[DSE-Dev] Bug#716745: selinux-policy-default: avc: denied { syslog } for pid=2492 comm="rsyslogd" capability=34

Paul Menzel pm.debian at googlemail.com
Fri Jul 12 07:41:47 UTC 2013 

Package: selinux-policy-default
Version: 2:2.20110726-12
Severity: normal
Control: affects -1 rsyslogd

Dear Debian folks,


having rsyslog 7.4.2-1 installed and building a Linux 3.10 kernel and
enabling SELinux by default, the following message shows up in the Linux
kernel log.

    avc:  denied  { syslog } for  pid=2492 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2

I did not investigate the implications, but it would be nice if it
worked out of the box.

As I did not find this error on the Web, it might be related that I
had sysklogd [1] installed before which was replaced by rsyslog.


Thanks,

Paul


[1] http://packages.debian.org/squeeze/sysklogd

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages selinux-policy-default depends on:
ii  libpam-modules   1.1.3-9
ii  libselinux1      2.1.13-2
ii  libsepol1        2.1.9-2
ii  policycoreutils  2.1.13-2
ii  python           2.7.5-2

Versions of packages selinux-policy-default recommends:
ii  checkpolicy  2.1.12-1
ii  setools      3.3.8-1

Versions of packages selinux-policy-default suggests:
pn  logcheck        <none>
pn  syslog-summary  <none>

-- Configuration Files:
/etc/selinux/default/modules/active/file_contexts.local [Errno 13] Keine Berechtigung: u'/etc/selinux/default/modules/active/file_contexts.local'

I checked the above file manually and it is empty.

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/selinux-devel/attachments/20130712/176f117b/attachment.sig>

More information about the SELinux-devel mailing list