• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

kernel: audit(xxxxxxxxxxxxx): avc: denied - Help Please

R

ryanz

Basic Pleskian
Hi,

I notice the following messages during startup and in /var/log/messages of a fresh PSA7.5 install on FC3 with RAID5. Does anyone have experience with these?

Jul 23 12:22:32 geforce kernel: audit(1122114147.445:0 : avc: denied { write } for pid=2038 exe=/usr/sbin/named name=named dev=md0 ino=8994918 scontext=user_u:system_r:named_t tcontext=root:eek:bject_r:named_zone_t tclass=dir
Jul 23 12:22:32 geforce kernel: audit(1122114147.445:0 : avc: denied { add_name } for pid=2038 exe=/usr/sbin/named name=named.pid scontext=user_u:system_r:named_t tcontext=root:eek:bject_r:named_zone_t tclass=dir
Jul 23 12:22:32 geforce kernel: audit(1122114147.445:0 : avc: denied { create } for pid=2038 exe=/usr/sbin/named name=named.pid scontext=user_u:system_r:named_t tcontext=user_u:eek:bject_r:named_zone_t tclass=file
Jul 23 12:22:32 geforce kernel: audit(1122114147.457:0 : avc: denied { write } for pid=2038 exe=/usr/sbin/named path=/var/run/named/named.pid dev=md0 ino=8994923 scontext=user_u:system_r:named_t tcontext=user_u:eek:bject_r:named_zone_t tclass=file
Jul 23 12:22:32 geforce kernel: audit(1122114147.652:0 : avc: denied { append } for pid=2077 exe=/sbin/syslogd name=maillog dev=md0 ino=9768713 scontext=user_u:system_r:syslogd_t tcontext=root:eek:bject_r:usr_t tclass=file
Jul 23 12:22:32 geforce kernel: audit(1122114147.652:0 : avc: denied { ioctl } for pid=2077 exe=/sbin/syslogd path=/usr/local/psa/var/log/maillog dev=md0 ino=9768713 scontext=user_u:system_r:syslogd_t tcontext=root:eek:bject_r:usr_t tclass=file
Jul 23 12:22:32 geforce kernel: audit(1122114152.891:0 : avc: denied { append } for pid=2467 exe=/usr/libexec/mysqld path=/var/log/mysqld.log dev=md0 ino=8914517 scontext=user_u:system_r:mysqld_t tcontext=root:eek:bject_r:var_log_t tclass=file
Jul 23 12:22:33 geforce kernel: audit(1122114153.660:0 : avc: denied { getattr } for pid=2467 exe=/usr/libexec/mysqld path=/var/log/mysqld.log dev=md0 ino=8914517 scontext=user_u:system_r:mysqld_t tcontext=root:eek:bject_r:var_log_t tclass=file

Jul 23 12:22:37 geforce kernel: audit(1122114157.742:0 : avc: denied { getattr } for pid=2579 exe=/bin/ps path=/proc/2467 dev=proc ino=161677314 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:mysqld_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.742:0 : avc: denied { search } for pid=2579 exe=/bin/ps name=2467 dev=proc ino=161677314 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:mysqld_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.742:0 : avc: denied { read } for pid=2579 exe=/bin/ps name=stat dev=proc ino=161677325 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:mysqld_t tclass=file

Just keeps on......

Thanks,
 
Here are some more of the messages in /var/log/messages


Jul 23 12:22:37 geforce kernel: audit(1122114157.749:0 : avc: denied { getattr } for pid=2579 exe=/bin/ps path=/proc/2553 dev=proc ino=167313410 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:httpd_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.749:0 : avc: denied { search } for pid=2579 exe=/bin/ps name=2553 dev=proc ino=167313410 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:httpd_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.750:0 : avc: denied { read } for pid=2579 exe=/bin/ps name=stat dev=proc ino=167313421 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:httpd_t tclass=file
Jul 23 12:22:37 geforce kernel: audit(1122114157.784:0 : avc: denied { sys_nice } for pid=2581 exe=/bin/ps capability=23 scontext=user_u:system_r:httpd_sys_script_t tcontext=user_u:system_r:httpd_sys_script_t tclass=capability
Jul 23 12:22:37 geforce kernel: audit(1122114157.822:0 : avc: denied { add_name } for pid=2553 exe=/usr/sbin/httpd name=suidkey.2553 scontext=user_u:system_r:httpd_t tcontext=system_u:eek:bject_r:usr_t tclass=dir
Jul 23 12:22:37 geforce kernel: audit(1122114157.822:0 : avc: denied { create } for pid=2553 exe=/usr/sbin/httpd name=suidkey.2553 scontext=user_u:system_r:httpd_t tcontext=user_u:eek:bject_r:usr_t tclass=file
Jul 23 12:22:37 geforce kernel: audit(1122114157.822:0 : avc: denied { write } for pid=2553 exe=/usr/sbin/httpd path=/usr/local/frontpage/version5.0/apache-fp/suidkey.2553 dev=md0 ino=10029767 scontext=user_u:system_r:httpd_t tcontext=user_u:eek:bject_r:usr_t tclass=file
Jul 23 12:22:39 geforce psa: Starting Plesk: succeeded
 
You must log in or register to reply here.

Similar threads

danami
Anacron job 'cron.daily' /etc/cron.daily/logrotate errors
Replies
2
Views
2K
danami
danami
J
Issue Zend_Db_Adapter_Exception
Replies
17
Views
2K
jmzbe
J
S
Question SElinux breaks Qmail in upgrade to Onyx
Replies
7
Views
2K
southy
S
O
Slave DNS Manager Module and SeLinux
Replies
7
Views
2K
AYamshanov
AYamshanov
H
unable to open TransferLog '/var/log/plesk/xferlog': Permission denied
Replies
2
Views
2K
wwwAndries
wwwAndries
Back
Top