[DSE-User] avc: denied { search } for pid=1177 comm="rsyslogd" name="spool"
Eggert Ehmke
eggert.ehmke at berlin.de
Sun Mar 4 16:35:34 UTC 2012
Hello, I am new to SELinux and installed the debian packages on a running
stable (6.0.4 Squeeze) Intel Quadcore 64bit system, following this guide:
http://wiki.debian.org/SELinux/
The installation went smoothly, no problems so far. But when I reboot the
system in enforcing mode, the boot process will die when trying to load the
lvm2. When booted in permissive mode, I get these errors in dmesg:
[ 10.937036] type=1400 audit(1330856386.116:7): avc: denied { search } for
pid=1177 comm="rsyslogd" name="spool" dev=dm-0 ino=425985
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:var_spool_t:s0 tclass=dir
[ 10.955520] type=1400 audit(1330856386.131:8): avc: denied { write } for
pid=1177 comm="rsyslogd" name="dev" dev=dm-0 ino=442375
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:var_spool_t:s0 tclass=dir
[ 10.955565] type=1400 audit(1330856386.131:9): avc: denied { add_name }
for pid=1177 comm="rsyslogd" name="log"
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:var_spool_t:s0 tclass=dir
[ 10.955651] type=1400 audit(1330856386.131:10): avc: denied { create }
for pid=1177 comm="rsyslogd" name="log"
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:var_spool_t:s0 tclass=sock_file
[ 10.967624] type=1400 audit(1330856386.143:11): avc: denied { setattr }
for pid=1177 comm="rsyslogd" name="log" dev=dm-0 ino=442370
scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:var_spool_t:s0 tclass=sock_file
and some more. I guess when I learn how to solve the rsyslogd related
problems, I will be able to solve the others too.
I understand that I am supposed to create some local policy rules. But all
Howtos seem to assume that this is a simple task that must not be explained in
detail. What am I missing?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/selinux-user/attachments/20120304/bd5eaeed/attachment.html>
More information about the Selinux-user
mailing list