FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Hardened

 
 
LinkBack Thread Tools
 
Old 06-23-2011, 06:45 PM
"Dave"
 
Default SELinux and KDE4.6.3

Hi,

sorry for not responding to the message id. Some problmes with the
webinterface.

"Anthony G. Basile" <basile@opensource.dyc.edu>:

> On 06/23/2011 10:18 AM, Dave wrote:
> > Hi all,
> >
> > I've Gentoo with KDE4.5.3 and SELinux enforcing targeted enabled
> > plus grsecurity working fine. But KDE4.6.3 on a new system has
> > difficulties starting dolphin, konqueror and switching from classic
> > KMenu's style to modern isn't possible.
> > Can anybody give kindly me a hint?
> >
> > If SELinux is disabled then it's working fine.
> >
> > acl.log was used to build *.pp semodules (audit2allow). But these
> > KDE's applications still won't worked.
> >
> >
> > Best regards
> >
> > Dave
> >
> >
>
> Can you give us the audit logs?

cat avc.log >>

Jun 22 14:49:20 localhost kernel: [ 47.997105] type=1400
audit(1308746960.495:3): avc: denied { write } for pid=5004 comm="rc"
name="exclusive" dev=tmpfs ino=4191 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 14:49:20 localhost kernel: [ 47.997118] type=1400
audit(1308746960.495:4): avc: denied { add_name } for pid=5004
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 14:49:20 localhost kernel: [ 47.997133] type=1400
audit(1308746960.495:5): avc: denied { create } for pid=5004
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 14:49:20 localhost kernel: [ 47.997150] type=1400
audit(1308746960.495:6): avc: denied { write } for pid=5004 comm="rc"
name="openvpn" dev=tmpfs ino=8836 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 14:49:20 localhost kernel: [ 47.997164] type=1400
audit(1308746960.495:7): avc: denied { lock } for pid=5004 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=8836
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 14:49:20 localhost kernel: [ 47.997196] type=1400
audit(1308746960.495:8): avc: denied { create } for pid=5004
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 22 14:49:20 localhost kernel: [ 47.997238] type=1400
audit(1308746960.495:9): avc: denied { remove_name } for pid=5004
comm="rc" name="openvpn" dev=tmpfs ino=8405
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 14:49:20 localhost kernel: [ 47.997248] type=1400
audit(1308746960.495:10): avc: denied { unlink } for pid=5004
comm="rc" name="openvpn" dev=tmpfs ino=8405
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 22 14:49:20 localhost kernel: [ 48.000853] type=1400
audit(1308746960.498:11): avc: denied { read } for pid=5004 comm="rc"
name="scheduled" dev=tmpfs ino=4192 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 14:49:42 localhost kernel: [ 69.508141] type=1400
audit(1308746982.006:14): avc: denied { read } for pid=5154
comm="hdparm" name="sda" dev=tmpfs ino=5936
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 22 14:49:42 localhost kernel: [ 69.508155] type=1400
audit(1308746982.006:15): avc: denied { open } for pid=5154
comm="hdparm" name="sda" dev=tmpfs ino=5936
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 22 14:49:42 localhost kernel: [ 69.508247] type=1400
audit(1308746982.006:16): avc: denied { ioctl } for pid=5154
comm="hdparm" path="/dev/sda" dev=tmpfs ino=5936
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 22 14:49:43 localhost kernel: [ 70.910072] type=1400
audit(1308746983.408:17): avc: denied { getattr } for pid=5175
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 22 14:49:43 localhost kernel: [ 70.910196] type=1400
audit(1308746983.408:18): avc: denied { read } for pid=5175
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 22 14:49:43 localhost kernel: [ 70.910224] type=1400
audit(1308746983.408:19): avc: denied { open } for pid=5175
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 22 14:49:43 localhost kernel: [ 70.910376] type=1400
audit(1308746983.408:20): avc: denied { lock } for pid=5175
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 22 14:49:43 localhost kernel: [ 70.997489] type=1400
audit(1308746983.495:21): avc: denied { sys_ptrace } for pid=5175
comm="backlighthelper" capability=19
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:system_dbusd_t tclass=capability
Jun 22 14:49:44 localhost kernel: [ 72.088291] type=1400
audit(1308746984.586:22): avc: denied { setsched } for pid=5173
comm="mount" scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:kernel_t tclass=process
Jun 22 14:49:44 localhost kernel: [ 72.088361] type=1400
audit(1308746984.586:23): avc: denied { write } for pid=5173
comm="mount" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:root_t tclass=dir
Jun 22 14:54:02 localhost kernel: [ 330.010469] type=1400
audit(1308747242.508:55): avc: denied { getattr } for pid=5812
comm="rc" path="/lib64/rc/init.d/rc.stopping" dev=tmpfs ino=22405
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 14:54:02 localhost kernel: [ 330.082303] type=1400
audit(1308747242.580:56): avc: denied { remove_name } for pid=4797
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_ubject_r:default_t
tclass=dir
Jun 22 14:54:02 localhost kernel: [ 330.084307] type=1400
audit(1308747242.582:57): avc: denied { remove_name } for pid=4797
comm="named" name="named.pid" dev=dm-1 ino=393267
scontext=system_u:system_r:named_t tcontext=system_ubject_r:default_t
tclass=dir
Jun 22 14:54:03 localhost kernel: [ 330.517298] type=1400
audit(1308747243.015:58): avc: denied { unlink } for pid=4649
comm="dhcpcd" name="dhcpcd.sock" dev=dm-1 ino=262207
scontext=system_u:system_r:dhcpc_t tcontext=system_ubject_r:var_run_t
tclass=sock_file
Jun 22 14:54:03 localhost kernel: [ 330.553092] type=1400
audit(1308747243.050:59): avc: denied { write } for pid=6142
comm="iptables-save" path="/var/lib/iptables/rules-save" dev=dm-1
ino=265407 scontext=system_u:system_r:iptables_t
tcontext=system_ubject_r:var_lib_t tclass=file
Jun 22 16:30:19 localhost kernel: [ 43.829172] type=1400
audit(1308753019.339:3): avc: denied { remove_name } for pid=4811
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_ubject_r:default_t
tclass=dir
Jun 22 16:30:19 localhost kernel: [ 43.829201] type=1400
audit(1308753019.339:4): avc: denied { unlink } for pid=4811
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_ubject_r:default_t
tclass=file
Jun 22 16:30:29 localhost kernel: [ 54.212785] type=1400
audit(1308753029.722:5): avc: denied { write } for pid=5026 comm="rc"
name="exclusive" dev=tmpfs ino=4191 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 16:30:29 localhost kernel: [ 54.212794] type=1400
audit(1308753029.722:6): avc: denied { add_name } for pid=5026
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 16:30:29 localhost kernel: [ 54.212805] type=1400
audit(1308753029.722:7): avc: denied { create } for pid=5026
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 16:30:29 localhost kernel: [ 54.212816] type=1400
audit(1308753029.722:8): avc: denied { write } for pid=5026 comm="rc"
name="openvpn" dev=tmpfs ino=9101 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 16:30:29 localhost kernel: [ 54.212826] type=1400
audit(1308753029.722:9): avc: denied { lock } for pid=5026 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=9101
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 16:30:29 localhost kernel: [ 54.212849] type=1400
audit(1308753029.722:10): avc: denied { create } for pid=5026
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 22 16:30:29 localhost kernel: [ 54.212876] type=1400
audit(1308753029.722:11): avc: denied { remove_name } for pid=5026
comm="rc" name="openvpn" dev=tmpfs ino=8516
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 16:30:29 localhost kernel: [ 54.212883] type=1400
audit(1308753029.722:12): avc: denied { unlink } for pid=5026
comm="rc" name="openvpn" dev=tmpfs ino=8516
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 22 16:30:29 localhost kernel: [ 54.215757] type=1400
audit(1308753029.725:13): avc: denied { read } for pid=5026 comm="rc"
name="scheduled" dev=tmpfs ino=4192 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 16:30:29 localhost kernel: [ 54.215765] type=1400
audit(1308753029.725:14): avc: denied { open } for pid=5026 comm="rc"
name="scheduled" dev=tmpfs ino=4192 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 16:30:38 localhost kernel: [ 63.241980] type=1400
audit(1308753038.751:16): avc: denied { getattr } for pid=5235
comm="rc" path="/lib64/rc/init.d/rc.stopping" dev=tmpfs ino=11492
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 16:30:39 localhost kernel: [ 63.835651] type=1400
audit(1308753039.345:17): avc: denied { unlink } for pid=4678
comm="dhcpcd" name="dhcpcd.sock" dev=dm-1 ino=262207
scontext=system_u:system_r:dhcpc_t tcontext=system_ubject_r:var_run_t
tclass=sock_file
Jun 22 16:30:39 localhost kernel: [ 63.876428] type=1400
audit(1308753039.386:18): avc: denied { write } for pid=5567
comm="iptables-save" path="/var/lib/iptables/rules-save" dev=dm-1
ino=265407 scontext=system_u:system_r:iptables_t
tcontext=system_ubject_r:var_lib_t tclass=file
Jun 22 21:15:06 localhost kernel: [ 50.638368] type=1400
audit(1308770106.832:3): avc: denied { write } for pid=5028 comm="rc"
name="exclusive" dev=tmpfs ino=4199 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 21:15:06 localhost kernel: [ 50.638376] type=1400
audit(1308770106.832:4): avc: denied { add_name } for pid=5028
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 21:15:06 localhost kernel: [ 50.638387] type=1400
audit(1308770106.832:5): avc: denied { create } for pid=5028
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 21:15:06 localhost kernel: [ 50.638398] type=1400
audit(1308770106.832:6): avc: denied { write } for pid=5028 comm="rc"
name="openvpn" dev=tmpfs ino=9100 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 21:15:06 localhost kernel: [ 50.638407] type=1400
audit(1308770106.832:7): avc: denied { lock } for pid=5028 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=9100
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 22 21:15:06 localhost kernel: [ 50.638430] type=1400
audit(1308770106.832:8): avc: denied { create } for pid=5028
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 22 21:15:06 localhost kernel: [ 50.638460] type=1400
audit(1308770106.832:9): avc: denied { remove_name } for pid=5028
comm="rc" name="openvpn" dev=tmpfs ino=8484
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 21:15:06 localhost kernel: [ 50.638466] type=1400
audit(1308770106.832:10): avc: denied { unlink } for pid=5028
comm="rc" name="openvpn" dev=tmpfs ino=8484
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 22 21:15:06 localhost kernel: [ 50.641329] type=1400
audit(1308770106.835:11): avc: denied { read } for pid=5028 comm="rc"
name="scheduled" dev=tmpfs ino=4200 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 22 21:15:15 localhost kernel: [ 59.156229] type=1400
audit(1308770115.349:14): avc: denied { read } for pid=5184
comm="hdparm" name="sda" dev=tmpfs ino=6011
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 22 21:15:15 localhost kernel: [ 59.156261] type=1400
audit(1308770115.349:15): avc: denied { open } for pid=5184
comm="hdparm" name="sda" dev=tmpfs ino=6011
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 22 21:15:15 localhost kernel: [ 59.156437] type=1400
audit(1308770115.349:16): avc: denied { ioctl } for pid=5184
comm="hdparm" path="/dev/sda" dev=tmpfs ino=6011
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 22 21:15:16 localhost kernel: [ 60.616409] type=1400
audit(1308770116.810:17): avc: denied { getattr } for pid=5205
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 22 21:15:16 localhost kernel: [ 60.616533] type=1400
audit(1308770116.810:18): avc: denied { read } for pid=5205
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 22 21:15:16 localhost kernel: [ 60.616562] type=1400
audit(1308770116.810:19): avc: denied { open } for pid=5205
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 22 21:15:16 localhost kernel: [ 60.616714] type=1400
audit(1308770116.810:20): avc: denied { lock } for pid=5205
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 22 21:15:16 localhost kernel: [ 60.697908] type=1400
audit(1308770116.891:21): avc: denied { sys_ptrace } for pid=5205
comm="backlighthelper" capability=19
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:system_dbusd_t tclass=capability
Jun 22 21:15:18 localhost kernel: [ 62.385721] type=1400
audit(1308770118.579:22): avc: denied { setsched } for pid=5203
comm="mount" scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:kernel_t tclass=process
Jun 22 21:15:18 localhost kernel: [ 62.385793] type=1400
audit(1308770118.579:23): avc: denied { write } for pid=5203
comm="mount" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:root_t tclass=dir
Jun 23 08:31:46 localhost kernel: [ 50.188833] type=1400
audit(1308810706.673:3): avc: denied { remove_name } for pid=4844
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_ubject_r:default_t
tclass=dir
Jun 23 08:31:46 localhost kernel: [ 50.188840] type=1400
audit(1308810706.673:4): avc: denied { unlink } for pid=4844
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_ubject_r:default_t
tclass=file
Jun 23 08:31:57 localhost kernel: [ 61.274941] type=1400
audit(1308810717.759:5): avc: denied { write } for pid=5059 comm="rc"
name="exclusive" dev=tmpfs ino=4201 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 08:31:57 localhost kernel: [ 61.274950] type=1400
audit(1308810717.759:6): avc: denied { add_name } for pid=5059
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 08:31:57 localhost kernel: [ 61.274961] type=1400
audit(1308810717.759:7): avc: denied { create } for pid=5059
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 23 08:31:57 localhost kernel: [ 61.274973] type=1400
audit(1308810717.759:8): avc: denied { write } for pid=5059 comm="rc"
name="openvpn" dev=tmpfs ino=9042 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 23 08:31:57 localhost kernel: [ 61.274982] type=1400
audit(1308810717.759:9): avc: denied { lock } for pid=5059 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=9042
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 23 08:31:57 localhost kernel: [ 61.275018] type=1400
audit(1308810717.760:10): avc: denied { create } for pid=5059
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 23 08:31:57 localhost kernel: [ 61.275048] type=1400
audit(1308810717.760:11): avc: denied { remove_name } for pid=5059
comm="rc" name="openvpn" dev=tmpfs ino=8454
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 08:31:57 localhost kernel: [ 61.275056] type=1400
audit(1308810717.760:12): avc: denied { unlink } for pid=5059
comm="rc" name="openvpn" dev=tmpfs ino=8454
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 23 08:31:57 localhost kernel: [ 61.277195] type=1400
audit(1308810717.762:13): avc: denied { read } for pid=5059 comm="rc"
name="scheduled" dev=tmpfs ino=4202 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 08:31:57 localhost kernel: [ 61.277203] type=1400
audit(1308810717.762:14): avc: denied { open } for pid=5059 comm="rc"
name="scheduled" dev=tmpfs ino=4202 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 08:32:08 localhost kernel: [ 71.793957] type=1400
audit(1308810728.278:16): avc: denied { read } for pid=5216
comm="hdparm" name="sda" dev=tmpfs ino=5962
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 08:32:08 localhost kernel: [ 71.793971] type=1400
audit(1308810728.278:17): avc: denied { open } for pid=5216
comm="hdparm" name="sda" dev=tmpfs ino=5962
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 08:32:08 localhost kernel: [ 71.794063] type=1400
audit(1308810728.279:18): avc: denied { ioctl } for pid=5216
comm="hdparm" path="/dev/sda" dev=tmpfs ino=5962
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 08:32:09 localhost kernel: [ 73.252952] type=1400
audit(1308810729.737:19): avc: denied { getattr } for pid=5237
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 23 08:32:09 localhost kernel: [ 73.253116] type=1400
audit(1308810729.738:20): avc: denied { read } for pid=5237
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 23 08:32:09 localhost kernel: [ 73.253147] type=1400
audit(1308810729.738:21): avc: denied { open } for pid=5237
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 23 08:32:09 localhost kernel: [ 73.253311] type=1400
audit(1308810729.738:22): avc: denied { lock } for pid=5237
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 23 08:32:09 localhost kernel: [ 73.388517] type=1400
audit(1308810729.873:23): avc: denied { sys_ptrace } for pid=5237
comm="backlighthelper" capability=19
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:system_dbusd_t tclass=capability
Jun 23 08:32:11 localhost kernel: [ 74.992397] type=1400
audit(1308810731.477:24): avc: denied { setsched } for pid=5234
comm="mount" scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:kernel_t tclass=process
Jun 23 08:32:11 localhost kernel: [ 74.992466] type=1400
audit(1308810731.477:25): avc: denied { write } for pid=5234
comm="mount" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:root_t tclass=dir
Jun 23 09:02:08 localhost kernel: [ 1872.104693] type=1400
audit(1308812528.589:57): avc: denied { read } for pid=5685
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:02:08 localhost kernel: [ 1872.107313] type=1400
audit(1308812528.592:58): avc: denied { read } for pid=5686
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:02:08 localhost kernel: [ 1872.111068] type=1400
audit(1308812528.596:59): avc: denied { read } for pid=5687
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:32:08 localhost kernel: [ 3672.052754] type=1400
audit(1308814328.537:60): avc: denied { read } for pid=6023
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:32:08 localhost kernel: [ 3672.055482] type=1400
audit(1308814328.540:61): avc: denied { read } for pid=6024
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:32:08 localhost kernel: [ 3672.059116] type=1400
audit(1308814328.544:62): avc: denied { read } for pid=6025
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:02:08 localhost kernel: [ 5472.102715] type=1400
audit(1308816128.587:63): avc: denied { read } for pid=6026
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:02:08 localhost kernel: [ 5472.105460] type=1400
audit(1308816128.590:64): avc: denied { read } for pid=6027
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:02:08 localhost kernel: [ 5472.105868] type=1400
audit(1308816128.590:65): avc: denied { read } for pid=6028
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:32:08 localhost kernel: [ 7272.030120] type=1400
audit(1308817928.515:66): avc: denied { read } for pid=6364
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:32:08 localhost kernel: [ 7272.032737] type=1400
audit(1308817928.517:67): avc: denied { read } for pid=6365
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:32:08 localhost kernel: [ 7272.034976] type=1400
audit(1308817928.519:68): avc: denied { read } for pid=6366
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:02:08 localhost kernel: [ 9072.102776] type=1400
audit(1308819728.587:69): avc: denied { read } for pid=6702
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:02:08 localhost kernel: [ 9072.105599] type=1400
audit(1308819728.590:70): avc: denied { read } for pid=6703
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:02:08 localhost kernel: [ 9072.105907] type=1400
audit(1308819728.590:71): avc: denied { read } for pid=6704
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:32:08 localhost kernel: [10872.030082] type=1400
audit(1308821528.515:72): avc: denied { read } for pid=6705
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:32:08 localhost kernel: [10872.032816] type=1400
audit(1308821528.517:73): avc: denied { read } for pid=6706
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:32:08 localhost kernel: [10872.034959] type=1400
audit(1308821528.519:74): avc: denied { read } for pid=6707
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:02:08 localhost kernel: [12672.030117] type=1400
audit(1308823328.515:75): avc: denied { read } for pid=7043
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:02:08 localhost kernel: [12672.032815] type=1400
audit(1308823328.517:76): avc: denied { read } for pid=7044
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:02:08 localhost kernel: [12672.034887] type=1400
audit(1308823328.519:77): avc: denied { read } for pid=7045
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:21:20 localhost kernel: [13824.223192] type=1400
audit(1308824480.708:78): avc: denied { read } for pid=7061 comm="rc"
name="inactive" dev=tmpfs ino=4195 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 12:21:20 localhost kernel: [13824.223235] type=1400
audit(1308824480.708:79): avc: denied { read } for pid=7061 comm="rc"
name="started" dev=tmpfs ino=4193 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 12:31:30 localhost kernel: [14434.278297] type=1400
audit(1308825090.763:80): avc: denied { remove_name } for pid=4844
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_ubject_r:default_t
tclass=dir
Jun 23 12:31:30 localhost kernel: [14434.282222] type=1400
audit(1308825090.767:81): avc: denied { remove_name } for pid=4844
comm="named" name="named.pid" dev=dm-1 ino=393267
scontext=system_u:system_r:named_t tcontext=system_ubject_r:default_t
tclass=dir
Jun 23 12:32:08 localhost kernel: [14472.033325] type=1400
audit(1308825128.518:82): avc: denied { read } for pid=7583
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:32:08 localhost kernel: [14472.036627] type=1400
audit(1308825128.521:83): avc: denied { read } for pid=7584
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:32:08 localhost kernel: [14472.038606] type=1400
audit(1308825128.523:84): avc: denied { read } for pid=7585
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:45:57 localhost kernel: [15301.235793] type=1400
audit(1308825957.720:86): avc: denied { getattr } for pid=8106
comm="rc" path="/lib64/rc/init.d/rc.stopping" dev=tmpfs ino=2069206
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 12:45:58 localhost kernel: [15301.844610] type=1400
audit(1308825958.329:87): avc: denied { unlink } for pid=4711
comm="dhcpcd" name="dhcpcd.sock" dev=dm-1 ino=262251
scontext=system_u:system_r:dhcpc_t tcontext=system_ubject_r:var_run_t
tclass=sock_file
Jun 23 12:45:58 localhost kernel: [15301.885416] type=1400
audit(1308825958.370:88): avc: denied { write } for pid=8442
comm="iptables-save" path="/var/lib/iptables/rules-save" dev=dm-1
ino=265407 scontext=system_u:system_r:iptables_t
tcontext=system_ubject_r:var_lib_t tclass=file
Jun 23 18:15:43 localhost kernel: [ 49.588313] type=1400
audit(1308845743.550:3): avc: denied { write } for pid=5016 comm="rc"
name="exclusive" dev=tmpfs ino=4197 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 18:15:43 localhost kernel: [ 49.588320] type=1400
audit(1308845743.550:4): avc: denied { add_name } for pid=5016
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 18:15:43 localhost kernel: [ 49.588332] type=1400
audit(1308845743.550:5): avc: denied { create } for pid=5016
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 23 18:15:43 localhost kernel: [ 49.588343] type=1400
audit(1308845743.550:6): avc: denied { write } for pid=5016 comm="rc"
name="openvpn" dev=tmpfs ino=9008 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 23 18:15:43 localhost kernel: [ 49.588352] type=1400
audit(1308845743.550:7): avc: denied { lock } for pid=5016 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=9008
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=file
Jun 23 18:15:43 localhost kernel: [ 49.588375] type=1400
audit(1308845743.550:8): avc: denied { create } for pid=5016
comm="rc" name="openvpn" scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 23 18:15:43 localhost kernel: [ 49.588402] type=1400
audit(1308845743.550:9): avc: denied { remove_name } for pid=5016
comm="rc" name="openvpn" dev=tmpfs ino=8396
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 18:15:43 localhost kernel: [ 49.588409] type=1400
audit(1308845743.550:10): avc: denied { unlink } for pid=5016
comm="rc" name="openvpn" dev=tmpfs ino=8396
scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=lnk_file
Jun 23 18:15:43 localhost kernel: [ 49.590573] type=1400
audit(1308845743.552:11): avc: denied { read } for pid=5016 comm="rc"
name="scheduled" dev=tmpfs ino=4198 scontext=system_u:system_rpenvpn_t
tcontext=system_ubject_r:initrc_state_t tclass=dir
Jun 23 18:15:53 localhost kernel: [ 59.673716] type=1400
audit(1308845753.635:14): avc: denied { read } for pid=5173
comm="hdparm" name="sda" dev=tmpfs ino=5916
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 18:15:53 localhost kernel: [ 59.673730] type=1400
audit(1308845753.635:15): avc: denied { open } for pid=5173
comm="hdparm" name="sda" dev=tmpfs ino=5916
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 18:15:53 localhost kernel: [ 59.673823] type=1400
audit(1308845753.635:16): avc: denied { ioctl } for pid=5173
comm="hdparm" path="/dev/sda" dev=tmpfs ino=5916
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:fixed_disk_device_t tclass=blk_file
Jun 23 18:15:54 localhost kernel: [ 60.859364] type=1400
audit(1308845754.821:17): avc: denied { getattr } for pid=5194
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 23 18:15:54 localhost kernel: [ 60.859487] type=1400
audit(1308845754.821:18): avc: denied { read } for pid=5194
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 23 18:15:54 localhost kernel: [ 60.859518] type=1400
audit(1308845754.821:19): avc: denied { open } for pid=5194
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 23 18:15:54 localhost kernel: [ 60.859672] type=1400
audit(1308845754.821:20): avc: denied { lock } for pid=5194
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:default_t tclass=file
Jun 23 18:15:54 localhost kernel: [ 60.913152] type=1400
audit(1308845754.875:21): avc: denied { sys_ptrace } for pid=5194
comm="backlighthelper" capability=19
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:system_dbusd_t tclass=capability
Jun 23 18:15:56 localhost kernel: [ 62.858743] type=1400
audit(1308845756.820:22): avc: denied { setsched } for pid=5192
comm="mount" scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:kernel_t tclass=process
Jun 23 18:15:56 localhost kernel: [ 62.858808] type=1400
audit(1308845756.820:23): avc: denied { write } for pid=5192
comm="mount" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:system_dbusd_t
tcontext=system_ubject_r:root_t tclass=dir


--
http://www.fastmail.fm - One of many happy users:
http://www.fastmail.fm/docs/quotes.html
 
Old 06-24-2011, 04:02 PM
"Dave"
 
Default SELinux and KDE4.6.3

Hi,

it is the dbus not working properly.

with (SELinux disabled)

/etc/init.d/dbus restart

then

setenforce=1

these KDE's applications now working fine.


--
Rgds,
Dave



--
http://www.fastmail.fm - Choose from over 50 domains or use your own
 
Old 06-24-2011, 07:05 PM
Sven Vermeulen
 
Default SELinux and KDE4.6.3

On Fri, Jun 24, 2011 at 6:02 PM, Dave <mailintern@123mail.org> wrote:

it is the dbus not working properly.



with (SELinux disabled)



/etc/init.d/dbus restart



then



setenforce=1



these KDE's applications now working fine.

With "SELinux disabled" you mean "SELinux in permissive mode", right?

Could you
- setenforce 0
- /etc/init.d/dbus stop

- setenforce 1
- clear avc.log
- /etc/init.d/dbus start

And then send in your avc.log file? The excerpt you pasted earlier is too big and spans multiple days, so is probably an amalgamation of different issues (cosmetic or not).


Wkr,
* Sven Vermeulen
 
Old 06-25-2011, 01:34 PM
"Dave"
 
Default SELinux and KDE4.6.3

On Fri, 24 Jun 2011 21:05:25 +0200
Sven Vermeulen <sven.vermeulen@siphos.be> wrote:

> On Fri, Jun 24, 2011 at 6:02 PM, Dave <mailintern@123mail.org> wrote:
>
> > it is the dbus not working properly.
> >
> > with (SELinux disabled)
> >
> > /etc/init.d/dbus restart
> >
> > then
> >
> > setenforce=1
> >
> > these KDE's applications now working fine.
> >
>
> With "SELinux disabled" you mean "SELinux in permissive mode", right?

NO, later I found out that it doesn't matter if SELinux is enabled or
not.

Restarting dbus makes Dolphin, Konqueror and modern KMenu working with
SELinux enabled (targeted)
and a 'hardened/linux/amd64/no-multilib/selinux' Profile.

> Could you
> - setenforce 0
> - /etc/init.d/dbus stop
> - setenforce 1
> - clear avc.log
> - /etc/init.d/dbus start
>
> And then send in your avc.log file? The excerpt you pasted earlier is
> too big and spans multiple days, so is probably an amalgamation of
> different issues (cosmetic or not).

If've just tried it, but no entries in avc.log since restarting dbus.

--
Rgds,
Dave



--
http://www.fastmail.fm - IMAP accessible web-mail
 

Thread Tools




All times are GMT. The time now is 09:33 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org