[DSE-User] avc: denied { search } for pid=1177 comm="rsyslogd" name="spool"

Chris chris at eehmke.de
Mon Mar 5 06:59:32 UTC 2012 

Hello Mika,

On Monday 05 March 2012 00:35:28 Mika Pflüger wrote:
> Am Sun, 04 Mar 2012 17:35:34 +0100
> schrieb Chris <chris at eehmke.de>:
....
> > [   10.937036] type=1400 audit(1330856386.116:7): avc:  denied
> > { search } for pid=1177 comm="rsyslogd" name="spool" dev=dm-0
> > ino=425985 scontext=system_u:system_r:syslogd_t:s0
> > tcontext=system_u:object_r:var_spool_t:s0 tclass=dir
....
> > I understand that I am supposed to create some local policy rules.
> > But all Howtos seem to assume that this is a simple task that must
> > not be explained in detail. What am I missing?
> 
> these denials don't look like you need local policy, it looks more like
> you need to activate the official policy bits that matter - could you
> try and run the commands
> # check-selinux-installation
> # sestatus
> # semodule -l
> as root which report various bits about your selinux installation and
> post the output?

Here we go:
$ sudo check-selinux-installation
/usr/sbin/check-selinux-installation:19: DeprecationWarning: os.popen3 is 
deprecated.  Use the subprocess module.
  @staticmethod
/usr/sbin/check-selinux-installation:23: DeprecationWarning: os.popen2 is 
deprecated.  Use the subprocess module.
  def fix():
/etc/pam.d/login is not SELinux enabled
Postfix init script is syncing the chroots.

$ sudo sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          permissive
Policy version:                 24
Policy from config file:        default

$ sudo semodule -l
apm     1.11.0
dhcp    1.9.0
dmidecode       1.4.0
ftp     1.12.0
gpg     2.3.0
loadkeys        1.7.0
netutils        1.10.0
portmap 1.9.0
raid    1.10.0
remotelogin     1.7.0
rpc     1.12.0
samba   1.13.0
ssh     2.2.0
sudo    1.6.0
tcpd    1.4.0                                                                                                                                                                         
telnet  1.10.0                                                                                                                                                                        
tzdata  1.3.0                                                                                                                                                                         
unconfined      3.2.0                                                                                                                                                                 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/selinux-user/attachments/20120305/250fd71f/attachment-0001.html>

More information about the Selinux-user mailing list