* [gentoo-hardened] SELinux and KDE4.6.3
@ 2011-06-23 14:18 Dave
2011-06-23 17:08 ` Anthony G. Basile
0 siblings, 1 reply; 3+ messages in thread
From: Dave @ 2011-06-23 14:18 UTC (permalink / raw
To: gentoo-hardened
Hi all,
I've Gentoo with KDE4.5.3 and SELinux enforcing targeted enabled plus
grsecurity working fine. But KDE4.6.3 on a new system has difficulties
starting dolphin, konqueror and switching from classic KMenu's style to
modern isn't possible.
Can anybody give kindly me a hint?
If SELinux is disabled then it's working fine.
acl.log was used to build *.pp semodules (audit2allow). But these KDE's
applications still won't worked.
Best regards
Dave
--
http://www.fastmail.fm - One of many happy users:
http://www.fastmail.fm/docs/quotes.html
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [gentoo-hardened] SELinux and KDE4.6.3
2011-06-23 14:18 Dave
@ 2011-06-23 17:08 ` Anthony G. Basile
0 siblings, 0 replies; 3+ messages in thread
From: Anthony G. Basile @ 2011-06-23 17:08 UTC (permalink / raw
To: gentoo-hardened
On 06/23/2011 10:18 AM, Dave wrote:
> Hi all,
>
> I've Gentoo with KDE4.5.3 and SELinux enforcing targeted enabled plus
> grsecurity working fine. But KDE4.6.3 on a new system has difficulties
> starting dolphin, konqueror and switching from classic KMenu's style to
> modern isn't possible.
> Can anybody give kindly me a hint?
>
> If SELinux is disabled then it's working fine.
>
> acl.log was used to build *.pp semodules (audit2allow). But these KDE's
> applications still won't worked.
>
>
> Best regards
>
> Dave
>
>
Can you give us the audit logs?
--
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [gentoo-hardened] SELinux and KDE4.6.3
@ 2011-06-23 18:45 Dave
0 siblings, 0 replies; 3+ messages in thread
From: Dave @ 2011-06-23 18:45 UTC (permalink / raw
To: gentoo-hardened
Hi,
sorry for not responding to the message id. Some problmes with the
webinterface.
"Anthony G. Basile" <basile@opensource.dyc.edu>:
> On 06/23/2011 10:18 AM, Dave wrote:
> > Hi all,
> >
> > I've Gentoo with KDE4.5.3 and SELinux enforcing targeted enabled
> > plus grsecurity working fine. But KDE4.6.3 on a new system has
> > difficulties starting dolphin, konqueror and switching from classic
> > KMenu's style to modern isn't possible.
> > Can anybody give kindly me a hint?
> >
> > If SELinux is disabled then it's working fine.
> >
> > acl.log was used to build *.pp semodules (audit2allow). But these
> > KDE's applications still won't worked.
> >
> >
> > Best regards
> >
> > Dave
> >
> >
>
> Can you give us the audit logs?
cat avc.log >>
Jun 22 14:49:20 localhost kernel: [ 47.997105] type=1400
audit(1308746960.495:3): avc: denied { write } for pid=5004 comm="rc"
name="exclusive" dev=tmpfs ino=4191 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 14:49:20 localhost kernel: [ 47.997118] type=1400
audit(1308746960.495:4): avc: denied { add_name } for pid=5004
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 14:49:20 localhost kernel: [ 47.997133] type=1400
audit(1308746960.495:5): avc: denied { create } for pid=5004
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 14:49:20 localhost kernel: [ 47.997150] type=1400
audit(1308746960.495:6): avc: denied { write } for pid=5004 comm="rc"
name="openvpn" dev=tmpfs ino=8836 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 14:49:20 localhost kernel: [ 47.997164] type=1400
audit(1308746960.495:7): avc: denied { lock } for pid=5004 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=8836
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 14:49:20 localhost kernel: [ 47.997196] type=1400
audit(1308746960.495:8): avc: denied { create } for pid=5004
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 22 14:49:20 localhost kernel: [ 47.997238] type=1400
audit(1308746960.495:9): avc: denied { remove_name } for pid=5004
comm="rc" name="openvpn" dev=tmpfs ino=8405
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 14:49:20 localhost kernel: [ 47.997248] type=1400
audit(1308746960.495:10): avc: denied { unlink } for pid=5004
comm="rc" name="openvpn" dev=tmpfs ino=8405
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 22 14:49:20 localhost kernel: [ 48.000853] type=1400
audit(1308746960.498:11): avc: denied { read } for pid=5004 comm="rc"
name="scheduled" dev=tmpfs ino=4192 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 14:49:42 localhost kernel: [ 69.508141] type=1400
audit(1308746982.006:14): avc: denied { read } for pid=5154
comm="hdparm" name="sda" dev=tmpfs ino=5936
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 22 14:49:42 localhost kernel: [ 69.508155] type=1400
audit(1308746982.006:15): avc: denied { open } for pid=5154
comm="hdparm" name="sda" dev=tmpfs ino=5936
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 22 14:49:42 localhost kernel: [ 69.508247] type=1400
audit(1308746982.006:16): avc: denied { ioctl } for pid=5154
comm="hdparm" path="/dev/sda" dev=tmpfs ino=5936
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 22 14:49:43 localhost kernel: [ 70.910072] type=1400
audit(1308746983.408:17): avc: denied { getattr } for pid=5175
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 22 14:49:43 localhost kernel: [ 70.910196] type=1400
audit(1308746983.408:18): avc: denied { read } for pid=5175
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 22 14:49:43 localhost kernel: [ 70.910224] type=1400
audit(1308746983.408:19): avc: denied { open } for pid=5175
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 22 14:49:43 localhost kernel: [ 70.910376] type=1400
audit(1308746983.408:20): avc: denied { lock } for pid=5175
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 22 14:49:43 localhost kernel: [ 70.997489] type=1400
audit(1308746983.495:21): avc: denied { sys_ptrace } for pid=5175
comm="backlighthelper" capability=19
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:system_dbusd_t tclass=capability
Jun 22 14:49:44 localhost kernel: [ 72.088291] type=1400
audit(1308746984.586:22): avc: denied { setsched } for pid=5173
comm="mount" scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:kernel_t tclass=process
Jun 22 14:49:44 localhost kernel: [ 72.088361] type=1400
audit(1308746984.586:23): avc: denied { write } for pid=5173
comm="mount" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:root_t tclass=dir
Jun 22 14:54:02 localhost kernel: [ 330.010469] type=1400
audit(1308747242.508:55): avc: denied { getattr } for pid=5812
comm="rc" path="/lib64/rc/init.d/rc.stopping" dev=tmpfs ino=22405
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 14:54:02 localhost kernel: [ 330.082303] type=1400
audit(1308747242.580:56): avc: denied { remove_name } for pid=4797
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_u:object_r:default_t
tclass=dir
Jun 22 14:54:02 localhost kernel: [ 330.084307] type=1400
audit(1308747242.582:57): avc: denied { remove_name } for pid=4797
comm="named" name="named.pid" dev=dm-1 ino=393267
scontext=system_u:system_r:named_t tcontext=system_u:object_r:default_t
tclass=dir
Jun 22 14:54:03 localhost kernel: [ 330.517298] type=1400
audit(1308747243.015:58): avc: denied { unlink } for pid=4649
comm="dhcpcd" name="dhcpcd.sock" dev=dm-1 ino=262207
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t
tclass=sock_file
Jun 22 14:54:03 localhost kernel: [ 330.553092] type=1400
audit(1308747243.050:59): avc: denied { write } for pid=6142
comm="iptables-save" path="/var/lib/iptables/rules-save" dev=dm-1
ino=265407 scontext=system_u:system_r:iptables_t
tcontext=system_u:object_r:var_lib_t tclass=file
Jun 22 16:30:19 localhost kernel: [ 43.829172] type=1400
audit(1308753019.339:3): avc: denied { remove_name } for pid=4811
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_u:object_r:default_t
tclass=dir
Jun 22 16:30:19 localhost kernel: [ 43.829201] type=1400
audit(1308753019.339:4): avc: denied { unlink } for pid=4811
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_u:object_r:default_t
tclass=file
Jun 22 16:30:29 localhost kernel: [ 54.212785] type=1400
audit(1308753029.722:5): avc: denied { write } for pid=5026 comm="rc"
name="exclusive" dev=tmpfs ino=4191 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 16:30:29 localhost kernel: [ 54.212794] type=1400
audit(1308753029.722:6): avc: denied { add_name } for pid=5026
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 16:30:29 localhost kernel: [ 54.212805] type=1400
audit(1308753029.722:7): avc: denied { create } for pid=5026
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 16:30:29 localhost kernel: [ 54.212816] type=1400
audit(1308753029.722:8): avc: denied { write } for pid=5026 comm="rc"
name="openvpn" dev=tmpfs ino=9101 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 16:30:29 localhost kernel: [ 54.212826] type=1400
audit(1308753029.722:9): avc: denied { lock } for pid=5026 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=9101
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 16:30:29 localhost kernel: [ 54.212849] type=1400
audit(1308753029.722:10): avc: denied { create } for pid=5026
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 22 16:30:29 localhost kernel: [ 54.212876] type=1400
audit(1308753029.722:11): avc: denied { remove_name } for pid=5026
comm="rc" name="openvpn" dev=tmpfs ino=8516
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 16:30:29 localhost kernel: [ 54.212883] type=1400
audit(1308753029.722:12): avc: denied { unlink } for pid=5026
comm="rc" name="openvpn" dev=tmpfs ino=8516
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 22 16:30:29 localhost kernel: [ 54.215757] type=1400
audit(1308753029.725:13): avc: denied { read } for pid=5026 comm="rc"
name="scheduled" dev=tmpfs ino=4192 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 16:30:29 localhost kernel: [ 54.215765] type=1400
audit(1308753029.725:14): avc: denied { open } for pid=5026 comm="rc"
name="scheduled" dev=tmpfs ino=4192 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 16:30:38 localhost kernel: [ 63.241980] type=1400
audit(1308753038.751:16): avc: denied { getattr } for pid=5235
comm="rc" path="/lib64/rc/init.d/rc.stopping" dev=tmpfs ino=11492
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 16:30:39 localhost kernel: [ 63.835651] type=1400
audit(1308753039.345:17): avc: denied { unlink } for pid=4678
comm="dhcpcd" name="dhcpcd.sock" dev=dm-1 ino=262207
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t
tclass=sock_file
Jun 22 16:30:39 localhost kernel: [ 63.876428] type=1400
audit(1308753039.386:18): avc: denied { write } for pid=5567
comm="iptables-save" path="/var/lib/iptables/rules-save" dev=dm-1
ino=265407 scontext=system_u:system_r:iptables_t
tcontext=system_u:object_r:var_lib_t tclass=file
Jun 22 21:15:06 localhost kernel: [ 50.638368] type=1400
audit(1308770106.832:3): avc: denied { write } for pid=5028 comm="rc"
name="exclusive" dev=tmpfs ino=4199 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 21:15:06 localhost kernel: [ 50.638376] type=1400
audit(1308770106.832:4): avc: denied { add_name } for pid=5028
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 21:15:06 localhost kernel: [ 50.638387] type=1400
audit(1308770106.832:5): avc: denied { create } for pid=5028
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 21:15:06 localhost kernel: [ 50.638398] type=1400
audit(1308770106.832:6): avc: denied { write } for pid=5028 comm="rc"
name="openvpn" dev=tmpfs ino=9100 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 21:15:06 localhost kernel: [ 50.638407] type=1400
audit(1308770106.832:7): avc: denied { lock } for pid=5028 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=9100
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 22 21:15:06 localhost kernel: [ 50.638430] type=1400
audit(1308770106.832:8): avc: denied { create } for pid=5028
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 22 21:15:06 localhost kernel: [ 50.638460] type=1400
audit(1308770106.832:9): avc: denied { remove_name } for pid=5028
comm="rc" name="openvpn" dev=tmpfs ino=8484
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 21:15:06 localhost kernel: [ 50.638466] type=1400
audit(1308770106.832:10): avc: denied { unlink } for pid=5028
comm="rc" name="openvpn" dev=tmpfs ino=8484
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 22 21:15:06 localhost kernel: [ 50.641329] type=1400
audit(1308770106.835:11): avc: denied { read } for pid=5028 comm="rc"
name="scheduled" dev=tmpfs ino=4200 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 22 21:15:15 localhost kernel: [ 59.156229] type=1400
audit(1308770115.349:14): avc: denied { read } for pid=5184
comm="hdparm" name="sda" dev=tmpfs ino=6011
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 22 21:15:15 localhost kernel: [ 59.156261] type=1400
audit(1308770115.349:15): avc: denied { open } for pid=5184
comm="hdparm" name="sda" dev=tmpfs ino=6011
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 22 21:15:15 localhost kernel: [ 59.156437] type=1400
audit(1308770115.349:16): avc: denied { ioctl } for pid=5184
comm="hdparm" path="/dev/sda" dev=tmpfs ino=6011
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 22 21:15:16 localhost kernel: [ 60.616409] type=1400
audit(1308770116.810:17): avc: denied { getattr } for pid=5205
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 22 21:15:16 localhost kernel: [ 60.616533] type=1400
audit(1308770116.810:18): avc: denied { read } for pid=5205
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 22 21:15:16 localhost kernel: [ 60.616562] type=1400
audit(1308770116.810:19): avc: denied { open } for pid=5205
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 22 21:15:16 localhost kernel: [ 60.616714] type=1400
audit(1308770116.810:20): avc: denied { lock } for pid=5205
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 22 21:15:16 localhost kernel: [ 60.697908] type=1400
audit(1308770116.891:21): avc: denied { sys_ptrace } for pid=5205
comm="backlighthelper" capability=19
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:system_dbusd_t tclass=capability
Jun 22 21:15:18 localhost kernel: [ 62.385721] type=1400
audit(1308770118.579:22): avc: denied { setsched } for pid=5203
comm="mount" scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:kernel_t tclass=process
Jun 22 21:15:18 localhost kernel: [ 62.385793] type=1400
audit(1308770118.579:23): avc: denied { write } for pid=5203
comm="mount" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:root_t tclass=dir
Jun 23 08:31:46 localhost kernel: [ 50.188833] type=1400
audit(1308810706.673:3): avc: denied { remove_name } for pid=4844
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_u:object_r:default_t
tclass=dir
Jun 23 08:31:46 localhost kernel: [ 50.188840] type=1400
audit(1308810706.673:4): avc: denied { unlink } for pid=4844
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_u:object_r:default_t
tclass=file
Jun 23 08:31:57 localhost kernel: [ 61.274941] type=1400
audit(1308810717.759:5): avc: denied { write } for pid=5059 comm="rc"
name="exclusive" dev=tmpfs ino=4201 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 08:31:57 localhost kernel: [ 61.274950] type=1400
audit(1308810717.759:6): avc: denied { add_name } for pid=5059
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 08:31:57 localhost kernel: [ 61.274961] type=1400
audit(1308810717.759:7): avc: denied { create } for pid=5059
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 23 08:31:57 localhost kernel: [ 61.274973] type=1400
audit(1308810717.759:8): avc: denied { write } for pid=5059 comm="rc"
name="openvpn" dev=tmpfs ino=9042 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 23 08:31:57 localhost kernel: [ 61.274982] type=1400
audit(1308810717.759:9): avc: denied { lock } for pid=5059 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=9042
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 23 08:31:57 localhost kernel: [ 61.275018] type=1400
audit(1308810717.760:10): avc: denied { create } for pid=5059
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 23 08:31:57 localhost kernel: [ 61.275048] type=1400
audit(1308810717.760:11): avc: denied { remove_name } for pid=5059
comm="rc" name="openvpn" dev=tmpfs ino=8454
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 08:31:57 localhost kernel: [ 61.275056] type=1400
audit(1308810717.760:12): avc: denied { unlink } for pid=5059
comm="rc" name="openvpn" dev=tmpfs ino=8454
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 23 08:31:57 localhost kernel: [ 61.277195] type=1400
audit(1308810717.762:13): avc: denied { read } for pid=5059 comm="rc"
name="scheduled" dev=tmpfs ino=4202 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 08:31:57 localhost kernel: [ 61.277203] type=1400
audit(1308810717.762:14): avc: denied { open } for pid=5059 comm="rc"
name="scheduled" dev=tmpfs ino=4202 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 08:32:08 localhost kernel: [ 71.793957] type=1400
audit(1308810728.278:16): avc: denied { read } for pid=5216
comm="hdparm" name="sda" dev=tmpfs ino=5962
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 08:32:08 localhost kernel: [ 71.793971] type=1400
audit(1308810728.278:17): avc: denied { open } for pid=5216
comm="hdparm" name="sda" dev=tmpfs ino=5962
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 08:32:08 localhost kernel: [ 71.794063] type=1400
audit(1308810728.279:18): avc: denied { ioctl } for pid=5216
comm="hdparm" path="/dev/sda" dev=tmpfs ino=5962
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 08:32:09 localhost kernel: [ 73.252952] type=1400
audit(1308810729.737:19): avc: denied { getattr } for pid=5237
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 23 08:32:09 localhost kernel: [ 73.253116] type=1400
audit(1308810729.738:20): avc: denied { read } for pid=5237
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 23 08:32:09 localhost kernel: [ 73.253147] type=1400
audit(1308810729.738:21): avc: denied { open } for pid=5237
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 23 08:32:09 localhost kernel: [ 73.253311] type=1400
audit(1308810729.738:22): avc: denied { lock } for pid=5237
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 23 08:32:09 localhost kernel: [ 73.388517] type=1400
audit(1308810729.873:23): avc: denied { sys_ptrace } for pid=5237
comm="backlighthelper" capability=19
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:system_dbusd_t tclass=capability
Jun 23 08:32:11 localhost kernel: [ 74.992397] type=1400
audit(1308810731.477:24): avc: denied { setsched } for pid=5234
comm="mount" scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:kernel_t tclass=process
Jun 23 08:32:11 localhost kernel: [ 74.992466] type=1400
audit(1308810731.477:25): avc: denied { write } for pid=5234
comm="mount" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:root_t tclass=dir
Jun 23 09:02:08 localhost kernel: [ 1872.104693] type=1400
audit(1308812528.589:57): avc: denied { read } for pid=5685
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:02:08 localhost kernel: [ 1872.107313] type=1400
audit(1308812528.592:58): avc: denied { read } for pid=5686
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:02:08 localhost kernel: [ 1872.111068] type=1400
audit(1308812528.596:59): avc: denied { read } for pid=5687
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:32:08 localhost kernel: [ 3672.052754] type=1400
audit(1308814328.537:60): avc: denied { read } for pid=6023
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:32:08 localhost kernel: [ 3672.055482] type=1400
audit(1308814328.540:61): avc: denied { read } for pid=6024
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 09:32:08 localhost kernel: [ 3672.059116] type=1400
audit(1308814328.544:62): avc: denied { read } for pid=6025
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:02:08 localhost kernel: [ 5472.102715] type=1400
audit(1308816128.587:63): avc: denied { read } for pid=6026
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:02:08 localhost kernel: [ 5472.105460] type=1400
audit(1308816128.590:64): avc: denied { read } for pid=6027
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:02:08 localhost kernel: [ 5472.105868] type=1400
audit(1308816128.590:65): avc: denied { read } for pid=6028
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:32:08 localhost kernel: [ 7272.030120] type=1400
audit(1308817928.515:66): avc: denied { read } for pid=6364
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:32:08 localhost kernel: [ 7272.032737] type=1400
audit(1308817928.517:67): avc: denied { read } for pid=6365
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 10:32:08 localhost kernel: [ 7272.034976] type=1400
audit(1308817928.519:68): avc: denied { read } for pid=6366
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:02:08 localhost kernel: [ 9072.102776] type=1400
audit(1308819728.587:69): avc: denied { read } for pid=6702
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:02:08 localhost kernel: [ 9072.105599] type=1400
audit(1308819728.590:70): avc: denied { read } for pid=6703
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:02:08 localhost kernel: [ 9072.105907] type=1400
audit(1308819728.590:71): avc: denied { read } for pid=6704
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:32:08 localhost kernel: [10872.030082] type=1400
audit(1308821528.515:72): avc: denied { read } for pid=6705
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:32:08 localhost kernel: [10872.032816] type=1400
audit(1308821528.517:73): avc: denied { read } for pid=6706
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 11:32:08 localhost kernel: [10872.034959] type=1400
audit(1308821528.519:74): avc: denied { read } for pid=6707
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:02:08 localhost kernel: [12672.030117] type=1400
audit(1308823328.515:75): avc: denied { read } for pid=7043
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:02:08 localhost kernel: [12672.032815] type=1400
audit(1308823328.517:76): avc: denied { read } for pid=7044
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:02:08 localhost kernel: [12672.034887] type=1400
audit(1308823328.519:77): avc: denied { read } for pid=7045
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:21:20 localhost kernel: [13824.223192] type=1400
audit(1308824480.708:78): avc: denied { read } for pid=7061 comm="rc"
name="inactive" dev=tmpfs ino=4195 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 12:21:20 localhost kernel: [13824.223235] type=1400
audit(1308824480.708:79): avc: denied { read } for pid=7061 comm="rc"
name="started" dev=tmpfs ino=4193 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 12:31:30 localhost kernel: [14434.278297] type=1400
audit(1308825090.763:80): avc: denied { remove_name } for pid=4844
comm="named" name="session.key" dev=dm-1 ino=393268
scontext=system_u:system_r:named_t tcontext=system_u:object_r:default_t
tclass=dir
Jun 23 12:31:30 localhost kernel: [14434.282222] type=1400
audit(1308825090.767:81): avc: denied { remove_name } for pid=4844
comm="named" name="named.pid" dev=dm-1 ino=393267
scontext=system_u:system_r:named_t tcontext=system_u:object_r:default_t
tclass=dir
Jun 23 12:32:08 localhost kernel: [14472.033325] type=1400
audit(1308825128.518:82): avc: denied { read } for pid=7583
comm="udisks-helper-a" name="sdb" dev=tmpfs ino=5988
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:32:08 localhost kernel: [14472.036627] type=1400
audit(1308825128.521:83): avc: denied { read } for pid=7584
comm="udisks-helper-a" name="sdc" dev=tmpfs ino=5989
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:32:08 localhost kernel: [14472.038606] type=1400
audit(1308825128.523:84): avc: denied { read } for pid=7585
comm="udisks-helper-a" name="sdd" dev=tmpfs ino=6019
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 12:45:57 localhost kernel: [15301.235793] type=1400
audit(1308825957.720:86): avc: denied { getattr } for pid=8106
comm="rc" path="/lib64/rc/init.d/rc.stopping" dev=tmpfs ino=2069206
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 12:45:58 localhost kernel: [15301.844610] type=1400
audit(1308825958.329:87): avc: denied { unlink } for pid=4711
comm="dhcpcd" name="dhcpcd.sock" dev=dm-1 ino=262251
scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:var_run_t
tclass=sock_file
Jun 23 12:45:58 localhost kernel: [15301.885416] type=1400
audit(1308825958.370:88): avc: denied { write } for pid=8442
comm="iptables-save" path="/var/lib/iptables/rules-save" dev=dm-1
ino=265407 scontext=system_u:system_r:iptables_t
tcontext=system_u:object_r:var_lib_t tclass=file
Jun 23 18:15:43 localhost kernel: [ 49.588313] type=1400
audit(1308845743.550:3): avc: denied { write } for pid=5016 comm="rc"
name="exclusive" dev=tmpfs ino=4197 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 18:15:43 localhost kernel: [ 49.588320] type=1400
audit(1308845743.550:4): avc: denied { add_name } for pid=5016
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 18:15:43 localhost kernel: [ 49.588332] type=1400
audit(1308845743.550:5): avc: denied { create } for pid=5016
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 23 18:15:43 localhost kernel: [ 49.588343] type=1400
audit(1308845743.550:6): avc: denied { write } for pid=5016 comm="rc"
name="openvpn" dev=tmpfs ino=9008 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 23 18:15:43 localhost kernel: [ 49.588352] type=1400
audit(1308845743.550:7): avc: denied { lock } for pid=5016 comm="rc"
path="/lib64/rc/init.d/exclusive/openvpn" dev=tmpfs ino=9008
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=file
Jun 23 18:15:43 localhost kernel: [ 49.588375] type=1400
audit(1308845743.550:8): avc: denied { create } for pid=5016
comm="rc" name="openvpn" scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 23 18:15:43 localhost kernel: [ 49.588402] type=1400
audit(1308845743.550:9): avc: denied { remove_name } for pid=5016
comm="rc" name="openvpn" dev=tmpfs ino=8396
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 18:15:43 localhost kernel: [ 49.588409] type=1400
audit(1308845743.550:10): avc: denied { unlink } for pid=5016
comm="rc" name="openvpn" dev=tmpfs ino=8396
scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=lnk_file
Jun 23 18:15:43 localhost kernel: [ 49.590573] type=1400
audit(1308845743.552:11): avc: denied { read } for pid=5016 comm="rc"
name="scheduled" dev=tmpfs ino=4198 scontext=system_u:system_r:openvpn_t
tcontext=system_u:object_r:initrc_state_t tclass=dir
Jun 23 18:15:53 localhost kernel: [ 59.673716] type=1400
audit(1308845753.635:14): avc: denied { read } for pid=5173
comm="hdparm" name="sda" dev=tmpfs ino=5916
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 18:15:53 localhost kernel: [ 59.673730] type=1400
audit(1308845753.635:15): avc: denied { open } for pid=5173
comm="hdparm" name="sda" dev=tmpfs ino=5916
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 18:15:53 localhost kernel: [ 59.673823] type=1400
audit(1308845753.635:16): avc: denied { ioctl } for pid=5173
comm="hdparm" path="/dev/sda" dev=tmpfs ino=5916
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Jun 23 18:15:54 localhost kernel: [ 60.859364] type=1400
audit(1308845754.821:17): avc: denied { getattr } for pid=5194
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 23 18:15:54 localhost kernel: [ 60.859487] type=1400
audit(1308845754.821:18): avc: denied { read } for pid=5194
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 23 18:15:54 localhost kernel: [ 60.859518] type=1400
audit(1308845754.821:19): avc: denied { open } for pid=5194
comm="backlighthelper" name="Trolltech.conf" dev=dm-1 ino=431095
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 23 18:15:54 localhost kernel: [ 60.859672] type=1400
audit(1308845754.821:20): avc: denied { lock } for pid=5194
comm="backlighthelper" path="/.config/Trolltech.conf" dev=dm-1
ino=431095 scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:default_t tclass=file
Jun 23 18:15:54 localhost kernel: [ 60.913152] type=1400
audit(1308845754.875:21): avc: denied { sys_ptrace } for pid=5194
comm="backlighthelper" capability=19
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:system_dbusd_t tclass=capability
Jun 23 18:15:56 localhost kernel: [ 62.858743] type=1400
audit(1308845756.820:22): avc: denied { setsched } for pid=5192
comm="mount" scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:system_r:kernel_t tclass=process
Jun 23 18:15:56 localhost kernel: [ 62.858808] type=1400
audit(1308845756.820:23): avc: denied { write } for pid=5192
comm="mount" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:system_dbusd_t
tcontext=system_u:object_r:root_t tclass=dir
--
http://www.fastmail.fm - One of many happy users:
http://www.fastmail.fm/docs/quotes.html
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-06-23 18:48 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-06-23 18:45 [gentoo-hardened] SELinux and KDE4.6.3 Dave
-- strict thread matches above, loose matches on Subject: below --
2011-06-23 14:18 Dave
2011-06-23 17:08 ` Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox