Jason Cortezzo wrote:
I get these messages during boot. They are the very last lines output
by dmesg....
audit(1100213115.443:0): avc: denied { read } for pid=2213
exe=/usr/sbin/ntpdate name=mtab dev=dm-0 ino=3606667
scontext=user_u:system_r:ntpd_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
audit(1100213115.443:0): avc: denied { read } for pid=2213
exe=/usr/sbin/ntpdate name=meminfo dev=proc ino=-268435454
scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:proc_t
tclass=file
audit(1100213122.880:0): avc: denied { read } for pid=2219
exe=/usr/sbin/ntpd name=mtab dev=dm-0 ino=3606667
scontext=user_u:system_r:ntpd_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
audit(1100213122.881:0): avc: denied { read } for pid=2219
exe=/usr/sbin/ntpd name=meminfo dev=proc ino=-268435454
scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:proc_t
tclass=file
Can anyone decipher this?
Thanks,
Jason
Basically there is a bug in ntpd poliyc that is not allowing it to read
/etc/mtab and /proc/meminfo.
Fixed in selinux-policy-targeted-1.17.30-2.24
Dan
