): avc: denied { read } for
pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203534.557:17): avc: denied { open } for
pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.557:17): arch=c000003e syscall=2
success=yes exit=11 a0=7f5e28001488 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198423.996:15): avc: denied { read } for
pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198423.996:15): avc: denied { open } for
pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.996:15): arch=c000003e syscall=2
success=yes exit=11 a0=7f4894001368 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198424.027:17): avc: denied { read } for
pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198424.027:17): avc: denied { open } for
pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.027:17): arch=c000003e syscall=2
success=yes exit=11 a0=7f4894001488 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203534.223:10): avc: denied { read } for
pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.223:10): avc: denied { open } for
pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.223:10): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdfdb4acf
a3=7fff7f6d25e0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)


type=AVC msg=audit(1328198423.672:10): avc: denied { read } for
pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.672:10): avc: denied { open } for
pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:eventlogd_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.672:10): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdad8181b
a3=7fff6b605b10 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="eventlogd" exe="/opt/likewise/sbin/eventlogd"
subj=system_u:system_r:eventlogd_t:s0 key=(null)


type=AVC msg=audit(1328203534.286:11): avc: denied { read } for
pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.286:11): avc: denied { open } for
pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.286:11): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc0433b53
a3=7fff010ce7b0 items=0 ppid=1108 pid=1150 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="netlogond" exe="/opt/likewise/sbin/netlogond"
subj=system_u:system_r:netlogond_t:s0 key=(null)


type=AVC msg=audit(1328198423.748:11): avc: denied { read } for
pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.748:11): avc: denied { open } for
pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:netlogond_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.748:11): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffca9448f3
a3=7fff2a511e30 items=0 ppid=1108 pid=1152 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="netlogond" exe="/opt/likewise/sbin/netlogond"
subj=system_u:system_r:netlogond_t:s0 key=(null)


type=AVC msg=audit(1328198423.936:12): avc: denied { read } for
pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.936:12): avc: denied { open } for
pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.936:12): arch=c000003e syscall=2
success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc42643f7
a3=7fff10990980 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwiod" exe="/opt/likewise/sbin/lwiod"
subj=system_u:system_r:lwiod_t:s0 key=(null)


type=AVC msg=audit(1328198350.869:21213): avc: denied { read } for
pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198350.869:21213): avc: denied { open } for
pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.869:21213): arch=c000003e syscall=2
success=yes exit=4 a0=7f2790000e08 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198350.873:21215): avc: denied { read } for
pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198350.873:21215): avc: denied { open } for
pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.873:21215): arch=c000003e syscall=2
success=yes exit=4 a0=7f2790001828 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203469.517:202): avc: denied { read } for
pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203469.517:202): avc: denied { open } for
pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:202): arch=c000003e syscall=2
success=yes exit=4 a0=7f4898000a18 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328203469.518:204): avc: denied { read } for
pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203469.518:204): avc: denied { open } for
pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321
scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.518:204): arch=c000003e syscall=2
success=yes exit=4 a0=7f48980018f8 a1=0 a2=1b6 a3=0 items=0 ppid=1
pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198423.053:7): avc: denied { setpgid } for
pid=1112 comm="lwsmd" scontext=system_u:system_r:lwsmd_t:s0
tcontext=system_u:system_r:lwsmd_t:s0 tclass=process
type=SYSCALL msg=audit(1328198423.053:7): arch=c000003e syscall=109
success=yes exit=0 a0=458 a1=458 a2=458 a3=361d017240 items=0
ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198423.945:13): avc: denied { setrlimit }
for pid=1164 comm="lwiod" scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:lwiod_t:s0 tclass=process
type=AVC msg=audit(1328198423.945:13): avc: denied { sys_resource }
for pid=1164 comm="lwiod" capability=24
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:lwiod_t:s0 tclass=capability
type=SYSCALL msg=audit(1328198423.945:13): arch=c000003e syscall=160
success=yes exit=0 a0=7 a1=7fff10990e60 a2=7fff10990e10
a3=7fff10990b50 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwiod" exe="/opt/likewise/sbin/lwiod"
subj=system_u:system_r:lwiod_t:s0 key=(null)


type=AVC msg=audit(1328198423.945:13): avc: denied { setrlimit }
for pid=1164 comm="lwiod" scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:lwiod_t:s0 tclass=process
type=AVC msg=audit(1328198423.945:13): avc: denied { sys_resource }
for pid=1164 comm="lwiod" capability=24
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:lwiod_t:s0 tclass=capability
type=SYSCALL msg=audit(1328198423.945:13): arch=c000003e syscall=160
success=yes exit=0 a0=7 a1=7fff10990e60 a2=7fff10990e10
a3=7fff10990b50 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="lwiod" exe="/opt/likewise/sbin/lwiod"
subj=system_u:system_r:lwiod_t:s0 key=(null)


type=AVC msg=audit(1328198423.032:4): avc: denied { write } for
pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380
scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=AVC msg=audit(1328198423.032:4): avc: denied { open } for
pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380
scontext=system_u:system_r:lwsmd_t:s0
tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.032:4): arch=c000003e syscall=2
success=yes exit=3 a0=4081ff a1=241 a2=80 a3=7fff74251280 items=0
ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/
likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)


type=AVC msg=audit(1328198424.686:20): avc: denied { write } for
pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=393091
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:netlogond_var_socket_t: s0 tclass=sock_file
type=AVC msg=audit(1328198424.686:20): avc: denied { connectto }
for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond"
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328198424.686:20): arch=c000003e syscall=42
success=yes exit=0 a0=a a1=7fdbec624450 a2=6e a3=10 items=0 ppid=1108
pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/
likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)


type=AVC msg=audit(1328203535.270:20): avc: denied { write } for
pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=394189
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:object_r:netlogond_var_socket_t: s0 tclass=sock_file
type=AVC msg=audit(1328203535.270:20): avc: denied { connectto }
for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond"
scontext=system_u:system_r:lwiod_t:s0
tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328203535.270:20): arch=c000003e syscall=42
success=yes exit=0 a0=a a1=7fa6e0f14450 a2=6e a3=10 items=0 ppid=1108
pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/
likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)



type=AVC msg=audit(1328198424.686:20): avc: denied { write } for pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=393091 scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:object_r:netlogond_var_socket_t: s0 tclass=sock_file
type=AVC msg=audit(1328198424.686:20): avc: denied { connectto } for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond" scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328198424.686:20): arch=c000003e syscall=42 success=yes exit=0 a0=a a1=7fdbec624450 a2=6e a3=10 items=0 ppid=1108 pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)

type=AVC msg=audit(1328203534.556:16): avc: denied { getattr } for pid=1141 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.556:16): arch=c000003e syscall=4 success=yes exit=0 a0=7f5e28001488 a1=7f5e33ffc8d0 a2=7f5e33ffc8d0 a3=0 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203534.536:14): avc: denied { getattr } for pid=1141 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.536:14): arch=c000003e syscall=4 success=yes exit=0 a0=7f5e28001368 a1=7f5e33ffc8d0 a2=7f5e33ffc8d0 a3=7f5e33ffc650 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198424.023:16): avc: denied { getattr } for pid=1142 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.023:16): arch=c000003e syscall=4 success=yes exit=0 a0=7f4894001488 a1=7f48ad2548d0 a2=7f48ad2548d0 a3=0 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.995:14): avc: denied { getattr } for pid=1142 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.995:14): arch=c000003e syscall=4 success=yes exit=0 a0=7f4894001368 a1=7f48ad2548d0 a2=7f48ad2548d0 a3=7f48ad254650 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203534.221:9): avc: denied { getattr } for pid=1143 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db" dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328203534.221:9): arch=c000003e syscall=4 success=yes exit=0 a0=40bc68 a1=7fff7f6d2520 a2=7fff7f6d2520 a3=7fff7f6d22a0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328198423.667:9): avc: denied { getattr } for pid=1144 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db" dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.667:9): arch=c000003e syscall=4 success=yes exit=0 a0=40bc68 a1=7fff6b605a50 a2=7fff6b605a50 a3=7fff6b6057d0 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328200531.030:128): avc: denied { getattr } for pid=1486 comm="lsassd" path="/proc/1043" dev=proc ino=10798 scontext=system_u:system_r:lsassd_t:s0 tcontext=system_u:system_r:auditd_t:s0 tclass=dir
type=SYSCALL msg=audit(1328200531.030:128): arch=c000003e syscall=4 success=yes exit=0 a0=7f88fc004bb0 a1=7f88e9ff5cf0 a2=7f88e9ff5cf0 a3=fffffffc items=0 ppid=1108 pid=1486 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lsassd" exe="/opt/likewise/sbin/lsassd" subj=system_u:system_r:lsassd_t:s0 key=(null)

type=AVC msg=audit(1328198350.870:21214): avc: denied { getattr } for pid=1912 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.870:21214): arch=c000003e syscall=4 success=yes exit=0 a0=7f2790001828 a1=7f27a25718c0 a2=7f27a25718c0 a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198350.864:21212): avc: denied { getattr } for pid=1912 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.864:21212): arch=c000003e syscall=4 success=yes exit=0 a0=7f2790000e08 a1=7f27a25718c0 a2=7f27a25718c0 a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203469.517:203): avc: denied { getattr } for pid=2428 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:203): arch=c000003e syscall=4 success=yes exit=0 a0=7f48980018f8 a1=7f48adc558c0 a2=7f48adc558c0 a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203469.508:201): avc: denied { getattr } for pid=2428 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.508:201): arch=c000003e syscall=4 success=yes exit=0 a0=7f4898000a18 a1=7f48adc558c0 a2=7f48adc558c0 a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.037:5): avc: denied { lock } for pid=1108 comm="lwsmd" path="/var/lib/likewise/.lwsmd-lock" dev=dm-0 ino=395380 scontext=system_u:system_r:lwsmd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.037:5): arch=c000003e syscall=72 success=yes exit=0 a0=3 a1=6 a2=7fff74251500 a3=7fff74251280 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198424.260:19): avc: denied { lock } for pid=1151 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db" dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198424.260:19): arch=c000003e syscall=72 success=yes exit=0 a0=9 a1=6 a2=7f2341dd20f0 a3=7f2341dd1e60 items=0 ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328198423.032:4): avc: denied { write } for pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380 scontext=system_u:system_r:lwsmd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=AVC msg=audit(1328198423.032:4): avc: denied { open } for pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380 scontext=system_u:system_r:lwsmd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.032:4): arch=c000003e syscall=2 success=yes exit=3 a0=4081ff a1=241 a2=80 a3=7fff74251280 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.043:6): avc: denied { read } for pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.043:6): avc: denied { open } for pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.043:6): arch=c000003e syscall=2 success=yes exit=7 a0=361cb6372e a1=80000 a2=1fffdd09458b a3=7fff74251200 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.343:8): avc: denied { read } for pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwregd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.343:8): avc: denied { open } for pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwregd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.343:8): arch=c000003e syscall=2 success=yes exit=5 a0=361cb6372e a1=80000 a2=1ffffbf31283 a3=7fffefcc4590 items=0 ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwregd" exe="/opt/likewise/sbin/lwregd" subj=system_u:system_r:lwregd_t:s0 key=(null)

type=AVC msg=audit(1328203534.538:15): avc: denied { read } for pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203534.538:15): avc: denied { open } for pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.538:15): arch=c000003e syscall=2 success=yes exit=11 a0=7f5e28001368 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203534.557:17): avc: denied { read } for pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203534.557:17): avc: denied { open } for pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.557:17): arch=c000003e syscall=2 success=yes exit=11 a0=7f5e28001488 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.996:15): avc: denied { read } for pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198423.996:15): avc: denied { open } for pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.996:15): arch=c000003e syscall=2 success=yes exit=11 a0=7f4894001368 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198424.027:17): avc: denied { read } for pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198424.027:17): avc: denied { open } for pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.027:17): arch=c000003e syscall=2 success=yes exit=11 a0=7f4894001488 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203534.223:10): avc: denied { read } for pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:eventlogd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.223:10): avc: denied { open } for pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:eventlogd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.223:10): arch=c000003e syscall=2 success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdfdb4acf a3=7fff7f6d25e0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

Maria Iano 02-02-2012 10:36 PM

making a file context change work for initrc_t and unconfined_t
 
On Feb 2, 2012, at 5:58 PM, Maria Iano wrote:



On Feb 1, 2012, at 4:53 PM, Dominick Grift wrote:


On Wed, 2012-02-01 at 15:05 -0500, Maria Iano wrote:

On Feb 1, 2012, at 1:32 PM, Dominick Grift wrote:


On Tue, 2012-01-31 at 17:33 -0500, Maria Iano wrote:

I have a RHEL 6.2 server running LikewiseOpen. It appears to me
that I
will take care of a large number of denials if I can change the
type

of /var/lib/likewise/.lsassd to be lsassd_var_socket_t.

I added the file context rule with semanage, and used restorecon
to
change it to lsassd_var_socket_t as desired. But later I found
that /
var/lib/likewise/.lsassd had type var_lib_t again. I assume that
is

because the likewise processes run as initrc_t.


Why are the likewise processes running in initrc_t?

Are the likewise executable files in their proper location:

/usr/sbin/dcerpcd --
gen_context(system_u:object_r:dcerpcd_exec_t,s0)
/usr/sbin/eventlogd --
gen_context(system_u:object_r:eventlogd_exec_t,s0)
/usr/sbin/lsassd --
gen_context(system_u:object_r:lsassd_exec_t,s0)
/usr/sbin/lwiod --
gen_context(system_u:object_r:lwiod_exec_t,s0)
/usr/sbin/lwregd --
gen_context(system_u:object_r:lwregd_exec_t,s0)
/usr/sbin/lwsmd --
gen_context(system_u:object_r:lwsmd_exec_t,s0)

/usr/sbin/netlogond --
gen_context(system_u:object_r:netlogond_exec_t,s0)
/usr/sbin/srvsvcd --
gen_context(system_u:object_r:srvsvcd_exec_t,s0)


I'd like to change the policy and tell it that services running in
either initrc_t or unconfined_t domains should create the file /
var/
lib/likewise/.lsassd with type lsassd_var_socket_t. (A command
line
tool lwsm for managing the processes runs in unconfined_t so I'd
like
to include that domain to be safe. ) How can I go about doing
that in

RHEL 6 (or can I)?


That is not possible but if you label /var/lib/likewise:

semanage fcontext -a -t likewise_var_lib_t "/var/lib/
likewise(/.*)?"


And configure restorecond to watch /var/lib/likewise then the file
will
be reset to the proper type when restorecond notices that its
mislabeled.

The policy for likewise was written by the people of likewise. I
helped
with it a bit. I think we collaborated on the selinux maillist
but i

could not find the thread about it in short noticed. (i was looking
for
the e-mail address of the likewise policy author so that i can
ask him

to see if the policy is still up-to-date)

It may be that the policy is not maintained optimally.

Maybe you can help us revisit it?


Those files are all under /opt/likewise/sbin on this system
(although

there is no srvsvcd):
/opt/likewise/sbin/dcerpcd
/opt/likewise/sbin/eventlogd
/opt/likewise/sbin/lsassd
/opt/likewise/sbin/lwiod
/opt/likewise/sbin/lwregd
/opt/likewise/sbin/lwsmd
/opt/likewise/sbin/netlogond

Also the directories corresponding to /etc/likewise-open and /var/
lib/

likewise-open are actually /etc/likewise and /var/lib/likewise on my
system.

My system is RHEL 6.2 and I installed LikewiseOpen by downloading
LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh, making it executable,
and

typing:
./LikewiseOpen-6.1.0.8729-linux-x86_64-rpm.sh install

So I think it is installed with all the defaults.

I would be very happy to help. I would really like for selinux and
likewise to coexist comfortably.


Why that's great

Here is a list with all file contexts for likewise files:

http://git.fedorahosted.org/git/?p=selinux-policy.git;a=blob;f=policy/modules/services/likewise.fc;h=57491fc406f6d309b258f6be978524a0b916 d531;hb=6a8b33a937d800e1f7ec5a148b73abedc1ea4f09

Basically what i would do if i were you is add file context
specifications using "semanage fcontext" or a custom .fc file of
all the

entries in there matching files on your system:

example:

/usr/sbin/lsassd -- gen_context(system_u:object_r:lsassd_exec_t,s0)

would be:

semanage fcontext -a -t lsassd_exec_t -f -- "/opt/likewise/sbin/
lsassd"


and:

/var/lib/likewise-open/.lsassd -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)

would be:

semanage fcontext -a -t lsassd_var_socket_t -f -s
"/var/lib/likewise-open/.lsassd"

When all is added you can use matchpathcon to verify whether the type
matches what youve specified. Example:

matchpathcon /opt/likewise/sbin/lsassd

and if that is verified to be correct actually apply the contexts by
running for example:

restorecon -R -v /opt/likewise/sbin/lsassd

Then you should try it out, collect any AVC denials that you are
seeing

and enclose those so that we can analyze them and fix bugs where
possible.

If you have any questions or comments do not hesitate to ask.

I am looking forward to your reply.


On a CentOS 6.2 system which had never had likewise installed, I ran
the corresponding semanage commands to these file contexts:


/etc/likewise(/.*)?
gen_context(system_u:object_r:likewise_etc_t,s0)
/etc/likewise/.pstore.lock --
gen_context(system_u:object_r:likewise_pstore_lock _t,s0)
/etc/likewise/likewise-krb5-ad.conf --
gen_context(system_u:object_r:likewise_krb5_ad_t,s 0)


/etc/rc.d/init.d/likewise --
gen_context(system_u:object_r:likewise_initrc_exec _t,s0)
/etc/rc.d/init.d/lwsmd --
gen_context(system_u:object_r:likewise_initrc_exec _t,s0)
/etc/rc.d/init.d/netlogond --
gen_context(system_u:object_r:likewise_initrc_exec _t,s0)


/opt/likewise/sbin/dcerpcd --
gen_context(system_u:object_r:dcerpcd_exec_t,s0)
/opt/likewise/sbin/eventlogd --
gen_context(system_u:object_r:eventlogd_exec_t,s0)
/opt/likewise/sbin/lsassd --
gen_context(system_u:object_r:lsassd_exec_t,s0)
/opt/likewise/sbin/lwiod --
gen_context(system_u:object_r:lwiod_exec_t,s0)
/opt/likewise/sbin/lwregd --
gen_context(system_u:object_r:lwregd_exec_t,s0)
/opt/likewise/sbin/lwsmd --
gen_context(system_u:object_r:lwsmd_exec_t,s0)
/opt/likewise/sbin/netlogond --
gen_context(system_u:object_r:netlogond_exec_t,s0)


/var/lib/likewise(/.*)?
gen_context(system_u:object_r:likewise_var_lib_t,s 0)
/var/lib/likewise/.lsassd -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)
/var/lib/likewise/.lwiod -s
gen_context(system_u:object_r:lwiod_var_socket_t,s 0)
/var/lib/likewise/.regsd -s
gen_context(system_u:object_r:lwregd_var_socket_t, s0)
/var/lib/likewise/.lwsm -s
gen_context(system_u:object_r:lwsmd_var_socket_t,s 0)
/var/lib/likewise/.netlogond -s
gen_context(system_u:object_r:netlogond_var_socket _t,s0)
/var/lib/likewise/.ntlmd -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)
/var/lib/likewise/krb5-affinity.conf --
gen_context(system_u:object_r:netlogond_var_lib_t, s0)
/var/lib/likewise/krb5ccr_lsass --
gen_context(system_u:object_r:lsassd_var_lib_t, s0)
/var/lib/likewise/LWNetsd.err --
gen_context(system_u:object_r:netlogond_var_lib_t, s0)
/var/lib/likewise/lsasd.err --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/regsd.err --
gen_context(system_u:object_r:lwregd_var_lib_t,s0)
/var/lib/likewise/db -d
gen_context(system_u:object_r:likewise_var_lib_t,s 0)
/var/lib/likewise/db/lwi_events.db --
gen_context(system_u:object_r:eventlogd_var_lib_t, s0)
/var/lib/likewise/db/sam.db --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/lsass-adcache.db --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/lsass-adstate.filedb --
gen_context(system_u:object_r:lsassd_var_lib_t,s0)
/var/lib/likewise/db/registry.db --
gen_context(system_u:object_r:lwregd_var_lib_t,s0)
/var/lib/likewise/rpc -d
gen_context(system_u:object_r:likewise_var_lib_t,s 0)
/var/lib/likewise/rpc/epmapper -s
gen_context(system_u:object_r:dcerpcd_var_socket_t , s0)
/var/lib/likewise/rpc/lsass -s
gen_context(system_u:object_r:lsassd_var_socket_t, s0)
/var/lib/likewise/rpc/socket -s
gen_context(system_u:object_r:eventlogd_var_socket _t, s0)
/var/lib/likewise/run -d
gen_context(system_u:object_r:likewise_var_lib_t,s 0)
/var/lib/likewise/run/rpcdep.dat --
gen_context(system_u:object_r:dcerpcd_var_lib_t, s0)


I then installed LikewiseOpen with LikewiseOpen-6.1.0.8729-linux-
x86_64-rpm.sh. I joined the computer to the AD domain and rebooted.


The first two denials were due to incorrect labeling of /var/lib/
likewise/db/registry.db and /var/lib/likewise/db/sam.db. Both were
labeled as unconfined_u:object_r:likewise_var_lib_t:s0. They should
be unconfined_u:object_r:lwregd_var_lib_t:s0 and
unconfined_u:object_r:lsassd_var_lib_t:s0 respectively. I ran
restorecon on both and have not had any of those type of denials
since. So far they have retained their correct context through a
reboot, so perhaps it's just something that doesn't work correctly
during the installation.


I've attached the remaining AVCs to this message, but since I'm not
sure the mailing list will allow that through I'll also paste them
in below. I removed duplicates. Also there were a large number of
entries where lsassd tried to getattr for many different /proc/xxxx
but I only included one. It didn't just try to do that for likewise
processes, but every process running at the time (or maybe almost
every). I can forward all of those as well if you'd like.


I just noticed that I missed some duplicates. Here is a slightly
shorter list. Now I know I can attach them so I won't paste them in
again.


type=AVC msg=audit(1328198350.864:21212): avc: denied { getattr } for pid=1912 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.864:21212): arch=c000003e syscall=4 success=yes exit=0 a0=7f2790000e08 a1=7f27a25718c0 a2=7f27a25718c0 a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198350.869:21213): avc: denied { read } for pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198350.869:21213): avc: denied { open } for pid=1912 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.869:21213): arch=c000003e syscall=2 success=yes exit=4 a0=7f2790000e08 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198350.870:21214): avc: denied { getattr } for pid=1912 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.870:21214): arch=c000003e syscall=4 success=yes exit=0 a0=7f2790001828 a1=7f27a25718c0 a2=7f27a25718c0 a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198350.873:21215): avc: denied { read } for pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198350.873:21215): avc: denied { open } for pid=1912 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198350.873:21215): arch=c000003e syscall=2 success=yes exit=4 a0=7f2790001828 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.032:4): avc: denied { write } for pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380 scontext=system_u:system_r:lwsmd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=AVC msg=audit(1328198423.032:4): avc: denied { open } for pid=1108 comm="lwsmd" name=".lwsmd-lock" dev=dm-0 ino=395380 scontext=system_u:system_r:lwsmd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.032:4): arch=c000003e syscall=2 success=yes exit=3 a0=4081ff a1=241 a2=80 a3=7fff74251280 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.037:5): avc: denied { lock } for pid=1108 comm="lwsmd" path="/var/lib/likewise/.lwsmd-lock" dev=dm-0 ino=395380 scontext=system_u:system_r:lwsmd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.037:5): arch=c000003e syscall=72 success=yes exit=0 a0=3 a1=6 a2=7fff74251500 a3=7fff74251280 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.043:6): avc: denied { read } for pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.043:6): avc: denied { open } for pid=1108 comm="lwsmd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.043:6): arch=c000003e syscall=2 success=yes exit=7 a0=361cb6372e a1=80000 a2=1fffdd09458b a3=7fff74251200 items=0 ppid=1 pid=1108 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.053:7): avc: denied { setpgid } for pid=1112 comm="lwsmd" scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:system_r:lwsmd_t:s0 tclass=process
type=SYSCALL msg=audit(1328198423.053:7): arch=c000003e syscall=109 success=yes exit=0 a0=458 a1=458 a2=458 a3=361d017240 items=0 ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.343:8): avc: denied { read } for pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwregd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.343:8): avc: denied { open } for pid=1112 comm="lwregd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwregd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.343:8): arch=c000003e syscall=2 success=yes exit=5 a0=361cb6372e a1=80000 a2=1ffffbf31283 a3=7fffefcc4590 items=0 ppid=1108 pid=1112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwregd" exe="/opt/likewise/sbin/lwregd" subj=system_u:system_r:lwregd_t:s0 key=(null)

type=AVC msg=audit(1328198423.667:9): avc: denied { getattr } for pid=1144 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db" dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198423.667:9): arch=c000003e syscall=4 success=yes exit=0 a0=40bc68 a1=7fff6b605a50 a2=7fff6b605a50 a3=7fff6b6057d0 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328198423.672:10): avc: denied { read } for pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:eventlogd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.672:10): avc: denied { open } for pid=1144 comm="eventlogd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:eventlogd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.672:10): arch=c000003e syscall=2 success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdad8181b a3=7fff6b605b10 items=0 ppid=1108 pid=1144 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328198423.748:11): avc: denied { read } for pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:netlogond_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.748:11): avc: denied { open } for pid=1152 comm="netlogond" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:netlogond_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.748:11): arch=c000003e syscall=2 success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffca9448f3 a3=7fff2a511e30 items=0 ppid=1108 pid=1152 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="netlogond" exe="/opt/likewise/sbin/netlogond" subj=system_u:system_r:netlogond_t:s0 key=(null)

type=AVC msg=audit(1328198423.936:12): avc: denied { read } for pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328198423.936:12): avc: denied { open } for pid=1164 comm="lwiod" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.936:12): arch=c000003e syscall=2 success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc42643f7 a3=7fff10990980 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)

type=AVC msg=audit(1328198423.945:13): avc: denied { setrlimit } for pid=1164 comm="lwiod" scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:system_r:lwiod_t:s0 tclass=process
type=AVC msg=audit(1328198423.945:13): avc: denied { sys_resource } for pid=1164 comm="lwiod" capability=24 scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:system_r:lwiod_t:s0 tclass=capability
type=SYSCALL msg=audit(1328198423.945:13): arch=c000003e syscall=160 success=yes exit=0 a0=7 a1=7fff10990e60 a2=7fff10990e10 a3=7fff10990b50 items=0 ppid=1108 pid=1164 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)

type=AVC msg=audit(1328198423.995:14): avc: denied { getattr } for pid=1142 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.995:14): arch=c000003e syscall=4 success=yes exit=0 a0=7f4894001368 a1=7f48ad2548d0 a2=7f48ad2548d0 a3=7f48ad254650 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198423.996:15): avc: denied { read } for pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328198423.996:15): avc: denied { open } for pid=1142 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395406 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328198423.996:15): arch=c000003e syscall=2 success=yes exit=11 a0=7f4894001368 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198424.023:16): avc: denied { getattr } for pid=1142 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.023:16): arch=c000003e syscall=4 success=yes exit=0 a0=7f4894001488 a1=7f48ad2548d0 a2=7f48ad2548d0 a3=0 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198424.027:17): avc: denied { read } for pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328198424.027:17): avc: denied { open } for pid=1142 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328198424.027:17): arch=c000003e syscall=2 success=yes exit=11 a0=7f4894001488 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1142 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328198424.259:18): avc: denied { read write } for pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=AVC msg=audit(1328198424.259:18): avc: denied { open } for pid=1151 comm="eventlogd" name="lwi_events.db" dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198424.259:18): arch=c000003e syscall=2 success=yes exit=9 a0=7f231c0013e0 a1=42 a2=1a4 a3=7f2341dd2030 items=0 ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328198424.260:19): avc: denied { lock } for pid=1151 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db" dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328198424.260:19): arch=c000003e syscall=72 success=yes exit=0 a0=9 a1=6 a2=7f2341dd20f0 a3=7f2341dd1e60 items=0 ppid=1108 pid=1151 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328198424.686:20): avc: denied { write } for pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=393091 scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:object_r:netlogond_var_socket_t: s0 tclass=sock_file
type=AVC msg=audit(1328198424.686:20): avc: denied { connectto } for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond" scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328198424.686:20): arch=c000003e syscall=42 success=yes exit=0 a0=a a1=7fdbec624450 a2=6e a3=10 items=0 ppid=1108 pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)

type=AVC msg=audit(1328200531.003:125): avc: denied { getattr } for pid=1486 comm="lsassd" path="/proc/1" dev=proc ino=7828 scontext=system_u:system_r:lsassd_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dir
type=SYSCALL msg=audit(1328200531.003:125): arch=c000003e syscall=4 success=yes exit=0 a0=7f88fc004bb0 a1=7f88e9ff5cf0 a2=7f88e9ff5cf0 a3=ffffffff items=0 ppid=1108 pid=1486 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lsassd" exe="/opt/likewise/sbin/lsassd" subj=system_u:system_r:lsassd_t:s0 key=(null)

type=AVC msg=audit(1328203469.508:201): avc: denied { getattr } for pid=2428 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.508:201): arch=c000003e syscall=4 success=yes exit=0 a0=7f4898000a18 a1=7f48adc558c0 a2=7f48adc558c0 a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203469.517:202): avc: denied { read } for pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203469.517:202): avc: denied { open } for pid=2428 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:202): arch=c000003e syscall=2 success=yes exit=4 a0=7f4898000a18 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203469.517:203): avc: denied { getattr } for pid=2428 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.517:203): arch=c000003e syscall=4 success=yes exit=0 a0=7f48980018f8 a1=7f48adc558c0 a2=7f48adc558c0 a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203469.518:204): avc: denied { read } for pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203469.518:204): avc: denied { open } for pid=2428 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203469.518:204): arch=c000003e syscall=2 success=yes exit=4 a0=7f48980018f8 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=2428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203534.221:9): avc: denied { getattr } for pid=1143 comm="eventlogd" path="/var/lib/likewise/db/lwi_events.db" dev=dm-0 ino=395386 scontext=system_u:system_r:eventlogd_t:s0 tcontext=unconfined_u:object_r:likewise_var_lib_t: s0 tclass=file
type=SYSCALL msg=audit(1328203534.221:9): arch=c000003e syscall=4 success=yes exit=0 a0=40bc68 a1=7fff7f6d2520 a2=7fff7f6d2520 a3=7fff7f6d22a0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328203534.223:10): avc: denied { read } for pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:eventlogd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.223:10): avc: denied { open } for pid=1143 comm="eventlogd" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:eventlogd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.223:10): arch=c000003e syscall=2 success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffdfdb4acf a3=7fff7f6d25e0 items=0 ppid=1108 pid=1143 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="eventlogd" exe="/opt/likewise/sbin/eventlogd" subj=system_u:system_r:eventlogd_t:s0 key=(null)

type=AVC msg=audit(1328203534.286:11): avc: denied { read } for pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:netlogond_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1328203534.286:11): avc: denied { open } for pid=1150 comm="netlogond" name="stat" dev=proc ino=4026532032 scontext=system_u:system_r:netlogond_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.286:11): arch=c000003e syscall=2 success=yes exit=4 a0=361cb6372e a1=80000 a2=1fffc0433b53 a3=7fff010ce7b0 items=0 ppid=1108 pid=1150 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="netlogond" exe="/opt/likewise/sbin/netlogond" subj=system_u:system_r:netlogond_t:s0 key=(null)

type=AVC msg=audit(1328203534.536:14): avc: denied { getattr } for pid=1141 comm="lwsmd" path="/var/lib/likewise/krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.536:14): arch=c000003e syscall=4 success=yes exit=0 a0=7f5e28001368 a1=7f5e33ffc8d0 a2=7f5e33ffc8d0 a3=7f5e33ffc650 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203534.538:15): avc: denied { read } for pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=AVC msg=audit(1328203534.538:15): avc: denied { open } for pid=1141 comm="lwsmd" name="krb5-affinity.conf" dev=dm-0 ino=395410 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:netlogond_var_lib_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.538:15): arch=c000003e syscall=2 success=yes exit=11 a0=7f5e28001368 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203534.556:16): avc: denied { getattr } for pid=1141 comm="lwsmd" path="/etc/likewise/likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.556:16): arch=c000003e syscall=4 success=yes exit=0 a0=7f5e28001488 a1=7f5e33ffc8d0 a2=7f5e33ffc8d0 a3=0 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203534.557:17): avc: denied { read } for pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=AVC msg=audit(1328203534.557:17): avc: denied { open } for pid=1141 comm="lwsmd" name="likewise-krb5-ad.conf" dev=dm-0 ino=786321 scontext=system_u:system_r:lwsmd_t:s0 tcontext=system_u:object_r:likewise_krb5_ad_t:s0 tclass=file
type=SYSCALL msg=audit(1328203534.557:17): arch=c000003e syscall=2 success=yes exit=11 a0=7f5e28001488 a1=0 a2=1b6 a3=0 items=0 ppid=1 pid=1141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwsmd" exe="/opt/likewise/sbin/lwsmd" subj=system_u:system_r:lwsmd_t:s0 key=(null)

type=AVC msg=audit(1328203535.270:20): avc: denied { write } for pid=1165 comm="lwiod" name=".netlogond" dev=dm-0 ino=394189 scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:object_r:netlogond_var_socket_t: s0 tclass=sock_file
type=AVC msg=audit(1328203535.270:20): avc: denied { connectto } for pid=1165 comm="lwiod" path="/var/lib/likewise/.netlogond" scontext=system_u:system_r:lwiod_t:s0 tcontext=system_u:system_r:netlogond_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1328203535.270:20): arch=c000003e syscall=42 success=yes exit=0 a0=a a1=7fa6e0f14450 a2=6e a3=10 items=0 ppid=1108 pid=1165 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lwiod" exe="/opt/likewise/sbin/lwiod" subj=system_u:system_r:lwiod_t:s0 key=(null)


--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux


All times are GMT. The time now is 04:58 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.