Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: AVC message problem: msg#00114
|
Subject: |
Re: AVC message problem |
Tom Diehl wrote:
On Mon, 24 Oct 2005, Daniel J Walsh wrote:
Tom Diehl wrote:
Hi all,
Since upgrading to EL4-U2 I am getting the following avc messages in my logs:
Oct 23 14:46:21 pocono dbus: Can't send to audit system: USER_AVC pid=3064
uid=81 loginuid=-1 message=avc: denied { send_msg } for
scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t
tclass=dbus
Can someone tell me how to go about fixing this, short of turning off selinux?
(pocono pts13) # rpm -qa | grep selinux
libselinux-1.19.1-7
libselinux-1.19.1-7
selinux-policy-targeted-1.17.30-2.110
libselinux-devel-1.19.1-7
(pocono pts13) # rpm -qa dbus
dbus-0.22-12.EL.5
(pocono pts13) # uname -r
2.6.9-22.ELsmp
(pocono pts13) #
I get hundreds of these a day. I have tried relabeling but no change.
The system arch is x86_64
Could you try
Yep
ftp://people.redhat.com/dwalsh/SELinux/RHEL4/u3/selinux-policy-targeted-*
We are moving to deliver an errata release of this policy.
I did the following:
(pocono pts18) # rpm -Fvh selinux-policy-targeted-1.17.30-2.117.noarch.rpm
Preparing... ########################################### [100%]
1:selinux-policy-targeted########################################### [100%]
(pocono pts18) #
And I got the following in the logs:
Oct 24 10:59:21 pocono dbus: Can't send to audit system: USER_AVC pid=3064
uid=81 loginuid=-1 message=avc: denied { send_msg } for
scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t
tclass=dbus
Oct 24 10:59:31 pocono last message repeated 2 times
Oct 24 10:59:35 pocono kernel: security: 3 users, 4 roles, 354 types, 25 bools
Oct 24 10:59:35 pocono kernel: security: 55 classes, 21778 rules
Oct 24 10:59:35 pocono dbus: Can't send to audit system: USER_AVC pid=3064
uid=81 loginuid=-1 message=avc: received policyload notice (seqno=1)
Oct 24 10:59:35 pocono dbus: Can't send to audit system: USER_AVC pid=3064
uid=81 loginuid=-1 message=avc: 4 AV entries and 4/512 buckets used, longest
chain length 1
Oct 24 10:59:35 pocono dbus: Can't send to audit system: USER_AVC pid=4252
uid=508 loginuid=-1 message=avc: received policyload notice (seqno=1)
Oct 24 10:59:35 pocono dbus: Can't send to audit system: USER_AVC pid=4252
uid=508 loginuid=-1 message=avc: 1 AV entries and 1/512 buckets used, longest
chain length 1
So far no more avc messages. They were showing up every 5-15 seconds
before. It has been approx 5 minutes with no avc messages.
Is there anything else I should be looking at?
Nope it should all work now.
Is there a bug for this?
Yes, hopefully we will release this as an errata, It will definitely be
in U3.
Thank You for the help.
Regards,
Tom Diehl tdiehl@xxxxxxxxxxxx Spamtrap address
mtd123@xxxxxxxxxxxx
--
|
| |
