systemd-tmpfile
Russell Coker
russell at coker.com.au
Sun Oct 12 13:09:55 BST 2014
Below is part of the dmesg output on a SE Linux server and ls output showing
what it matches to. Why is systemd-tmpfile trying to do a chmod type operation
on directories such as /var?
I haven't filed a bug report because I'm not sure it's a bug. I didn't post to
debian-devel because that would just give a flame war.
[ 14.376965] audit: type=1400 audit(1413115233.220:5): avc: denied {
setattr } for pid=286 comm="systemd-tmpfile" name="var" dev="sda3" ino=257
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_t:s0 tclass=dir permissive=0
[ 14.429257] audit: type=1400 audit(1413115233.272:6): avc: denied {
setattr } for pid=286 comm="systemd-tmpfile" name="log" dev="sda3" ino=822
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_log_t:s0 tclass=dir permissive=0
[ 14.736252] audit: type=1400 audit(1413115233.580:7): avc: denied {
setattr } for pid=286 comm="systemd-tmpfile" name="cache" dev="sda3" ino=274
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_t:s0 tclass=dir permissive=0
[ 14.965857] audit: type=1400 audit(1413115233.808:8): avc: denied {
setattr } for pid=286 comm="systemd-tmpfile" name="lib" dev="sda3" ino=270
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_lib_t:s0 tclass=dir permissive=0
[ 15.027358] audit: type=1400 audit(1413115233.872:9): avc: denied {
setattr } for pid=286 comm="systemd-tmpfile" name="systemd" dev="sda3"
ino=81298 scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_lib_t:s0 tclass=dir permissive=0
[ 15.090673] audit: type=1400 audit(1413115233.932:10): avc: denied {
write } for pid=286 comm="systemd-tmpfile" name="systemd" dev="sda3" ino=81298
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_lib_t:s0 tclass=dir permissive=0
root at sexen:~# ls -lid /var
257 drwxr-xr-x. 1 root root 90 Apr 29 21:34 /var
root at sexen:~# ls -lid /var/log
822 drwxr-xr-x. 1 root root 2040 Oct 1 06:25 /var/log
root at sexen:~# ls -lid /var/cache
274 drwxr-xr-x. 1 root root 108 May 20 15:08 /var/cache
root at sexen:~# ls -lid /var/lib
270 drwxr-xr-x. 1 root root 566 Oct 12 20:49 /var/lib
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
More information about the Pkg-systemd-maintainers
mailing list