Re: Update Squeeze to Wheezy syslog "audit" entry
On Tue, 18 Mar 2014 13:45:46 +0100
basti <black.fledermaus@arcor.de> wrote:
> Hello,
> today I have update squeeze to wheezy and now my syslog is full of
> messaged like:
>
> Mar 18 13:38:39 vsrv65965 kernel: [ 8518.427682] type=1400
> audit(1395146319.571:8122): avc: denied { read } for pid=989
> comm="postgres" name="pg_filenode.map" dev=xvda1 ino=655638
> scontext=system_u:system_r:postgresql_t:s0
> tcontext=unconfined_u:object_r:file_t:s0 tclass=file
> Mar 18 13:38:39 vsrv65965 kernel: [ 8518.427710] type=1400
> audit(1395146319.571:8123): avc: denied { open } for pid=989
> comm="postgres" name="pg_filenode.map" dev=xvda1 ino=655638
> scontext=system_u:system_r:postgresql_t:s0
> tcontext=unconfined_u:object_r:file_t:s0 tclass=file
> Mar 18 13:38:39 vsrv65965 kernel: [ 8518.428387] type=1400
> audit(1395146319.572:8124): avc: denied { getattr } for pid=989
> comm="postgres"
> path="/var/lib/postgresql/9.1/main/base/16400/PG_VERSION" dev=xvda1
> ino=671762 scontext=system_u:system_r:postgresql_t:s0
> tcontext=unconfined_u:object_r:file_t:s0 tclass=file
> Mar 18 13:38:39 vsrv65965 kernel: [ 8518.429542] type=1400
> audit(1395146319.573:8125): avc: denied { write } for pid=989
> comm="postgres" name="11734" dev=xvda1 ino=671767
> scontext=system_u:system_r:postgresql_t:s0
> tcontext=unconfined_u:object_r:file_t:s0 tclass=file
>
>
> selinux-policy-default is not installed.
> The machine is a XEN vbox (Linux 3.0.101 #2 SMP Mon Dec 30 13:15:49 CET
> 2013 x86_64).
>
> Regards,
> Basti
>
>
Then install selinux-policy-doc because it should automatically install
modules to allow actions so your installed software works. You can
allow individual rules with audit2allow. If you don't need SELInux,
look at your boot loader configuration and remove "security=selinux"
kernel option.
--
http://markorandjelovic.hopto.org
Reply to: