[DSE-User] avc: denied { search } for pid=1177 comm="rsyslogd" name="spool"

Chris chris at eehmke.de
Mon Mar 5 13:51:25 UTC 2012 

On Monday 05 March 2012 07:59:32 Chris wrote:

$ sudo check-selinux-installation
/usr/sbin/check-selinux-installation:19: DeprecationWarning: os.popen3 is 
deprecated.  Use the subprocess module.
  @staticmethod
/usr/sbin/check-selinux-installation:23: DeprecationWarning: os.popen2 is 
deprecated.  Use the subprocess module.
  def fix():
/etc/pam.d/login is not SELinux enabled
Postfix init script is syncing the chroots.

$ sudo sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          permissive
Policy version:                 24
Policy from config file:        default

Ok I could get rid of the pam message by applying this patch:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531660

The postfix message I could kill by setting SYNC_CHROOT="n" in 
/etc/default/postfix. 

Nevertheless, I still have this deny reports:
Mar  5 13:10:13 jupiter dbus: avc:  denied  { send_msg } for 
msgtype=method_call interface=org.freedesktop.DBus member=Hello 
dest=org.freedesktop.DBus spid=1900 scontext=system_u:system_r:sshd_t:s0-
s0:c0.c1023 tcontext=system_u:system_r:initrc_t:s0 tclass=dbus
Mar  5 13:10:13 jupiter kernel: [   29.796574] type=1400 
audit(1330949413.979:21): avc:  denied  { write } for  pid=1900 comm="sshd" 
name="system_bus_socket" dev=dm-0 ino=229407 
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:var_run_t:s0 tclass=sock_file
Mar  5 13:10:13 jupiter kernel: [   29.796899] type=1400 
audit(1330949413.979:22): avc:  denied  { connectto } for  pid=1900 
comm="sshd" path="/var/run/dbus/system_bus_socket" 
scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 
tcontext=system_u:system_r:initrc_t:s0 tclass=unix_stream_socket
Mar  5 13:10:14 jupiter dbus: avc:  denied  { send_msg } for 
msgtype=method_return dest=:1.0 spid=1903 tpid=1900 
scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:sshd_t:s0-
s0:c0.c1023 tclass=dbus
Mar  5 13:10:18 jupiter nmbd[1260]: [2012/03/05 13:10:18.259727,  0] 
nmbd/nmbd_become_lmb.c:395(become_local_master_stage2)
Mar  5 13:12:59 jupiter dbus: avc:  denied  { send_msg } for 
msgtype=method_call interface=org.freedesktop.DBus member=Hello 
dest=org.freedesktop.DBus spid=2028 
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 
tcontext=system_u:system_r:initrc_t:s0 tclass=dbus
Mar  5 13:12:59 jupiter dbus: avc:  denied  { send_msg } for 
msgtype=method_return dest=:1.3 spid=1903 tpid=2028 
scontext=system_u:system_r:initrc_t:s0 
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=dbus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/selinux-user/attachments/20120305/c60862d0/attachment.html>

More information about the Selinux-user mailing list