logo       
<prev   next>

Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...

haldaemon, run_init: msg#00072

Subject: haldaemon, run_init 
Running strict/enforcing w/ latest from Dan's tree.
When haldaemon starts:

Sep 16 07:52:29 fedora haldaemon: haldaemon startup succeeded
Sep 16 07:52:30 fedora fstab-sync[3132]: removed all generated mount points
Sep 16 07:52:30 fedora kernel: audit(1095346350.044:0): avc: denied { execute } for pid=3134 exe=/usr/sbin/hald name=bash dev=hda2 ino=229395 scontext=system_u:system_r:hald_t tcontext=system_u:object_r:shell_exec_t tclass=file 
Sep 16 07:52:30 fedora mdmonitor: mdadm startup succeeded

Believe the AVC is generated when hald tries to run hal_lpadmin from
/etc/hal/device.d/printer_remove.hal

When I put system into permissive mode and restart haldaemon, I get
(sorry for running this as root, but run_init seems busted:
Sep 16 11:03:12 fedora kernel: audit(1095357792.163:0): avc: denied { use } for pid=4262 exe=/usr/sbin/run_init path=/dev/pts/2 dev=devpts ino=4 scontext=root:sysadm_r:run_init_t tcontext=user_u:user_r:user_t tclass=fd 
Sep 16 11:03:12 fedora last message repeated 2 times
Sep 16 11:03:12 fedora run_init(pam_unix)[4262]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=root 
)

Here are the permissive AVCs:
Sep 16 10:44:43 fedora kernel: audit(1095356683.853:0): avc: denied { relabelfrom } for pid=8333 exe=/usr/sbin/fstab-sync name=fstab dev=hda2 ino=4475247 scontext=root:system_r:updfstab_t tcontext=root:object_r:etc_t tclass=file Sep 16 10:44:43 fedora kernel: audit(1095356683.854:0): avc: denied { relabelto } for pid=8333 exe=/usr/sbin/fstab-sync name=fstab dev=hda2 ino=4475247 scontext=root:system_r:updfstab_t tcontext=system_u:object_r:etc_t tclass=file 
Sep 16 10:44:43 fedora fstab-sync[8333]: removed all generated mount points
Sep 16 10:44:43 fedora kernel: audit(1095356683.893:0): avc: denied { execute } for pid=8335 exe=/usr/sbin/hald name=bash dev=hda2 ino=229395 scontext=root:system_r:hald_t tcontext=system_u:object_r:shell_exec_t tclass=file Sep 16 10:44:43 fedora kernel: audit(1095356683.894:0): avc: denied { read } for pid=8335 exe=/usr/sbin/hald path=/bin/bash dev=hda2 ino=229395 scontext=root:system_r:hald_t tcontext=system_u:object_r:shell_exec_t tclass=file Sep 16 10:44:43 fedora kernel: audit(1095356683.899:0): avc: denied { execute } for pid=8336 exe=/bin/bash name=hal_lpadmin dev=hda2 ino=278545 scontext=root:system_r:hald_t tcontext=system_u:object_r:sbin_t tclass=file Sep 16 10:44:43 fedora kernel: audit(1095356683.900:0): avc: denied { execute_no_trans } for pid=8336 exe=/bin/bash path=/usr/sbin/hal_lpadmin dev=hda2 ino=278545 scontext=root:system_r:hald_t tcontext=system_u:object_r:sbin_t tclass=file Sep 16 10:44:43 fedora kernel: audit(1095356683.900:0): avc: denied { read } for pid=8336 exe=/bin/bash path=/usr/sbin/hal_lpadmin dev=hda2 ino=278545 scontext=root:system_r:hald_t tcontext=system_u:object_r:sbin_t tclass=file Sep 16 10:44:44 fedora kernel: audit(1095356684.672:0): avc: denied { search } for pid=8381 exe=/usr/libexec/hal-hotplug-map name=hotplug dev=hda2 ino=4472955 scontext=root:system_r:hald_t tcontext=system_u:object_r:hotplug_etc_t tclass=dir Sep 16 10:44:44 fedora kernel: audit(1095356684.674:0): avc: denied { read } for pid=8381 exe=/usr/libexec/hal-hotplug-map name=usb.usermap dev=hda2 ino=4474609 scontext=root:system_r:hald_t tcontext=system_u:object_r:hotplug_etc_t tclass=file Sep 16 10:44:44 fedora kernel: audit(1095356684.674:0): avc: denied { getattr } for pid=8381 exe=/usr/libexec/hal-hotplug-map path=/etc/hotplug/usb.usermap dev=hda2 ino=4474609 scontext=root:system_r:hald_t tcontext=system_u:object_r:hotplug_etc_t tclass=file Sep 16 10:44:45 fedora kernel: audit(1095356685.450:0): avc: denied { use } for pid=8430 exe=/bin/mount path=pipe:[13184] dev=pipefs ino=13184 scontext=user_u:user_r:user_mount_t tcontext=system_u:system_r:xdm_t tclass=fd Sep 16 10:44:45 fedora kernel: audit(1095356685.450:0): avc: denied { write } for pid=8430 exe=/bin/mount path=pipe:[13184] dev=pipefs ino=13184 scontext=user_u:user_r:user_mount_t tcontext=system_u:system_r:xdm_t tclass=fifo_file Sep 16 10:44:46 fedora kernel: audit(1095356686.042:0): avc: denied { execute } for pid=8330 exe=/usr/sbin/hald name=printer_update.hal dev=hda2 ino=280646 scontext=root:system_r:hald_t tcontext=system_u:object_r:etc_t tclass=file Sep 16 10:44:46 fedora kernel: audit(1095356686.075:0): avc: denied { read write } for pid=8330 exe=/usr/sbin/hald name=lp0 dev=tmpfs ino=6883 scontext=root:system_r:hald_t tcontext=system_u:object_r:printer_device_t tclass=chr_file Sep 16 10:44:46 fedora kernel: audit(1095356686.121:0): avc: denied { execute_no_trans } for pid=8479 exe=/usr/sbin/hald path=/etc/hal/capability.d/printer_update.hal dev=hda2 ino=280646 scontext=root:system_r:hald_t tcontext=system_u:object_r:etc_t tclass=file Sep 16 10:44:46 fedora kernel: audit(1095356686.140:0): avc: denied { ioctl } for pid=8479 exe=/bin/bash path=/etc/hal/capability.d/printer_update.hal dev=hda2 ino=280646 scontext=root:system_r:hald_t tcontext=system_u:object_r:etc_t tclass=file
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: mount ?, Daniel J Walsh
Next by Date:  Re: mount ?, Stephen Smalley
Previous by Thread:  mount ?, Tom London
Next by Thread:  fsck.ext3 on bootup, Tom London
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
Recently Viewed:
qnx.openqnx.dev...    gcc.libstdc++.c...    solaris.opensol...    information-ret...    misc.misterhous...    web.catalyst.ge...    apache.webservi...    redhat.release....    hardware.lirc/2...    kernel.autofs/2...    technology.sust...    linux.vdr/2003-...    editors.lyx.gen...    org.user-groups...    netbsd.devel.pk...    xdg.devel/2004-...    version-control...    jakarta.slide.d...    debian.packages...    creativecommons...    ports.ppc.embed...    bug-tracking.bu...   
Home | blog view | USPTO Patent Archive | advertise | OSDir is an inevitable website. super tiny logo

Free Magazines

Cisco News
Receive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business.
subscribe

Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe

The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business.
subscribe

Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe

Total Telecom Total Telecom is "The Economist of the communications industry".
subscribe

Navigation