* [refpolicy] strange systemctl audit messages
@ 2014-06-26 11:20 Russell Coker
2014-06-26 15:51 ` Dominick Grift
0 siblings, 1 reply; 2+ messages in thread
From: Russell Coker @ 2014-06-26 11:20 UTC (permalink / raw)
To: refpolicy
type=USER_AVC msg=audit(1403767163.112:2422): pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { stop }
for auid=0 uid=0 gid=0 path="/dev/null" cmdline="systemctl stop udev.service
udev-control.socket udev-kernel.socket"
scontext=unconfined_u:unconfined_r:dpkg_script_t:s0-s0:c0.c1023
tcontext=system_u:object_r:null_device_t:s0 tclass=service
exe="/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
type=USER_AVC msg=audit(1403767163.116:2423): pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { status }
for auid=0 uid=0 gid=0 path="/dev/null" cmdline="systemctl stop udev.service
udev-control.socket udev-kernel.socket"
scontext=unconfined_u:unconfined_r:dpkg_script_t:s0-s0:c0.c1023
tcontext=system_u:object_r:null_device_t:s0 tclass=service
exe="/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
What's the cause of these messages? Why am I seeing an access check on
null_device_t?
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
^ permalink raw reply [flat|nested] 2+ messages in thread
* [refpolicy] strange systemctl audit messages
2014-06-26 11:20 [refpolicy] strange systemctl audit messages Russell Coker
@ 2014-06-26 15:51 ` Dominick Grift
0 siblings, 0 replies; 2+ messages in thread
From: Dominick Grift @ 2014-06-26 15:51 UTC (permalink / raw)
To: refpolicy
On Thu, 2014-06-26 at 21:20 +1000, Russell Coker wrote:
> type=USER_AVC msg=audit(1403767163.112:2422): pid=1 uid=0 auid=4294967295
> ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { stop }
> for auid=0 uid=0 gid=0 path="/dev/null" cmdline="systemctl stop udev.service
> udev-control.socket udev-kernel.socket"
> scontext=unconfined_u:unconfined_r:dpkg_script_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:null_device_t:s0 tclass=service
> exe="/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
> type=USER_AVC msg=audit(1403767163.116:2423): pid=1 uid=0 auid=4294967295
> ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { status }
> for auid=0 uid=0 gid=0 path="/dev/null" cmdline="systemctl stop udev.service
> udev-control.socket udev-kernel.socket"
> scontext=unconfined_u:unconfined_r:dpkg_script_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:null_device_t:s0 tclass=service
> exe="/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
>
> What's the cause of these messages? Why am I seeing an access check on
> null_device_t?
>
At least you're getting some AVC denials. I suspect you may need to
upgrade systemd as this seems to me to be a bug in the systemd selinux
code.
By the way, you should probably send this to Walsh instead as this has
little to do with refpolicy and the systemd selinux code was written by
Walsh.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-06-26 15:51 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-06-26 11:20 [refpolicy] strange systemctl audit messages Russell Coker
2014-06-26 15:51 ` Dominick Grift
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.