• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

kernel: audit(xxxxxxxxxxxxx): avc: denied - Help Please

R

ryanz

Basic Pleskian
Hi,

I notice the following messages during startup and in /var/log/messages of a fresh PSA7.5 install on FC3 with RAID5. Does anyone have experience with these?

Jul 23 12:22:32 geforce kernel: audit(1122114147.445:0 : avc: denied { write } for pid=2038 exe=/usr/sbin/named name=named dev=md0 ino=8994918 scontext=user_u:system_r:named_t tcontext=root:eek:bject_r:named_zone_t tclass=dir
Jul 23 12:22:32 geforce kernel: audit(1122114147.445:0 : avc: denied { add_name } for pid=2038 exe=/usr/sbin/named name=named.pid scontext=user_u:system_r:named_t tcontext=root:eek:bject_r:named_zone_t tclass=dir
Jul 23 12:22:32 geforce kernel: audit(1122114147.445:0 : avc: denied { create } for pid=2038 exe=/usr/sbin/named name=named.pid scontext=user_u:system_r:named_t tcontext=user_u:eek:bject_r:named_zone_t tclass=file
Jul 23 12:22:32 geforce kernel: audit(1122114147.457:0 : avc: denied { write } for pid=2038 exe=/usr/sbin/named path=/var/run/named/named.pid dev=md0 ino=8994923 scontext=user_u:system_r:named_t tcontext=user_u:eek:bject_r:named_zone_t tclass=file
Jul 23 12:22:32 geforce kernel: audit(1122114147.652:0 : avc: denied { append } for pid=2077 exe=/sbin/syslogd name=maillog dev=md0 ino=9768713 scontext=user_u:system_r:syslogd_t tcontext=root:eek:bject_r:usr_t tclass=file
Jul 23 12:22:32 geforce kernel: audit(1122114147.652:0 : avc: denied { ioctl } for pid=2077 exe=/sbin/syslogd path=/usr/local/psa/var/log/maillog dev=md0 ino=9768713 scontext=user_u:system_r:syslogd_t tcontext=root:eek:bject_r:usr_t tclass=file
Jul 23 12:22:32 geforce kernel: audit(1122114152.891:0 : avc: denied { append } for pid=2467 exe=/usr/libexec/mysqld path=/var/log/mysqld.log dev=md0 ino=8914517 scontext=user_u:system_r:mysqld_t tcontext=root:eek:bject_r:var_log_t tclass=file
Jul 23 12:22:33 geforce kernel: audit(1122114153.660:0 : avc: denied { getattr } for pid=2467 exe=/usr/libexec/mysqld path=/var/log/mysqld.log dev=md0 ino=8914517 scontext=user_u:system_r:mysqld_t tcontext=root:eek:bject_r:var_log_t tclass=file

Jul 23 12:22:37 geforce kernel: audit(1122114157.742:0 : avc: denied { getattr } for pid=2579 exe=/bin/ps path=/proc/2467 dev=proc ino=161677314 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:mysqld_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.742:0 : avc: denied { search } for pid=2579 exe=/bin/ps name=2467 dev=proc ino=161677314 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:mysqld_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.742:0 : avc: denied { read } for pid=2579 exe=/bin/ps name=stat dev=proc ino=161677325 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:mysqld_t tclass=file

Just keeps on......

Thanks,
 
Here are some more of the messages in /var/log/messages


Jul 23 12:22:37 geforce kernel: audit(1122114157.749:0 : avc: denied { getattr } for pid=2579 exe=/bin/ps path=/proc/2553 dev=proc ino=167313410 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:httpd_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.749:0 : avc: denied { search } for pid=2579 exe=/bin/ps name=2553 dev=proc ino=167313410 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:httpd_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.750:0 : avc: denied { read } for pid=2579 exe=/bin/ps name=stat dev=proc ino=167313421 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:httpd_t tclass=file
Jul 23 12:22:37 geforce kernel: audit(1122114157.784:0 : avc: denied { sys_nice } for pid=2581 exe=/bin/ps capability=23 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:httpd_sys_script_t tclass=capability
Jul 23 12:22:37 geforce kernel: audit(1122114157.822:0 : avc: denied { add_name } for pid=2553 exe=/usr/sbin/httpd name=suidkey.2553 scontext=user_u:system_r:httpd_t tcontext=system_u:eek:bject_r:usr_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.822:0 : avc: denied { create } for pid=2553 exe=/usr/sbin/httpd name=suidkey.2553 scontext=user_u:system_r:httpd_t tcontext=user_u:eek:bject_r:usr_t tclass=file
Jul 23 12:22:37 geforce kernel: audit(1122114157.822:0 : avc: denied { write } for pid=2553 exe=/usr/sbin/httpd path=/usr/local/frontpage/version5.0/apache-fp/suidkey.2553 dev=md0 ino=10029767 scontext=user_u:system_r:httpd_t tcontext=user_u:eek:bject_r:usr_t tclass=file
Jul 23 12:22:39 geforce psa: Starting Plesk: succeeded
 
You must log in or register to reply here.

Similar threads

danami
Forwarded to devs SELinux errors due to ARC mail handler
Replies
2
Views
582
Kaspar@Plesk
Kaspar@Plesk
danami
Anacron job 'cron.daily' /etc/cron.daily/logrotate errors
Replies
2
Views
2K
danami
danami
J
Issue Zend_Db_Adapter_Exception
Replies
17
Views
2K
jmzbe
J
S
Question SElinux breaks Qmail in upgrade to Onyx
Replies
7
Views
2K
southy
S
O
Slave DNS Manager Module and SeLinux
Replies
7
Views
2K
AYamshanov
AYamshanov
Back
Top