API tools faq
paste
Advertisement
Guest User

audit.log

a guest
Feb 24th, 2015
503
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
SAS 101.71 KB | None | 0 0
raw download clone embed print report
  1. type=DAEMON_START msg=audit(1424829806.362:7333): auditd start, ver=2.2.2 format=raw kernel=3.17.7-hardened-r1 auid=4294967295 pid=259 subj=system_u:system_r:init_t res=success
  2. type=AVC msg=audit(1424829827.687:711): avc:  denied  { sendto } for  pid=192 comm="login" path="/run/systemd/journal/dev-log" scontext=system_u:system_r:local_login_t tcontext=system_u:system_r:init_t tclass=unix_dgram_socket permissive=1
  3. type=AVC msg=audit(1424829827.687:712): avc:  denied  { net_admin } for  pid=192 comm="login" capability=12  scontext=system_u:system_r:local_login_t tcontext=system_u:system_r:local_login_t tclass=capability permissive=1
  4. type=AVC msg=audit(1424829827.687:713): avc:  denied  { connectto } for  pid=192 comm="login" path="/run/dbus/system_bus_socket" scontext=system_u:system_r:local_login_t tcontext=system_u:system_r:init_t tclass=unix_stream_socket permissive=1
  5. type=AVC msg=audit(1424829827.687:714): avc:  denied  { read } for  pid=110 comm="systemd-journal" name="exe" dev="proc" ino=6844 scontext=system_u:system_r:init_t tcontext=system_u:system_r:local_login_t tclass=lnk_file permissive=1
  6. type=AVC msg=audit(1424829827.688:715): avc:  denied  { nlmsg_relay } for  pid=182 comm="dbus-daemon" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_audit_socket permissive=1
  7. type=USER_AVC msg=audit(1424829827.688:716): pid=182 uid=108 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=Hello dest=org.freedesktop.DBus spid=192 scontext=system_u:system_r:local_login_t tcontext=system_u:system_r:init_t tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=108 hostname=? addr=? terminal=?'
  8. type=USER_AVC msg=audit(1424829827.691:717): pid=182 uid=108 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t msg='avc:  denied  { send_msg } for msgtype=method_return dest=:1.5 spid=181 tpid=192 scontext=system_u:system_r:init_t tcontext=system_u:system_r:local_login_t tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=108 hostname=? addr=? terminal=?'
  9. type=AVC msg=audit(1424829827.693:718): avc:  denied  { unlink } for  pid=181 comm="systemd-logind" name="2.ref" dev="tmpfs" ino=6861 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_run_t tclass=fifo_file permissive=1
  10. type=AVC msg=audit(1424829827.694:719): avc:  denied  { execute_no_trans } for  pid=270 comm="kworker/u4:2" path="/usr/lib64/systemd/systemd-cgroups-agent" dev="sda4" ino=370451 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=file permissive=1
  11. type=AVC msg=audit(1424829827.696:720): avc:  denied  { write } for  pid=270 comm="systemd-cgroups" name="socket" dev="tmpfs" ino=4212 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:syslogd_var_run_t tclass=sock_file permissive=1
  12. type=AVC msg=audit(1424829827.696:720): avc:  denied  { sendto } for  pid=270 comm="systemd-cgroups" path="/run/systemd/journal/socket" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:init_t tclass=unix_dgram_socket permissive=1
  13. type=SYSCALL msg=audit(1424829827.696:720): arch=c000003e syscall=42 success=yes exit=0 a0=0 a1=38faec6ac30 a2=1d a3=38faec6abf0 items=1 ppid=49 pid=270 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-cgroups" exe="/usr/lib64/systemd/systemd-cgroups-agent" subj=system_u:system_r:kernel_t key=(null)
  14. type=SOCKADDR msg=audit(1424829827.696:720): saddr=01002F72756E2F73797374656D642F6A6F75726E616C2F736F636B6574
  15. type=PATH msg=audit(1424829827.696:720): item=0 name=(null) inode=4212 dev=00:16 mode=0140666 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:syslogd_var_run_t nametype=NORMAL
  16. type=UNKNOWN[1327] msg=audit(1424829827.696:720): proctitle=2F7573722F6C69622F73797374656D642F73797374656D642D6367726F7570732D6167656E74002F757365722E736C6963652F757365722D302E736C6963652F73657373696F6E2D322E73636F7065
  17. type=AVC msg=audit(1424829827.697:721): avc:  denied  { write } for  pid=270 comm="systemd-cgroups" name="private" dev="tmpfs" ino=4183 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:init_var_run_t tclass=sock_file permissive=1
  18. type=AVC msg=audit(1424829827.697:721): avc:  denied  { connectto } for  pid=270 comm="systemd-cgroups" path="/run/systemd/private" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:init_t tclass=unix_stream_socket permissive=1
  19. type=SYSCALL msg=audit(1424829827.697:721): arch=c000003e syscall=42 success=yes exit=0 a0=1 a1=3d5fd9c7d8 a2=16 a3=38faec6aa90 items=1 ppid=49 pid=270 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-cgroups" exe="/usr/lib64/systemd/systemd-cgroups-agent" subj=system_u:system_r:kernel_t key=(null)
  20. type=SOCKADDR msg=audit(1424829827.697:721): saddr=01002F72756E2F73797374656D642F70726976617465
  21. type=PATH msg=audit(1424829827.697:721): item=0 name=(null) inode=4183 dev=00:16 mode=0140777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t nametype=NORMAL
  22. type=UNKNOWN[1327] msg=audit(1424829827.697:721): proctitle=2F7573722F6C69622F73797374656D642F73797374656D642D6367726F7570732D6167656E74002F757365722E736C6963652F757365722D302E736C6963652F73657373696F6E2D322E73636F7065
  23. type=AVC msg=audit(1424829827.724:722): avc:  denied  { read write } for  pid=271 comm="agetty" path="socket:[7343]" dev="sockfs" ino=7343 scontext=system_u:system_r:getty_t tcontext=system_u:system_r:init_t tclass=unix_stream_socket permissive=1
  24. type=SYSCALL msg=audit(1424829827.724:722): arch=c000003e syscall=59 success=yes exit=0 a0=52cd191d70 a1=52cd1f7430 a2=52cd15c650 a3=756e694c00000000 items=2 ppid=1 pid=271 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="agetty" exe="/sbin/agetty" subj=system_u:system_r:getty_t key=(null)
  25. type=EXECVE msg=audit(1424829827.724:722): argc=4 a0="/sbin/agetty" a1="--noclear" a2="tty2" a3="linux"
  26. type=CWD msg=audit(1424829827.724:722):  cwd="/"
  27. type=PATH msg=audit(1424829827.724:722): item=0 name="/sbin/agetty" inode=367139 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:getty_exec_t nametype=NORMAL
  28. type=PATH msg=audit(1424829827.724:722): item=1 name=(null) inode=364765 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t nametype=NORMAL
  29. type=UNKNOWN[1327] msg=audit(1424829827.724:722): proctitle=2F7362696E2F616765747479002D2D6E6F636C6561720074747932006C696E7578
  30. type=AVC msg=audit(1424829873.265:723): avc:  denied  { sendto } for  pid=274 comm="shutdown" path="/run/systemd/journal/dev-log" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:init_t tclass=unix_dgram_socket permissive=1
  31. type=SYSCALL msg=audit(1424829873.265:723): arch=c000003e syscall=42 success=yes exit=0 a0=3 a1=2c99685d480 a2=6e a3=5aab7288e8 items=1 ppid=201 pid=274 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="shutdown" exe="/sbin/shutdown" subj=root:sysadm_r:sysadm_t key=(null)
  32. type=SOCKADDR msg=audit(1424829873.265:723): saddr=01002F6465762F6C6F6700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  33. type=PATH msg=audit(1424829873.265:723): item=0 name=(null) inode=4203 dev=00:16 mode=0140666 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:devlog_t nametype=NORMAL
  34. type=UNKNOWN[1327] msg=audit(1424829873.265:723): proctitle=73687574646F776E002D7200300077
  35. type=AVC msg=audit(1424829873.266:724): avc:  denied  { read } for  pid=110 comm="systemd-journal" name="exe" dev="proc" ino=6083 scontext=system_u:system_r:init_t tcontext=root:sysadm_r:sysadm_t tclass=lnk_file permissive=1
  36. type=AVC msg=audit(1424829873.746:725): avc:  denied  { getattr } for  pid=276 comm="systemd-initctl" path="/run/systemd/initctl/fifo" dev="tmpfs" ino=4199 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_run_t tclass=fifo_file permissive=1
  37. type=AVC msg=audit(1424829873.747:726): avc:  denied  { read } for  pid=276 comm="systemd-initctl" path="/run/systemd/initctl/fifo" dev="tmpfs" ino=4199 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_run_t tclass=fifo_file permissive=1
  38. type=AVC msg=audit(1424829873.751:727): avc:  denied  { getattr } for  pid=1 comm="systemd" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=process permissive=1
  39. type=AVC msg=audit(1424829873.813:728): avc:  denied  { getattr } for  pid=196 comm="systemd" path="/root" dev="sda4" ino=39423 scontext=system_u:system_r:init_t tcontext=root:object_r:user_home_dir_t tclass=dir permissive=1
  40. type=AVC msg=audit(1424829873.847:729): avc:  denied  { search } for  pid=196 comm="systemd" name="kernel" dev="proc" ino=4187 scontext=system_u:system_r:init_t tcontext=system_u:object_r:sysctl_kernel_t tclass=dir permissive=1
  41. type=AVC msg=audit(1424829873.847:730): avc:  denied  { read } for  pid=196 comm="systemd" name="boot_id" dev="proc" ino=4189 scontext=system_u:system_r:init_t tcontext=system_u:object_r:sysctl_kernel_t tclass=file permissive=1
  42. type=AVC msg=audit(1424829873.847:731): avc:  denied  { open } for  pid=196 comm="systemd" path="/proc/sys/kernel/random/boot_id" dev="proc" ino=4189 scontext=system_u:system_r:init_t tcontext=system_u:object_r:sysctl_kernel_t tclass=file permissive=1
  43. type=AVC msg=audit(1424829873.856:732): avc:  denied  { getattr } for  pid=16 comm="kdevtmpfs" path="/vcs5" dev="devtmpfs" ino=5580 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
  44. type=AVC msg=audit(1424829873.856:733): avc:  denied  { setattr } for  pid=16 comm="kdevtmpfs" name="vcs5" dev="devtmpfs" ino=5580 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
  45. type=AVC msg=audit(1424829873.856:734): avc:  denied  { unlink } for  pid=16 comm="kdevtmpfs" name="vcs5" dev="devtmpfs" ino=5580 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
  46. type=AVC msg=audit(1424829873.856:735): avc:  denied  { getattr } for  pid=128 comm="systemd-udevd" path="/etc/udev/rules.d" dev="sda4" ino=40374 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_rules_t tclass=dir permissive=1
  47. type=AVC msg=audit(1424829873.856:736): avc:  denied  { getattr } for  pid=128 comm="systemd-udevd" path="/etc/modprobe.d" dev="sda4" ino=40123 scontext=system_u:system_r:init_t tcontext=system_u:object_r:modules_conf_t tclass=dir permissive=1
  48. type=AVC msg=audit(1424829873.856:737): avc:  denied  { search } for  pid=128 comm="systemd-udevd" name="modules" dev="sda4" ino=296951 scontext=system_u:system_r:init_t tcontext=system_u:object_r:modules_object_t tclass=dir permissive=1
  49. type=AVC msg=audit(1424829873.856:738): avc:  denied  { getattr } for  pid=128 comm="systemd-udevd" path="/lib64/modules/3.17.7-hardened-r1/modules.dep.bin" dev="sda4" ino=350558 scontext=system_u:system_r:init_t tcontext=system_u:object_r:modules_dep_t tclass=file permissive=1
  50. type=AVC msg=audit(1424829873.856:739): avc:  denied  { read } for  pid=128 comm="systemd-udevd" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_kobject_uevent_socket permissive=1
  51. type=AVC msg=audit(1424829873.856:740): avc:  denied  { create } for  pid=128 comm="systemd-udevd" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_kobject_uevent_socket permissive=1
  52. type=AVC msg=audit(1424829873.856:741): avc:  denied  { bind } for  pid=128 comm="systemd-udevd" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_kobject_uevent_socket permissive=1
  53. type=AVC msg=audit(1424829873.856:742): avc:  denied  { getattr } for  pid=128 comm="systemd-udevd" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_kobject_uevent_socket permissive=1
  54. type=AVC msg=audit(1424829873.856:743): avc:  denied  { setopt } for  pid=128 comm="systemd-udevd" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_kobject_uevent_socket permissive=1
  55. type=AVC msg=audit(1424829873.856:744): avc:  denied  { write } for  pid=128 comm="systemd-udevd" name="udev" dev="tmpfs" ino=4206 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=dir permissive=1
  56. type=AVC msg=audit(1424829873.856:745): avc:  denied  { add_name } for  pid=128 comm="systemd-udevd" name="queue" scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=dir permissive=1
  57. type=AVC msg=audit(1424829873.856:746): avc:  denied  { create } for  pid=128 comm="systemd-udevd" name="queue" scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=file permissive=1
  58. type=AVC msg=audit(1424829873.856:747): avc:  denied  { write } for  pid=128 comm="systemd-udevd" path="/run/udev/queue" dev="tmpfs" ino=7415 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=file permissive=1
  59. type=AVC msg=audit(1424829873.857:748): avc:  denied  { remove_name } for  pid=287 comm="systemd-udevd" name="c7:5" dev="tmpfs" ino=5591 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=dir permissive=1
  60. type=AVC msg=audit(1424829873.857:748): avc:  denied  { unlink } for  pid=287 comm="systemd-udevd" name="c7:5" dev="tmpfs" ino=5591 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=file permissive=1
  61. type=SYSCALL msg=audit(1424829873.857:748): arch=c000003e syscall=87 success=yes exit=0 a0=3ae39dec580 a1=367f39a9d4 a2=0 a3=22 items=2 ppid=128 pid=287 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  62. type=CWD msg=audit(1424829873.857:748):  cwd="/"
  63. type=PATH msg=audit(1424829873.857:748): item=0 name="/run/udev/data/" inode=1652 dev=00:16 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:udev_var_run_t nametype=PARENT
  64. type=PATH msg=audit(1424829873.857:748): item=1 name="/run/udev/data/c7:5" inode=5591 dev=00:16 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:udev_var_run_t nametype=DELETE
  65. type=UNKNOWN[1327] msg=audit(1424829873.857:748): proctitle="/usr/lib/systemd/systemd-udevd"
  66. type=AVC msg=audit(1424829873.857:749): avc:  denied  { unlink } for  pid=287 comm="systemd-udevd" name="7:5" dev="devtmpfs" ino=5590 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=lnk_file permissive=1
  67. type=SYSCALL msg=audit(1424829873.857:749): arch=c000003e syscall=87 success=yes exit=0 a0=3ae39dec570 a1=367c724f9a a2=3ae39dec57d a3=0 items=2 ppid=128 pid=287 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  68. type=CWD msg=audit(1424829873.857:749):  cwd="/"
  69. type=PATH msg=audit(1424829873.857:749): item=0 name="/dev/char/" inode=1682 dev=00:05 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:device_t nametype=PARENT
  70. type=PATH msg=audit(1424829873.857:749): item=1 name="/dev/char/7:5" inode=5590 dev=00:05 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:device_t nametype=DELETE
  71. type=UNKNOWN[1327] msg=audit(1424829873.857:749): proctitle="/usr/lib/systemd/systemd-udevd"
  72. type=AVC msg=audit(1424829873.858:750): avc:  denied  { write } for  pid=287 comm="systemd-udevd" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_kobject_uevent_socket permissive=1
  73. type=SYSCALL msg=audit(1424829873.858:750): arch=c000003e syscall=46 success=no exit=-111 a0=c a1=3ae39decd90 a2=0 a3=80000 items=0 ppid=128 pid=287 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  74. type=SOCKADDR msg=audit(1424829873.858:750): saddr=100000000000000002000000
  75. type=UNKNOWN[1327] msg=audit(1424829873.858:750): proctitle="/usr/lib/systemd/systemd-udevd"
  76. type=AVC msg=audit(1424829874.110:751): avc:  denied  { getattr } for  pid=300 comm="systemd-backlig" path="/var/lib/systemd" dev="sda4" ino=273602 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_lib_t tclass=dir permissive=1
  77. type=AVC msg=audit(1424829874.117:752): avc:  denied  { getattr } for  pid=301 comm="systemd-backlig" path="/var/lib/systemd/backlight/pci-0000:04:00.0:backlight:nv_backlight" dev="sda4" ino=275 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_lib_t tclass=file permissive=1
  78. type=AVC msg=audit(1424829874.123:753): avc:  denied  { getattr } for  pid=303 comm="systemd-random-" path="/proc/sys/kernel/random/poolsize" dev="proc" ino=6394 scontext=system_u:system_r:init_t tcontext=system_u:object_r:sysctl_kernel_t tclass=file permissive=1
  79. type=AVC msg=audit(1424829874.124:754): avc:  denied  { execute } for  pid=304 comm="(swapoff)" name="swapoff" dev="sda4" ino=367130 scontext=system_u:system_r:init_t tcontext=system_u:object_r:fsadm_exec_t tclass=file permissive=1
  80. type=AVC msg=audit(1424829874.124:754): avc:  denied  { read open } for  pid=304 comm="(swapoff)" path="/sbin/swapoff" dev="sda4" ino=367130 scontext=system_u:system_r:init_t tcontext=system_u:object_r:fsadm_exec_t tclass=file permissive=1
  81. type=AVC msg=audit(1424829874.125:755): avc:  denied  { read } for  pid=310 comm="systemd" name="systemd-private-3a40f28332c44b169b0b8dd67b005073-systemd-timesyncd.service-ynY1Kx" dev="sda4" ino=674073 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  82. type=AVC msg=audit(1424829874.125:755): avc:  denied  { open } for  pid=310 comm="systemd" path="/var/tmp/systemd-private-3a40f28332c44b169b0b8dd67b005073-systemd-timesyncd.service-ynY1Kx" dev="sda4" ino=674073 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  83. type=AVC msg=audit(1424829874.125:756): avc:  denied  { getattr } for  pid=310 comm="systemd" path="/var/tmp/systemd-private-3a40f28332c44b169b0b8dd67b005073-systemd-timesyncd.service-ynY1Kx" dev="sda4" ino=674073 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  84. type=AVC msg=audit(1424829874.124:754): avc:  denied  { execute_no_trans } for  pid=304 comm="(swapoff)" path="/sbin/swapoff" dev="sda4" ino=367130 scontext=system_u:system_r:init_t tcontext=system_u:object_r:fsadm_exec_t tclass=file permissive=1
  85. type=AVC msg=audit(1424829874.126:757): avc:  denied  { write } for  pid=310 comm="systemd" name="systemd-private-3a40f28332c44b169b0b8dd67b005073-systemd-timesyncd.service-ynY1Kx" dev="sda4" ino=674073 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  86. type=AVC msg=audit(1424829874.126:757): avc:  denied  { remove_name } for  pid=310 comm="systemd" name="tmp" dev="sda4" ino=674074 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  87. type=AVC msg=audit(1424829874.126:757): avc:  denied  { rmdir } for  pid=310 comm="systemd" name="tmp" dev="sda4" ino=674074 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  88. type=AVC msg=audit(1424829874.127:758): avc:  denied  { search } for  pid=309 comm="systemd" name="vm" dev="proc" ino=8383 scontext=system_u:system_r:init_t tcontext=system_u:object_r:sysctl_vm_t tclass=dir permissive=1
  89. type=AVC msg=audit(1424829874.127:758): avc:  denied  { read } for  pid=309 comm="systemd" name="overcommit_memory" dev="proc" ino=8384 scontext=system_u:system_r:init_t tcontext=system_u:object_r:sysctl_vm_t tclass=file permissive=1
  90. type=AVC msg=audit(1424829874.127:758): avc:  denied  { open } for  pid=309 comm="systemd" path="/proc/sys/vm/overcommit_memory" dev="proc" ino=8384 scontext=system_u:system_r:init_t tcontext=system_u:object_r:sysctl_vm_t tclass=file permissive=1
  91. type=AVC msg=audit(1424829874.129:759): avc:  denied  { setattr } for  pid=303 comm="systemd-random-" name="random-seed" dev="sda4" ino=674054 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_lib_t tclass=file permissive=1
  92. type=SYSCALL msg=audit(1424829874.129:759): arch=c000003e syscall=91 success=yes exit=0 a0=4 a1=180 a2=180 a3=745b408c40 items=1 ppid=1 pid=303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-random-" exe="/usr/lib64/systemd/systemd-random-seed" subj=system_u:system_r:init_t key=(null)
  93. type=PATH msg=audit(1424829874.129:759): item=0 name=(null) inode=674054 dev=00:10 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_lib_t nametype=NORMAL
  94. type=UNKNOWN[1327] msg=audit(1424829874.129:759): proctitle=2F7573722F6C69622F73797374656D642F73797374656D642D72616E646F6D2D736565640073617665
  95. type=SYSCALL msg=audit(1424829874.126:757): arch=c000003e syscall=263 success=yes exit=0 a0=e a1=35b6c000933 a2=200 a3=0 items=2 ppid=0 pid=310 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  96. type=CWD msg=audit(1424829874.126:757):  cwd="/"
  97. type=PATH msg=audit(1424829874.126:757): item=0 name="/" inode=674073 dev=00:10 mode=040700 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t nametype=PARENT
  98. type=PATH msg=audit(1424829874.126:757): item=1 name="tmp" inode=674074 dev=00:10 mode=041777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t nametype=DELETE
  99. type=UNKNOWN[1327] msg=audit(1424829874.126:757): proctitle="/usr/lib/systemd/systemd"
  100. type=SYSCALL msg=audit(1424829874.124:754): arch=c000003e syscall=59 success=yes exit=0 a0=52cd16e770 a1=52cd1e5c00 a2=52cd185bc0 a3=756e694c00000000 items=2 ppid=1 pid=304 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="swapoff" exe="/sbin/swapoff" subj=system_u:system_r:init_t key=(null)
  101. type=EXECVE msg=audit(1424829874.124:754): argc=2 a0="/sbin/swapoff" a1="/dev/sda3"
  102. type=CWD msg=audit(1424829874.124:754):  cwd="/"
  103. type=PATH msg=audit(1424829874.124:754): item=0 name="/sbin/swapoff" inode=367130 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:fsadm_exec_t nametype=NORMAL
  104. type=PATH msg=audit(1424829874.124:754): item=1 name=(null) inode=364765 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t nametype=NORMAL
  105. type=UNKNOWN[1327] msg=audit(1424829874.124:754): proctitle=2F7362696E2F737761706F6666002F6465762F73646133
  106. type=AVC msg=audit(1424829874.137:760): avc:  denied  { write } for  pid=304 comm="swapoff" name="sda3" dev="devtmpfs" ino=4085 scontext=system_u:system_r:init_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
  107. type=SYSCALL msg=audit(1424829874.137:760): arch=c000003e syscall=168 success=yes exit=0 a0=3846e86250 a1=0 a2=0 a3=1 items=1 ppid=1 pid=304 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="swapoff" exe="/sbin/swapoff" subj=system_u:system_r:init_t key=(null)
  108. type=CWD msg=audit(1424829874.137:760):  cwd="/"
  109. type=PATH msg=audit(1424829874.137:760): item=0 name="/dev/sda3" inode=4085 dev=00:05 mode=060660 ouid=0 ogid=6 rdev=08:03 obj=system_u:object_r:fixed_disk_device_t nametype=NORMAL
  110. type=UNKNOWN[1327] msg=audit(1424829874.137:760): proctitle=2F7362696E2F737761706F6666002F6465762F73646133
  111. type=AVC msg=audit(1424829874.140:761): avc:  denied  { read } for  pid=128 comm="systemd-udevd" name="12" dev="tmpfs" ino=4874 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=lnk_file permissive=1
  112. type=AVC msg=audit(1424829874.140:762): avc:  denied  { write } for  pid=128 comm="systemd-udevd" name="uevent" dev="sysfs" ino=8967 scontext=system_u:system_r:init_t tcontext=system_u:object_r:sysfs_t tclass=file permissive=1
  113. type=AVC msg=audit(1424829874.140:763): avc:  denied  { lock } for  pid=287 comm="systemd-udevd" path="/dev/sda" dev="devtmpfs" ino=4079 scontext=system_u:system_r:init_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
  114. type=SYSCALL msg=audit(1424829874.140:763): arch=c000003e syscall=73 success=yes exit=0 a0=7 a1=5 a2=367f39b0a0 a3=367f38fed0 items=0 ppid=128 pid=287 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  115. type=UNKNOWN[1327] msg=audit(1424829874.140:763): proctitle="/usr/lib/systemd/systemd-udevd"
  116. type=AVC msg=audit(1424829874.141:764): avc:  denied  { unlink } for  pid=287 comm="systemd-udevd" name="12" dev="tmpfs" ino=4874 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=lnk_file permissive=1
  117. type=SYSCALL msg=audit(1424829874.141:764): arch=c000003e syscall=87 success=yes exit=0 a0=3ae39dec570 a1=367c724e46 a2=3ae39dec582 a3=367f391a30 items=2 ppid=128 pid=287 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  118. type=CWD msg=audit(1424829874.141:764):  cwd="/"
  119. type=PATH msg=audit(1424829874.141:764): item=0 name="/run/udev/watch/" inode=4573 dev=00:16 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:udev_var_run_t nametype=PARENT
  120. type=PATH msg=audit(1424829874.141:764): item=1 name="/run/udev/watch/12" inode=4874 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:udev_var_run_t nametype=DELETE
  121. type=UNKNOWN[1327] msg=audit(1424829874.141:764): proctitle="/usr/lib/systemd/systemd-udevd"
  122. type=DAEMON_END msg=audit(1424829874.164:7334): auditd normal halt, sending auid=0 pid=1 subj=system_u:system_r:init_t res=success
  123. type=DAEMON_START msg=audit(1424829895.564:8626): auditd start, ver=2.2.2 format=raw kernel=3.17.7-hardened-r1 auid=4294967295 pid=168 subj=system_u:system_r:init_t res=success
  124. type=AVC msg=audit(1424829896.119:436): avc:  denied  { execute } for  pid=186 comm="(swapon)" name="swapon" dev="sda4" ino=367131 scontext=system_u:system_r:init_t tcontext=system_u:object_r:fsadm_exec_t tclass=file permissive=1
  125. type=AVC msg=audit(1424829896.119:436): avc:  denied  { read open } for  pid=186 comm="(swapon)" path="/sbin/swapon" dev="sda4" ino=367131 scontext=system_u:system_r:init_t tcontext=system_u:object_r:fsadm_exec_t tclass=file permissive=1
  126. type=AVC msg=audit(1424829896.119:436): avc:  denied  { execute_no_trans } for  pid=186 comm="(swapon)" path="/sbin/swapon" dev="sda4" ino=367131 scontext=system_u:system_r:init_t tcontext=system_u:object_r:fsadm_exec_t tclass=file permissive=1
  127. type=SYSCALL msg=audit(1424829896.119:436): arch=c000003e syscall=59 success=yes exit=0 a0=4d22573420 a1=4d22574fe0 a2=4d2256e740 a3=756e694c00000000 items=2 ppid=1 pid=186 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="swapon" exe="/sbin/swapon" subj=system_u:system_r:init_t key=(null)
  128. type=EXECVE msg=audit(1424829896.119:436): argc=2 a0="/sbin/swapon" a1="/dev/sda3"
  129. type=CWD msg=audit(1424829896.119:436):  cwd="/"
  130. type=PATH msg=audit(1424829896.119:436): item=0 name="/sbin/swapon" inode=367131 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:fsadm_exec_t nametype=NORMAL
  131. type=PATH msg=audit(1424829896.119:436): item=1 name=(null) inode=364765 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t nametype=NORMAL
  132. type=UNKNOWN[1327] msg=audit(1424829896.119:436): proctitle=2F7362696E2F737761706F6E002F6465762F73646133
  133. type=AVC msg=audit(1424829896.240:437): avc:  denied  { read } for  pid=171 comm="systemd-tmpfile" name="nsswitch.conf" dev="sda4" ino=370357 scontext=system_u:system_r:init_t tcontext=system_u:object_r:usr_t tclass=file permissive=1
  134. type=AVC msg=audit(1424829896.240:438): avc:  denied  { open } for  pid=171 comm="systemd-tmpfile" path="/usr/share/factory/etc/nsswitch.conf" dev="sda4" ino=370357 scontext=system_u:system_r:init_t tcontext=system_u:object_r:usr_t tclass=file permissive=1
  135. type=AVC msg=audit(1424829896.240:439): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="nsswitch.conf" dev="sda4" ino=364761 scontext=system_u:system_r:init_t tcontext=system_u:object_r:etc_t tclass=file permissive=1
  136. type=AVC msg=audit(1424829896.240:440): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="nsswitch.conf" dev="sda4" ino=364761 scontext=system_u:system_r:init_t tcontext=system_u:object_r:etc_t tclass=file permissive=1
  137. type=AVC msg=audit(1424829896.241:441): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="pam.d" dev="sda4" ino=40324 scontext=system_u:system_r:init_t tcontext=system_u:object_r:etc_t tclass=dir permissive=1
  138. type=AVC msg=audit(1424829896.241:442): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="pam.d" dev="sda4" ino=40324 scontext=system_u:system_r:init_t tcontext=system_u:object_r:etc_t tclass=dir permissive=1
  139. type=AVC msg=audit(1424829896.242:443): avc:  denied  { create } for  pid=171 comm="systemd-tmpfile" name="lock" scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_lock_t tclass=dir permissive=1
  140. type=AVC msg=audit(1424829896.242:444): avc:  denied  { getattr } for  pid=171 comm="systemd-tmpfile" path="/run/lock" dev="tmpfs" ino=6392 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_lock_t tclass=dir permissive=1
  141. type=AVC msg=audit(1424829896.242:445): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="lock" dev="tmpfs" ino=6392 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_lock_t tclass=dir permissive=1
  142. type=AVC msg=audit(1424829896.242:446): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="lock" dev="tmpfs" ino=6392 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_lock_t tclass=dir permissive=1
  143. type=AVC msg=audit(1424829896.243:447): avc:  denied  { create } for  pid=171 comm="systemd-tmpfile" name="sepermit" scontext=system_u:system_r:init_t tcontext=system_u:object_r:pam_var_run_t tclass=dir permissive=1
  144. type=AVC msg=audit(1424829896.243:448): avc:  denied  { getattr } for  pid=171 comm="systemd-tmpfile" path="/run/sepermit" dev="tmpfs" ino=6393 scontext=system_u:system_r:init_t tcontext=system_u:object_r:pam_var_run_t tclass=dir permissive=1
  145. type=AVC msg=audit(1424829896.243:449): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="sepermit" dev="tmpfs" ino=6393 scontext=system_u:system_r:init_t tcontext=system_u:object_r:pam_var_run_t tclass=dir permissive=1
  146. type=AVC msg=audit(1424829896.243:450): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="sepermit" dev="tmpfs" ino=6393 scontext=system_u:system_r:init_t tcontext=system_u:object_r:pam_var_run_t tclass=dir permissive=1
  147. type=AVC msg=audit(1424829896.243:451): avc:  denied  { create } for  pid=171 comm="systemd-tmpfile" name="nologin" scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_run_t tclass=file permissive=1
  148. type=AVC msg=audit(1424829896.243:452): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="nologin" dev="tmpfs" ino=6394 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_run_t tclass=file permissive=1
  149. type=AVC msg=audit(1424829896.243:453): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="nologin" dev="tmpfs" ino=6394 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_run_t tclass=file permissive=1
  150. type=AVC msg=audit(1424829896.243:454): avc:  denied  { create } for  pid=171 comm="systemd-tmpfile" name="user" scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_auth_t tclass=dir permissive=1
  151. type=AVC msg=audit(1424829896.244:455): avc:  denied  { getattr } for  pid=171 comm="systemd-tmpfile" path="/run/user" dev="tmpfs" ino=6395 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_auth_t tclass=dir permissive=1
  152. type=AVC msg=audit(1424829896.244:456): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="user" dev="tmpfs" ino=6395 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_auth_t tclass=dir permissive=1
  153. type=AVC msg=audit(1424829896.244:457): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="user" dev="tmpfs" ino=6395 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_auth_t tclass=dir permissive=1
  154. type=AVC msg=audit(1424829896.244:458): avc:  denied  { create } for  pid=171 comm="systemd-tmpfile" name="utmp" scontext=system_u:system_r:init_t tcontext=system_u:object_r:initrc_var_run_t tclass=file permissive=1
  155. type=AVC msg=audit(1424829896.244:459): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="utmp" dev="tmpfs" ino=6396 scontext=system_u:system_r:init_t tcontext=system_u:object_r:initrc_var_run_t tclass=file permissive=1
  156. type=AVC msg=audit(1424829896.244:460): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="utmp" dev="tmpfs" ino=6396 scontext=system_u:system_r:init_t tcontext=system_u:object_r:initrc_var_run_t tclass=file permissive=1
  157. type=AVC msg=audit(1424829896.244:461): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="ask-password" dev="tmpfs" ino=1274 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_run_t tclass=dir permissive=1
  158. type=AVC msg=audit(1424829896.244:462): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="ask-password" dev="tmpfs" ino=1274 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_run_t tclass=dir permissive=1
  159. type=AVC msg=audit(1424829896.246:463): avc:  denied  { setattr } for  pid=171 comm="systemd-tmpfile" name="netif" dev="tmpfs" ino=6402 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_run_t tclass=dir permissive=1
  160. type=AVC msg=audit(1424829896.247:464): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="systemd" dev="sda4" ino=273602 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_lib_t tclass=dir permissive=1
  161. type=AVC msg=audit(1424829896.247:465): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="systemd" dev="sda4" ino=273602 scontext=system_u:system_r:init_t tcontext=system_u:object_r:init_var_lib_t tclass=dir permissive=1
  162. type=AVC msg=audit(1424829896.248:466): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="wtmp" dev="sda4" ino=674046 scontext=system_u:system_r:init_t tcontext=system_u:object_r:wtmp_t tclass=file permissive=1
  163. type=AVC msg=audit(1424829896.248:467): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="wtmp" dev="sda4" ino=674046 scontext=system_u:system_r:init_t tcontext=system_u:object_r:wtmp_t tclass=file permissive=1
  164. type=AVC msg=audit(1424829896.248:468): avc:  denied  { append } for  pid=171 comm="systemd-tmpfile" name="btmp" dev="sda4" ino=674048 scontext=system_u:system_r:init_t tcontext=system_u:object_r:faillog_t tclass=file permissive=1
  165. type=AVC msg=audit(1424829896.248:469): avc:  denied  { open } for  pid=171 comm="systemd-tmpfile" path="/var/log/btmp" dev="sda4" ino=674048 scontext=system_u:system_r:init_t tcontext=system_u:object_r:faillog_t tclass=file permissive=1
  166. type=AVC msg=audit(1424829896.248:470): avc:  denied  { getattr } for  pid=171 comm="systemd-tmpfile" path="/var/log/btmp" dev="sda4" ino=674048 scontext=system_u:system_r:init_t tcontext=system_u:object_r:faillog_t tclass=file permissive=1
  167. type=AVC msg=audit(1424829896.248:471): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="btmp" dev="sda4" ino=674048 scontext=system_u:system_r:init_t tcontext=system_u:object_r:faillog_t tclass=file permissive=1
  168. type=AVC msg=audit(1424829896.248:472): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="btmp" dev="sda4" ino=674048 scontext=system_u:system_r:init_t tcontext=system_u:object_r:faillog_t tclass=file permissive=1
  169. type=AVC msg=audit(1424829896.249:473): avc:  denied  { getattr } for  pid=171 comm="systemd-tmpfile" path="/var/spool" dev="sda4" ino=266 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_spool_t tclass=dir permissive=1
  170. type=AVC msg=audit(1424829896.249:474): avc:  denied  { relabelfrom } for  pid=171 comm="systemd-tmpfile" name="spool" dev="sda4" ino=266 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_spool_t tclass=dir permissive=1
  171. type=AVC msg=audit(1424829896.249:475): avc:  denied  { relabelto } for  pid=171 comm="systemd-tmpfile" name="spool" dev="sda4" ino=266 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_spool_t tclass=dir permissive=1
  172. type=AVC msg=audit(1424829896.250:476): avc:  denied  { write } for  pid=171 comm="systemd-tmpfile" name="/" dev="tmpfs" ino=1370 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  173. type=AVC msg=audit(1424829896.250:477): avc:  denied  { add_name } for  pid=171 comm="systemd-tmpfile" name=".X11-unix" scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  174. type=AVC msg=audit(1424829896.250:478): avc:  denied  { create } for  pid=171 comm="systemd-tmpfile" name=".X11-unix" scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  175. type=AVC msg=audit(1424829896.269:479): avc:  denied  { mounton } for  pid=189 comm="(imesyncd)" path="/tmp" dev="tmpfs" ino=1370 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  176. type=SYSCALL msg=audit(1424829896.269:479): arch=c000003e syscall=165 success=yes exit=0 a0=3fefc723120 a1=4d20877e8b a2=0 a3=5000 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  177. type=CWD msg=audit(1424829896.269:479):  cwd="/"
  178. type=PATH msg=audit(1424829896.269:479): item=0 name="/tmp" inode=1370 dev=00:1e mode=041777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t nametype=NORMAL
  179. type=PATH msg=audit(1424829896.269:479): item=1 name=(null) inode=6415 dev=00:1e mode=041777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t nametype=NORMAL
  180. type=UNKNOWN[1327] msg=audit(1424829896.269:479): proctitle="(imesyncd)"
  181. type=AVC msg=audit(1424829896.269:480): avc:  denied  { add_name } for  pid=189 comm="(imesyncd)" name="pts" scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
  182. type=SYSCALL msg=audit(1424829896.269:480): arch=c000003e syscall=83 success=yes exit=0 a0=3fefc722d30 a1=1ed a2=3fefc722d40 a3=1000002 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  183. type=CWD msg=audit(1424829896.269:480):  cwd="/"
  184. type=PATH msg=audit(1424829896.269:480): item=0 name="/tmp/namespace-dev-AUqrbJ/dev/" inode=5514 dev=00:22 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  185. type=PATH msg=audit(1424829896.269:480): item=1 name="/tmp/namespace-dev-AUqrbJ/dev/pts" inode=5515 dev=00:22 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=CREATE
  186. type=UNKNOWN[1327] msg=audit(1424829896.269:480): proctitle="(imesyncd)"
  187. type=AVC msg=audit(1424829896.269:481): avc:  denied  { create } for  pid=189 comm="(imesyncd)" name="ptmx" scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=lnk_file permissive=1
  188. type=SYSCALL msg=audit(1424829896.269:481): arch=c000003e syscall=88 success=yes exit=0 a0=4d2087c298 a1=3fefc722cf0 a2=3fefc722d00 a3=1000 items=3 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  189. type=CWD msg=audit(1424829896.269:481):  cwd="/"
  190. type=PATH msg=audit(1424829896.269:481): item=0 name="pts/ptmx" nametype=UNKNOWN
  191. type=PATH msg=audit(1424829896.269:481): item=1 name="/tmp/namespace-dev-AUqrbJ/dev/" inode=5514 dev=00:22 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  192. type=PATH msg=audit(1424829896.269:481): item=2 name="/tmp/namespace-dev-AUqrbJ/dev/ptmx" inode=5516 dev=00:22 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=CREATE
  193. type=UNKNOWN[1327] msg=audit(1424829896.269:481): proctitle="(imesyncd)"
  194. type=AVC msg=audit(1424829896.270:482): avc:  denied  { create } for  pid=189 comm="(imesyncd)" name="null" scontext=system_u:system_r:init_t tcontext=system_u:object_r:null_device_t tclass=chr_file permissive=1
  195. type=SYSCALL msg=audit(1424829896.270:482): arch=c000003e syscall=133 success=yes exit=0 a0=4d224e7350 a1=21b6 a2=103 a3=745f6563697665 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  196. type=CWD msg=audit(1424829896.270:482):  cwd="/"
  197. type=PATH msg=audit(1424829896.270:482): item=0 name="/tmp/namespace-dev-AUqrbJ/dev/" inode=5514 dev=00:22 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  198. type=PATH msg=audit(1424829896.270:482): item=1 name="/tmp/namespace-dev-AUqrbJ/dev/null" inode=5526 dev=00:22 mode=020666 ouid=0 ogid=0 rdev=01:03 obj=system_u:object_r:null_device_t nametype=CREATE
  199. type=UNKNOWN[1327] msg=audit(1424829896.270:482): proctitle="(imesyncd)"
  200. type=AVC msg=audit(1424829896.270:483): avc:  denied  { create } for  pid=189 comm="(imesyncd)" name="zero" scontext=system_u:system_r:init_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
  201. type=SYSCALL msg=audit(1424829896.270:483): arch=c000003e syscall=133 success=yes exit=0 a0=4d224e7350 a1=21b6 a2=105 a3=745f6563697665 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  202. type=CWD msg=audit(1424829896.270:483):  cwd="/"
  203. type=PATH msg=audit(1424829896.270:483): item=0 name="/tmp/namespace-dev-AUqrbJ/dev/" inode=5514 dev=00:22 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  204. type=PATH msg=audit(1424829896.270:483): item=1 name="/tmp/namespace-dev-AUqrbJ/dev/zero" inode=5527 dev=00:22 mode=020666 ouid=0 ogid=0 rdev=01:05 obj=system_u:object_r:zero_device_t nametype=CREATE
  205. type=UNKNOWN[1327] msg=audit(1424829896.270:483): proctitle="(imesyncd)"
  206. type=AVC msg=audit(1424829896.271:484): avc:  denied  { create } for  pid=189 comm="(imesyncd)" name="random" scontext=system_u:system_r:init_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
  207. type=SYSCALL msg=audit(1424829896.271:484): arch=c000003e syscall=133 success=yes exit=0 a0=4d224e7350 a1=21b6 a2=108 a3=5f6563697665645f items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  208. type=CWD msg=audit(1424829896.271:484):  cwd="/"
  209. type=PATH msg=audit(1424829896.271:484): item=0 name="/tmp/namespace-dev-AUqrbJ/dev/" inode=5514 dev=00:22 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  210. type=PATH msg=audit(1424829896.271:484): item=1 name="/tmp/namespace-dev-AUqrbJ/dev/random" inode=5529 dev=00:22 mode=020666 ouid=0 ogid=0 rdev=01:08 obj=system_u:object_r:random_device_t nametype=CREATE
  211. type=UNKNOWN[1327] msg=audit(1424829896.271:484): proctitle="(imesyncd)"
  212. type=AVC msg=audit(1424829896.271:485): avc:  denied  { create } for  pid=189 comm="(imesyncd)" name="urandom" scontext=system_u:system_r:init_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
  213. type=SYSCALL msg=audit(1424829896.271:485): arch=c000003e syscall=133 success=yes exit=0 a0=4d224e7350 a1=21b6 a2=109 a3=6563697665645f6d items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  214. type=CWD msg=audit(1424829896.271:485):  cwd="/"
  215. type=PATH msg=audit(1424829896.271:485): item=0 name="/tmp/namespace-dev-AUqrbJ/dev/" inode=5514 dev=00:22 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  216. type=PATH msg=audit(1424829896.271:485): item=1 name="/tmp/namespace-dev-AUqrbJ/dev/urandom" inode=5530 dev=00:22 mode=020666 ouid=0 ogid=0 rdev=01:09 obj=system_u:object_r:urandom_device_t nametype=CREATE
  217. type=UNKNOWN[1327] msg=audit(1424829896.271:485): proctitle="(imesyncd)"
  218. type=AVC msg=audit(1424829896.271:486): avc:  denied  { create } for  pid=189 comm="(imesyncd)" name="tty" scontext=system_u:system_r:init_t tcontext=system_u:object_r:devtty_t tclass=chr_file permissive=1
  219. type=SYSCALL msg=audit(1424829896.271:486): arch=c000003e syscall=133 success=yes exit=0 a0=4d224e7350 a1=21b6 a2=500 a3=746165726373662f items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  220. type=CWD msg=audit(1424829896.271:486):  cwd="/"
  221. type=PATH msg=audit(1424829896.271:486): item=0 name="/tmp/namespace-dev-AUqrbJ/dev/" inode=5514 dev=00:22 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  222. type=PATH msg=audit(1424829896.271:486): item=1 name="/tmp/namespace-dev-AUqrbJ/dev/tty" inode=5531 dev=00:22 mode=020666 ouid=0 ogid=0 rdev=05:00 obj=system_u:object_r:devtty_t nametype=CREATE
  223. type=UNKNOWN[1327] msg=audit(1424829896.271:486): proctitle="(imesyncd)"
  224. type=AVC msg=audit(1424829896.272:487): avc:  denied  { remove_name } for  pid=189 comm="(imesyncd)" name="dev" dev="tmpfs" ino=5513 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  225. type=AVC msg=audit(1424829896.272:487): avc:  denied  { rmdir } for  pid=189 comm="(imesyncd)" name="dev" dev="tmpfs" ino=5513 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmp_t tclass=dir permissive=1
  226. type=SYSCALL msg=audit(1424829896.272:487): arch=c000003e syscall=84 success=yes exit=0 a0=3fefc722d70 a1=4d208786aa a2=0 a3=2000 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  227. type=CWD msg=audit(1424829896.272:487):  cwd="/"
  228. type=PATH msg=audit(1424829896.272:487): item=0 name="/tmp/namespace-dev-AUqrbJ/" inode=5512 dev=00:1e mode=040700 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t nametype=PARENT
  229. type=PATH msg=audit(1424829896.272:487): item=1 name="/tmp/namespace-dev-AUqrbJ/dev" inode=5513 dev=00:1e mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t nametype=DELETE
  230. type=UNKNOWN[1327] msg=audit(1424829896.272:487): proctitle="(imesyncd)"
  231. type=AVC msg=audit(1424829896.272:488): avc:  denied  { unmount } for  pid=189 comm="(imesyncd)" scontext=system_u:system_r:init_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
  232. type=SYSCALL msg=audit(1424829896.272:488): arch=c000003e syscall=166 success=yes exit=0 a0=4d22575240 a1=0 a2=0 a3=a items=1 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  233. type=CWD msg=audit(1424829896.272:488):  cwd="/"
  234. type=PATH msg=audit(1424829896.272:488): item=0 name="/home" inode=256 dev=00:10 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:home_root_t nametype=NORMAL
  235. type=UNKNOWN[1327] msg=audit(1424829896.272:488): proctitle="(imesyncd)"
  236. type=AVC msg=audit(1424829896.280:489): avc:  denied  { mounton } for  pid=189 comm="(imesyncd)" path="/run/user" dev="tmpfs" ino=6395 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_auth_t tclass=dir permissive=1
  237. type=SYSCALL msg=audit(1424829896.280:489): arch=c000003e syscall=165 success=yes exit=0 a0=4d2087c13f a1=4d2087c316 a2=0 a3=5000 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  238. type=CWD msg=audit(1424829896.280:489):  cwd="/"
  239. type=PATH msg=audit(1424829896.280:489): item=0 name="/run/user" inode=6395 dev=00:16 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:var_auth_t nametype=NORMAL
  240. type=PATH msg=audit(1424829896.280:489): item=1 name=(null) inode=1241 dev=00:16 mode=040000 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t nametype=NORMAL
  241. type=UNKNOWN[1327] msg=audit(1424829896.280:489): proctitle="(imesyncd)"
  242. type=AVC msg=audit(1424829896.280:490): avc:  denied  { mounton } for  pid=189 comm="(imesyncd)" path="/root" dev="sda4" ino=39423 scontext=system_u:system_r:init_t tcontext=root:object_r:user_home_dir_t tclass=dir permissive=1
  243. type=SYSCALL msg=audit(1424829896.280:490): arch=c000003e syscall=165 success=yes exit=0 a0=4d2087c13f a1=4d2087c321 a2=0 a3=5000 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  244. type=CWD msg=audit(1424829896.280:490):  cwd="/"
  245. type=PATH msg=audit(1424829896.280:490): item=0 name="/root" inode=39423 dev=00:10 mode=040700 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_dir_t nametype=NORMAL
  246. type=PATH msg=audit(1424829896.280:490): item=1 name=(null) inode=1241 dev=00:16 mode=040000 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t nametype=NORMAL
  247. type=UNKNOWN[1327] msg=audit(1424829896.280:490): proctitle="(imesyncd)"
  248. type=AVC msg=audit(1424829896.283:491): avc:  denied  { remount } for  pid=189 comm="(imesyncd)" scontext=system_u:system_r:init_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
  249. type=SYSCALL msg=audit(1424829896.283:491): arch=c000003e syscall=165 success=yes exit=0 a0=0 a1=4d225bdb20 a2=0 a3=1020 items=1 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  250. type=CWD msg=audit(1424829896.283:491):  cwd="/"
  251. type=PATH msg=audit(1424829896.283:491): item=0 name="/dev/pts" inode=1 dev=00:0b mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:devpts_t nametype=NORMAL
  252. type=UNKNOWN[1327] msg=audit(1424829896.283:491): proctitle="(imesyncd)"
  253. type=AVC msg=audit(1424829896.283:492): avc:  denied  { remount } for  pid=189 comm="(imesyncd)" scontext=system_u:system_r:init_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
  254. type=SYSCALL msg=audit(1424829896.283:492): arch=c000003e syscall=165 success=yes exit=0 a0=0 a1=4d225bdc00 a2=0 a3=1020 items=1 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  255. type=CWD msg=audit(1424829896.283:492):  cwd="/"
  256. type=PATH msg=audit(1424829896.283:492): item=0 name="/dev/hugepages" inode=1369 dev=00:1d mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:hugetlbfs_t nametype=NORMAL
  257. type=UNKNOWN[1327] msg=audit(1424829896.283:492): proctitle="(imesyncd)"
  258. type=AVC msg=audit(1424829896.287:493): avc:  denied  { mounton } for  pid=189 comm="(imesyncd)" path="/usr" dev="sda4" ino=371 scontext=system_u:system_r:init_t tcontext=system_u:object_r:usr_t tclass=dir permissive=1
  259. type=SYSCALL msg=audit(1424829896.287:493): arch=c000003e syscall=165 success=yes exit=0 a0=4d22586be0 a1=4d22586be0 a2=0 a3=5000 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  260. type=CWD msg=audit(1424829896.287:493):  cwd="/"
  261. type=PATH msg=audit(1424829896.287:493): item=0 name="/usr" inode=371 dev=00:10 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:usr_t nametype=NORMAL
  262. type=PATH msg=audit(1424829896.287:493): item=1 name=(null) inode=371 dev=00:10 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:usr_t nametype=NORMAL
  263. type=UNKNOWN[1327] msg=audit(1424829896.287:493): proctitle="(imesyncd)"
  264. type=AVC msg=audit(1424829896.288:494): avc:  denied  { mounton } for  pid=189 comm="(imesyncd)" path="/boot" dev="sda4" ino=39707 scontext=system_u:system_r:init_t tcontext=system_u:object_r:boot_t tclass=dir permissive=1
  265. type=SYSCALL msg=audit(1424829896.288:494): arch=c000003e syscall=165 success=yes exit=0 a0=4d225b9130 a1=4d225b9130 a2=0 a3=5000 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  266. type=CWD msg=audit(1424829896.288:494):  cwd="/"
  267. type=PATH msg=audit(1424829896.288:494): item=0 name="/boot" inode=39707 dev=00:10 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:boot_t nametype=NORMAL
  268. type=PATH msg=audit(1424829896.288:494): item=1 name=(null) inode=39707 dev=00:10 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:boot_t nametype=NORMAL
  269. type=UNKNOWN[1327] msg=audit(1424829896.288:494): proctitle="(imesyncd)"
  270. type=AVC msg=audit(1424829896.289:495): avc:  denied  { mounton } for  pid=189 comm="(imesyncd)" path="/etc" dev="sda4" ino=39727 scontext=system_u:system_r:init_t tcontext=system_u:object_r:etc_t tclass=dir permissive=1
  271. type=SYSCALL msg=audit(1424829896.289:495): arch=c000003e syscall=165 success=yes exit=0 a0=4d225bc5b0 a1=4d225bc5b0 a2=0 a3=5000 items=2 ppid=1 pid=189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(imesyncd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  272. type=CWD msg=audit(1424829896.289:495):  cwd="/"
  273. type=PATH msg=audit(1424829896.289:495): item=0 name="/etc" inode=39727 dev=00:10 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:etc_t nametype=NORMAL
  274. type=PATH msg=audit(1424829896.289:495): item=1 name=(null) inode=39727 dev=00:10 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:etc_t nametype=NORMAL
  275. type=UNKNOWN[1327] msg=audit(1424829896.289:495): proctitle="(imesyncd)"
  276. type=AVC msg=audit(1424829896.426:496): avc:  denied  { read } for  pid=189 comm="systemd-timesyn" name="resolv.conf" dev="sda4" ino=41622 scontext=system_u:system_r:init_t tcontext=system_u:object_r:net_conf_t tclass=file permissive=1
  277. type=AVC msg=audit(1424829896.426:496): avc:  denied  { open } for  pid=189 comm="systemd-timesyn" path="/etc/resolv.conf" dev="sda4" ino=41622 scontext=system_u:system_r:init_t tcontext=system_u:object_r:net_conf_t tclass=file permissive=1
  278. type=AVC msg=audit(1424829896.426:497): avc:  denied  { getattr } for  pid=189 comm="systemd-timesyn" path="/etc/resolv.conf" dev="sda4" ino=41622 scontext=system_u:system_r:init_t tcontext=system_u:object_r:net_conf_t tclass=file permissive=1
  279. type=AVC msg=audit(1424829896.426:498): avc:  denied  { nlmsg_read } for  pid=191 comm="sd-resolve" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_route_socket permissive=1
  280. type=SYSCALL msg=audit(1424829896.426:498): arch=c000003e syscall=44 success=yes exit=20 a0=c a1=3382d1c45d0 a2=14 a3=0 items=0 ppid=1 pid=191 auid=4294967295 uid=107 gid=241 euid=107 suid=107 fsuid=107 egid=241 sgid=241 fsgid=241 tty=(none) ses=4294967295 comm="sd-resolve" exe="/usr/lib64/systemd/systemd-timesyncd" subj=system_u:system_r:init_t key=(null)
  281. type=SOCKADDR msg=audit(1424829896.426:498): saddr=100000000000000000000000
  282. type=UNKNOWN[1327] msg=audit(1424829896.426:498): proctitle="/usr/lib/systemd/systemd-timesyncd"
  283. type=AVC msg=audit(1424829896.429:499): avc:  denied  { connect } for  pid=191 comm="sd-resolve" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=udp_socket permissive=1
  284. type=SYSCALL msg=audit(1424829896.429:499): arch=c000003e syscall=42 success=no exit=-101 a0=c a1=338280011a0 a2=10 a3=338280011c0 items=0 ppid=1 pid=191 auid=4294967295 uid=107 gid=241 euid=107 suid=107 fsuid=107 egid=241 sgid=241 fsgid=241 tty=(none) ses=4294967295 comm="sd-resolve" exe="/usr/lib64/systemd/systemd-timesyncd" subj=system_u:system_r:init_t key=(null)
  285. type=SOCKADDR msg=audit(1424829896.429:499): saddr=02000035D41B28F10000000000000000
  286. type=UNKNOWN[1327] msg=audit(1424829896.429:499): proctitle="/usr/lib/systemd/systemd-timesyncd"
  287. type=AVC msg=audit(1424829896.559:500): avc:  denied  { getattr } for  pid=1 comm="systemd" name="dbus-daemon" dev="sda4" ino=370790 scontext=system_u:system_r:init_t tcontext=system_u:object_r:dbusd_exec_t tclass=file permissive=1
  288. type=AVC msg=audit(1424829896.560:501): avc:  denied  { create } for  pid=1 comm="systemd" name="dbus" scontext=system_u:system_r:init_t tcontext=system_u:object_r:system_dbusd_var_run_t tclass=dir permissive=1
  289. type=AVC msg=audit(1424829896.560:502): avc:  denied  { write } for  pid=1 comm="systemd" name="dbus" dev="tmpfs" ino=5643 scontext=system_u:system_r:init_t tcontext=system_u:object_r:system_dbusd_var_run_t tclass=dir permissive=1
  290. type=AVC msg=audit(1424829896.560:503): avc:  denied  { add_name } for  pid=1 comm="systemd" name="system_bus_socket" scontext=system_u:system_r:init_t tcontext=system_u:object_r:system_dbusd_var_run_t tclass=dir permissive=1
  291. type=AVC msg=audit(1424829896.560:504): avc:  denied  { create } for  pid=1 comm="systemd" name="system_bus_socket" scontext=system_u:system_r:init_t tcontext=system_u:object_r:system_dbusd_var_run_t tclass=sock_file permissive=1
  292. type=AVC msg=audit(1424829896.591:505): avc:  denied  { setattr } for  pid=112 comm="systemd-journal" name="system.journal" dev="sda4" ino=674070 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_log_t tclass=file permissive=1
  293. type=AVC msg=audit(1424829896.679:506): avc:  denied  { execute } for  pid=194 comm="(s-daemon)" name="dbus-daemon" dev="sda4" ino=370790 scontext=system_u:system_r:init_t tcontext=system_u:object_r:dbusd_exec_t tclass=file permissive=1
  294. type=AVC msg=audit(1424829896.679:506): avc:  denied  { read open } for  pid=194 comm="(s-daemon)" path="/usr/bin/dbus-daemon" dev="sda4" ino=370790 scontext=system_u:system_r:init_t tcontext=system_u:object_r:dbusd_exec_t tclass=file permissive=1
  295. type=AVC msg=audit(1424829896.679:506): avc:  denied  { execute_no_trans } for  pid=194 comm="(s-daemon)" path="/usr/bin/dbus-daemon" dev="sda4" ino=370790 scontext=system_u:system_r:init_t tcontext=system_u:object_r:dbusd_exec_t tclass=file permissive=1
  296. type=SYSCALL msg=audit(1424829896.679:506): arch=c000003e syscall=59 success=yes exit=0 a0=4d225632b0 a1=4d225b7e60 a2=4d225b81d0 a3=756e694c00000000 items=2 ppid=1 pid=194 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="dbus-daemon" exe="/usr/bin/dbus-daemon" subj=system_u:system_r:init_t key=(null)
  297. type=EXECVE msg=audit(1424829896.679:506): argc=6 a0="/usr/bin/dbus-daemon" a1="--system" a2="--address=systemd:" a3="--nofork" a4="--nopidfile" a5="--systemd-activation"
  298. type=CWD msg=audit(1424829896.679:506):  cwd="/"
  299. type=PATH msg=audit(1424829896.679:506): item=0 name="/usr/bin/dbus-daemon" inode=370790 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:dbusd_exec_t nametype=NORMAL
  300. type=PATH msg=audit(1424829896.679:506): item=1 name=(null) inode=364765 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t nametype=NORMAL
  301. type=UNKNOWN[1327] msg=audit(1424829896.679:506): proctitle=2F7573722F62696E2F646275732D6461656D6F6E002D2D73797374656D002D2D616464726573733D73797374656D643A002D2D6E6F666F726B002D2D6E6F70696466696C65002D2D73797374656D642D61637469766174696F6E
  302. type=AVC msg=audit(1424829897.273:507): avc:  denied  { read } for  pid=194 comm="dbus-daemon" name="dbus_contexts" dev="sda4" ino=9737 scontext=system_u:system_r:init_t tcontext=system_u:object_r:default_context_t tclass=file permissive=1
  303. type=AVC msg=audit(1424829897.273:507): avc:  denied  { open } for  pid=194 comm="dbus-daemon" path="/etc/selinux/strict/contexts/dbus_contexts" dev="sda4" ino=9737 scontext=system_u:system_r:init_t tcontext=system_u:object_r:default_context_t tclass=file permissive=1
  304. type=AVC msg=audit(1424829897.289:508): avc:  denied  { getattr } for  pid=194 comm="dbus-daemon" path="/etc/selinux/strict/contexts/dbus_contexts" dev="sda4" ino=9737 scontext=system_u:system_r:init_t tcontext=system_u:object_r:default_context_t tclass=file permissive=1
  305. type=AVC msg=audit(1424829897.324:509): avc:  denied  { compute_av } for  pid=194 comm="dbus-daemon" scontext=system_u:system_r:init_t tcontext=system_u:object_r:security_t tclass=security permissive=1
  306. type=AVC msg=audit(1424829897.329:510): avc:  denied  { nlmsg_relay } for  pid=194 comm="dbus-daemon" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=netlink_audit_socket permissive=1
  307. type=USER_AVC msg=audit(1424829897.329:511): pid=194 uid=108 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t msg='avc:  denied  { acquire_svc } for service=org.freedesktop.systemd1 spid=1 scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=108 hostname=? addr=? terminal=?'
  308. type=SYSCALL msg=audit(1424829897.329:510): arch=c000003e syscall=44 success=yes exit=240 a0=8 a1=3eccdaec3e0 a2=f0 a3=0 items=0 ppid=1 pid=194 auid=4294967295 uid=108 gid=240 euid=108 suid=108 fsuid=108 egid=240 sgid=240 fsgid=240 tty=(none) ses=4294967295 comm="dbus-daemon" exe="/usr/bin/dbus-daemon" subj=system_u:system_r:init_t key=(null)
  309. type=SOCKADDR msg=audit(1424829897.329:510): saddr=100000000000000000000000
  310. type=UNKNOWN[1327] msg=audit(1424829897.329:510): proctitle=2F7573722F62696E2F646275732D6461656D6F6E002D2D73797374656D002D2D616464726573733D73797374656D643A002D2D6E6F666F726B002D2D6E6F70696466696C65002D2D73797374656D642D61637469766174696F6E
  311. type=AVC msg=audit(1424829897.363:512): avc:  denied  { read } for  pid=193 comm="systemd-logind" name="master-of-seat" dev="tmpfs" ino=4778 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=dir permissive=1
  312. type=AVC msg=audit(1424829897.363:512): avc:  denied  { open } for  pid=193 comm="systemd-logind" path="/run/udev/tags/master-of-seat" dev="tmpfs" ino=4778 scontext=system_u:system_r:init_t tcontext=system_u:object_r:udev_var_run_t tclass=dir permissive=1
  313. type=SYSCALL msg=audit(1424829897.363:512): arch=c000003e syscall=257 success=yes exit=14 a0=ffffffffffffff9c a1=3b3a317b420 a2=90800 a3=0 items=1 ppid=1 pid=193 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind" exe="/usr/lib64/systemd/systemd-logind" subj=system_u:system_r:init_t key=(null)
  314. type=CWD msg=audit(1424829897.363:512):  cwd="/"
  315. type=PATH msg=audit(1424829897.363:512): item=0 name="/run/udev/tags/master-of-seat" inode=4778 dev=00:16 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:udev_var_run_t nametype=NORMAL
  316. type=UNKNOWN[1327] msg=audit(1424829897.363:512): proctitle="/usr/lib/systemd/systemd-logind"
  317. type=AVC msg=audit(1424829897.448:513): avc:  denied  { unlink } for  pid=197 comm="systemd-user-se" name="nologin" dev="tmpfs" ino=6394 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_run_t tclass=file permissive=1
  318. type=SYSCALL msg=audit(1424829897.448:513): arch=c000003e syscall=87 success=yes exit=0 a0=1b5bdad358 a1=1b5bdad352 a2=0 a3=3bfbd3c31d0 items=2 ppid=1 pid=197 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-user-se" exe="/usr/lib64/systemd/systemd-user-sessions" subj=system_u:system_r:init_t key=(null)
  319. type=CWD msg=audit(1424829897.448:513):  cwd="/"
  320. type=PATH msg=audit(1424829897.448:513): item=0 name="/run/" inode=1232 dev=00:16 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:var_run_t nametype=PARENT
  321. type=PATH msg=audit(1424829897.448:513): item=1 name="/run/nologin" inode=6394 dev=00:16 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:var_run_t nametype=DELETE
  322. type=UNKNOWN[1327] msg=audit(1424829897.448:513): proctitle=2F7573722F6C69622F73797374656D642F73797374656D642D757365722D73657373696F6E73007374617274
  323. type=AVC msg=audit(1424829897.964:514): avc:  denied  { write } for  pid=112 comm="systemd-journal" name="59e1b744c5c02bed962fd50354ec05d3" dev="tmpfs" ino=4527 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_log_t tclass=dir permissive=1
  324. type=AVC msg=audit(1424829897.964:515): avc:  denied  { remove_name } for  pid=112 comm="systemd-journal" name="system.journal" dev="tmpfs" ino=4528 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_log_t tclass=dir permissive=1
  325. type=AVC msg=audit(1424829897.964:516): avc:  denied  { unlink } for  pid=112 comm="systemd-journal" name="system.journal" dev="tmpfs" ino=4528 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_log_t tclass=file permissive=1
  326. type=AVC msg=audit(1424829897.965:517): avc:  denied  { rmdir } for  pid=112 comm="systemd-journal" name="59e1b744c5c02bed962fd50354ec05d3" dev="tmpfs" ino=4527 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_log_t tclass=dir permissive=1
  327. type=AVC msg=audit(1424829899.134:518): avc:  denied  { read } for  pid=193 comm="systemd-logind" name="event3" dev="devtmpfs" ino=1176 scontext=system_u:system_r:init_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
  328. type=AVC msg=audit(1424829899.134:518): avc:  denied  { open } for  pid=193 comm="systemd-logind" path="/dev/input/event3" dev="devtmpfs" ino=1176 scontext=system_u:system_r:init_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
  329. type=AVC msg=audit(1424829899.134:519): avc:  denied  { ioctl } for  pid=193 comm="systemd-logind" path="/dev/input/event3" dev="devtmpfs" ino=1176 scontext=system_u:system_r:init_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
  330. type=SYSCALL msg=audit(1424829899.134:519): arch=c000003e syscall=16 success=yes exit=13 a0=e a1=81004506 a2=3b3a317b7c0 a3=939dcbe60 items=0 ppid=1 pid=193 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind" exe="/usr/lib64/systemd/systemd-logind" subj=system_u:system_r:init_t key=(null)
  331. type=UNKNOWN[1327] msg=audit(1424829899.134:519): proctitle="/usr/lib/systemd/systemd-logind"
  332. type=AVC msg=audit(1424829899.163:520): avc:  denied  { read write } for  pid=199 comm="agetty" path="socket:[5884]" dev="sockfs" ino=5884 scontext=system_u:system_r:getty_t tcontext=system_u:system_r:init_t tclass=unix_stream_socket permissive=1
  333. type=SYSCALL msg=audit(1424829899.163:520): arch=c000003e syscall=59 success=yes exit=0 a0=4d225687c0 a1=4d224e7350 a2=4d225bcb40 a3=756e694c00000000 items=2 ppid=1 pid=199 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="agetty" exe="/sbin/agetty" subj=system_u:system_r:getty_t key=(null)
  334. type=EXECVE msg=audit(1424829899.163:520): argc=4 a0="/sbin/agetty" a1="--noclear" a2="tty1" a3="linux"
  335. type=CWD msg=audit(1424829899.163:520):  cwd="/"
  336. type=PATH msg=audit(1424829899.163:520): item=0 name="/sbin/agetty" inode=367139 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:getty_exec_t nametype=NORMAL
  337. type=PATH msg=audit(1424829899.163:520): item=1 name=(null) inode=364765 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t nametype=NORMAL
  338. type=UNKNOWN[1327] msg=audit(1424829899.163:520): proctitle=2F7362696E2F616765747479002D2D6E6F636C6561720074747931006C696E7578
  339. type=AVC msg=audit(1424829901.521:521): avc:  denied  { create } for  pid=196 comm="systemd-network" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=packet_socket permissive=1
  340. type=SYSCALL msg=audit(1424829901.521:521): arch=c000003e syscall=41 success=yes exit=11 a0=11 a1=80802 a2=0 a3=6 items=0 ppid=1 pid=196 auid=4294967295 uid=105 gid=243 euid=105 suid=105 fsuid=105 egid=243 sgid=243 fsgid=243 tty=(none) ses=4294967295 comm="systemd-network" exe="/usr/lib64/systemd/systemd-networkd" subj=system_u:system_r:init_t key=(null)
  341. type=UNKNOWN[1327] msg=audit(1424829901.521:521): proctitle="/usr/lib/systemd/systemd-networkd"
  342. type=AVC msg=audit(1424829901.521:522): avc:  denied  { setopt } for  pid=196 comm="systemd-network" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=packet_socket permissive=1
  343. type=SYSCALL msg=audit(1424829901.521:522): arch=c000003e syscall=54 success=yes exit=0 a0=b a1=107 a2=8 a3=3f2a521b1ec items=0 ppid=1 pid=196 auid=4294967295 uid=105 gid=243 euid=105 suid=105 fsuid=105 egid=243 sgid=243 fsgid=243 tty=(none) ses=4294967295 comm="systemd-network" exe="/usr/lib64/systemd/systemd-networkd" subj=system_u:system_r:init_t key=(null)
  344. type=UNKNOWN[1327] msg=audit(1424829901.521:522): proctitle="/usr/lib/systemd/systemd-networkd"
  345. type=AVC msg=audit(1424829901.522:523): avc:  denied  { bind } for  pid=196 comm="systemd-network" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=packet_socket permissive=1
  346. type=SYSCALL msg=audit(1424829901.522:523): arch=c000003e syscall=49 success=yes exit=0 a0=b a1=3f19236678 a2=14 a3=3f2a521b1f0 items=0 ppid=1 pid=196 auid=4294967295 uid=105 gid=243 euid=105 suid=105 fsuid=105 egid=243 sgid=243 fsgid=243 tty=(none) ses=4294967295 comm="systemd-network" exe="/usr/lib64/systemd/systemd-networkd" subj=system_u:system_r:init_t key=(null)
  347. type=SOCKADDR msg=audit(1424829901.522:523): saddr=110008000200000000000006FFFFFFFFFFFF0000
  348. type=UNKNOWN[1327] msg=audit(1424829901.522:523): proctitle="/usr/lib/systemd/systemd-networkd"
  349. type=AVC msg=audit(1424829901.522:524): avc:  denied  { write } for  pid=196 comm="systemd-network" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=packet_socket permissive=1
  350. type=SYSCALL msg=audit(1424829901.522:524): arch=c000003e syscall=44 success=yes exit=305 a0=b a1=3f19239950 a2=131 a3=0 items=0 ppid=1 pid=196 auid=4294967295 uid=105 gid=243 euid=105 suid=105 fsuid=105 egid=243 sgid=243 fsgid=243 tty=(none) ses=4294967295 comm="systemd-network" exe="/usr/lib64/systemd/systemd-networkd" subj=system_u:system_r:init_t key=(null)
  351. type=SOCKADDR msg=audit(1424829901.522:524): saddr=110008000200000000000006FFFFFFFFFFFF0000
  352. type=UNKNOWN[1327] msg=audit(1424829901.522:524): proctitle="/usr/lib/systemd/systemd-networkd"
  353. type=AVC msg=audit(1424829901.534:525): avc:  denied  { getattr } for  pid=196 comm="systemd-network" path="socket:[6559]" dev="sockfs" ino=6559 scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=packet_socket permissive=1
  354. type=SYSCALL msg=audit(1424829901.534:525): arch=c000003e syscall=16 success=yes exit=0 a0=b a1=541b a2=3f2a521b4dc a3=7f50c600000000 items=0 ppid=1 pid=196 auid=4294967295 uid=105 gid=243 euid=105 suid=105 fsuid=105 egid=243 sgid=243 fsgid=243 tty=(none) ses=4294967295 comm="systemd-network" exe="/usr/lib64/systemd/systemd-networkd" subj=system_u:system_r:init_t key=(null)
  355. type=UNKNOWN[1327] msg=audit(1424829901.534:525): proctitle="/usr/lib/systemd/systemd-networkd"
  356. type=AVC msg=audit(1424829901.534:526): avc:  denied  { read } for  pid=196 comm="systemd-network" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=packet_socket permissive=1
  357. type=SYSCALL msg=audit(1424829901.534:526): arch=c000003e syscall=47 success=yes exit=576 a0=b a1=3f2a521b4f0 a2=0 a3=7f50c600000000 items=0 ppid=1 pid=196 auid=4294967295 uid=105 gid=243 euid=105 suid=105 fsuid=105 egid=243 sgid=243 fsgid=243 tty=(none) ses=4294967295 comm="systemd-network" exe="/usr/lib64/systemd/systemd-networkd" subj=system_u:system_r:init_t key=(null)
  358. type=UNKNOWN[1327] msg=audit(1424829901.534:526): proctitle="/usr/lib/systemd/systemd-networkd"
  359. type=AVC msg=audit(1424829901.558:527): avc:  denied  { setopt } for  pid=196 comm="systemd-network" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=udp_socket permissive=1
  360. type=SYSCALL msg=audit(1424829901.558:527): arch=c000003e syscall=54 success=yes exit=0 a0=d a1=0 a2=1 a3=3f2a521b34c items=0 ppid=1 pid=196 auid=4294967295 uid=105 gid=243 euid=105 suid=105 fsuid=105 egid=243 sgid=243 fsgid=243 tty=(none) ses=4294967295 comm="systemd-network" exe="/usr/lib64/systemd/systemd-networkd" subj=system_u:system_r:init_t key=(null)
  361. type=UNKNOWN[1327] msg=audit(1424829901.558:527): proctitle="/usr/lib/systemd/systemd-networkd"
  362. type=AVC msg=audit(1424829901.558:528): avc:  denied  { bind } for  pid=196 comm="systemd-network" scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=udp_socket permissive=1
  363. type=AVC msg=audit(1424829901.558:528): avc:  denied  { name_bind } for  pid=196 comm="systemd-network" src=68 scontext=system_u:system_r:init_t tcontext=system_u:object_r:dhcpc_port_t tclass=udp_socket permissive=1
  364. type=AVC msg=audit(1424829901.558:528): avc:  denied  { node_bind } for  pid=196 comm="systemd-network" saddr=192.168.0.11 src=68 scontext=system_u:system_r:init_t tcontext=system_u:object_r:node_t tclass=udp_socket permissive=1
  365. type=SYSCALL msg=audit(1424829901.558:528): arch=c000003e syscall=49 success=yes exit=0 a0=d a1=3f2a521b350 a2=10 a3=3f2a521b348 items=0 ppid=1 pid=196 auid=4294967295 uid=105 gid=243 euid=105 suid=105 fsuid=105 egid=243 sgid=243 fsgid=243 tty=(none) ses=4294967295 comm="systemd-network" exe="/usr/lib64/systemd/systemd-networkd" subj=system_u:system_r:init_t key=(null)
  366. type=SOCKADDR msg=audit(1424829901.558:528): saddr=02000044C0A8000B0000000000000000
  367. type=UNKNOWN[1327] msg=audit(1424829901.558:528): proctitle="/usr/lib/systemd/systemd-networkd"
  368. type=LOGIN msg=audit(1424829905.707:529): pid=199 uid=0 subj=system_u:system_r:local_login_t old-auid=4294967295 auid=0 old-ses=4294967295 ses=1 res=1
  369. type=AVC msg=audit(1424829905.709:530): avc:  denied  { sendto } for  pid=199 comm="login" path="/run/systemd/journal/dev-log" scontext=system_u:system_r:local_login_t tcontext=system_u:system_r:init_t tclass=unix_dgram_socket permissive=1
  370. type=SYSCALL msg=audit(1424829905.709:530): arch=c000003e syscall=42 success=yes exit=0 a0=3 a1=2d2e1538480 a2=6e a3=20796220746f6f72 items=1 ppid=1 pid=199 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="login" exe="/bin/login" subj=system_u:system_r:local_login_t key=(null)
  371. type=SOCKADDR msg=audit(1424829905.709:530): saddr=01002F6465762F6C6F6700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  372. type=PATH msg=audit(1424829905.709:530): item=0 name=(null) inode=1287 dev=00:16 mode=0140666 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:devlog_t nametype=NORMAL
  373. type=UNKNOWN[1327] msg=audit(1424829905.709:530): proctitle=2F7362696E2F616765747479002D2D6E6F636C6561720074747931006C696E7578
  374. type=AVC msg=audit(1424829905.710:531): avc:  denied  { search } for  pid=112 comm="systemd-journal" name="199" dev="proc" ino=6528 scontext=system_u:system_r:init_t tcontext=system_u:system_r:local_login_t tclass=dir permissive=1
  375. type=AVC msg=audit(1424829905.710:532): avc:  denied  { read } for  pid=112 comm="systemd-journal" name="cgroup" dev="proc" ino=5917 scontext=system_u:system_r:init_t tcontext=system_u:system_r:local_login_t tclass=file permissive=1
  376. type=AVC msg=audit(1424829905.710:533): avc:  denied  { open } for  pid=112 comm="systemd-journal" path="/proc/199/cgroup" dev="proc" ino=5917 scontext=system_u:system_r:init_t tcontext=system_u:system_r:local_login_t tclass=file permissive=1
  377. type=AVC msg=audit(1424829905.710:534): avc:  denied  { getattr } for  pid=112 comm="systemd-journal" path="/proc/199/cgroup" dev="proc" ino=5917 scontext=system_u:system_r:init_t tcontext=system_u:system_r:local_login_t tclass=file permissive=1
  378. type=AVC msg=audit(1424829905.710:535): avc:  denied  { read } for  pid=112 comm="systemd-journal" name="exe" dev="proc" ino=5919 scontext=system_u:system_r:init_t tcontext=system_u:system_r:local_login_t tclass=lnk_file permissive=1
  379. type=AVC msg=audit(1424829905.711:536): avc:  denied  { net_admin } for  pid=199 comm="login" capability=12  scontext=system_u:system_r:local_login_t tcontext=system_u:system_r:local_login_t tclass=capability permissive=1
  380. type=SYSCALL msg=audit(1424829905.711:536): arch=c000003e syscall=54 success=yes exit=0 a0=4 a1=1 a2=21 a3=380187a0020 items=0 ppid=1 pid=199 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="login" exe="/bin/login" subj=system_u:system_r:local_login_t key=(null)
  381. type=UNKNOWN[1327] msg=audit(1424829905.711:536): proctitle=2F7362696E2F616765747479002D2D6E6F636C6561720074747931006C696E7578
  382. type=AVC msg=audit(1424829905.711:537): avc:  denied  { connectto } for  pid=199 comm="login" path="/run/dbus/system_bus_socket" scontext=system_u:system_r:local_login_t tcontext=system_u:system_r:init_t tclass=unix_stream_socket permissive=1
  383. type=SYSCALL msg=audit(1424829905.711:537): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=575f126f38 a2=21 a3=380187a0020 items=1 ppid=1 pid=199 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="login" exe="/bin/login" subj=system_u:system_r:local_login_t key=(null)
  384. type=SOCKADDR msg=audit(1424829905.711:537): saddr=01002F7661722F72756E2F646275732F73797374656D5F6275735F736F636B6574
  385. type=PATH msg=audit(1424829905.711:537): item=0 name=(null) inode=5644 dev=00:16 mode=0140666 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:system_dbusd_var_run_t nametype=NORMAL
  386. type=UNKNOWN[1327] msg=audit(1424829905.711:537): proctitle=2F7362696E2F616765747479002D2D6E6F636C6561720074747931006C696E7578
  387. type=USER_AVC msg=audit(1424829905.712:538): pid=194 uid=108 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=Hello dest=org.freedesktop.DBus spid=199 scontext=system_u:system_r:local_login_t tcontext=system_u:system_r:init_t tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=108 hostname=? addr=? terminal=?'
  388. type=AVC msg=audit(1424829905.716:539): avc:  denied  { setattr } for  pid=193 comm="systemd-logind" name="user" dev="tmpfs" ino=6395 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_auth_t tclass=dir permissive=1
  389. type=SYSCALL msg=audit(1424829905.716:539): arch=c000003e syscall=90 success=yes exit=0 a0=93707e4f3 a1=1ed a2=0 a3=65676e6168437365 items=1 ppid=1 pid=193 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind" exe="/usr/lib64/systemd/systemd-logind" subj=system_u:system_r:init_t key=(null)
  390. type=CWD msg=audit(1424829905.716:539):  cwd="/"
  391. type=PATH msg=audit(1424829905.716:539): item=0 name="/run/user" inode=6395 dev=00:16 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:var_auth_t nametype=NORMAL
  392. type=UNKNOWN[1327] msg=audit(1424829905.716:539): proctitle="/usr/lib/systemd/systemd-logind"
  393. type=AVC msg=audit(1424829905.717:540): avc:  denied  { write } for  pid=193 comm="systemd-logind" name="user" dev="tmpfs" ino=6395 scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_auth_t tclass=dir permissive=1
  394. type=AVC msg=audit(1424829905.717:540): avc:  denied  { add_name } for  pid=193 comm="systemd-logind" name="0" scontext=system_u:system_r:init_t tcontext=system_u:object_r:var_auth_t tclass=dir permissive=1
  395. type=SYSCALL msg=audit(1424829905.717:540): arch=c000003e syscall=83 success=yes exit=0 a0=939dcd520 a1=1c0 a2=0 a3=3b3a317b060 items=2 ppid=1 pid=193 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind" exe="/usr/lib64/systemd/systemd-logind" subj=system_u:system_r:init_t key=(null)
  396. type=CWD msg=audit(1424829905.717:540):  cwd="/"
  397. type=PATH msg=audit(1424829905.717:540): item=0 name="/run/user/" inode=6395 dev=00:16 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:var_auth_t nametype=PARENT
  398. type=PATH msg=audit(1424829905.717:540): item=1 name="/run/user/0" inode=5924 dev=00:16 mode=040700 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:var_auth_t nametype=CREATE
  399. type=UNKNOWN[1327] msg=audit(1424829905.717:540): proctitle="/usr/lib/systemd/systemd-logind"
  400. type=AVC msg=audit(1424829905.778:541): avc:  denied  { setattr } for  pid=206 comm="(systemd)" name="cgroup.procs" dev="cgroup" ino=198 scontext=system_u:system_r:init_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
  401. type=SYSCALL msg=audit(1424829905.778:541): arch=c000003e syscall=90 success=yes exit=0 a0=4d22575240 a1=1a4 a2=0 a3=4d22582de0 items=1 ppid=1 pid=206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(systemd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  402. type=CWD msg=audit(1424829905.778:541):  cwd="/"
  403. type=PATH msg=audit(1424829905.778:541): item=0 name="/sys/fs/cgroup/systemd/user.slice/user-0.slice/user@0.service/cgroup.procs" inode=198 dev=00:18 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:cgroup_t nametype=NORMAL
  404. type=UNKNOWN[1327] msg=audit(1424829905.778:541): proctitle="(systemd)"
  405. type=AVC msg=audit(1424829905.779:542): avc:  denied  { setattr } for  pid=206 comm="(systemd)" name="user@0.service" dev="cgroup" ino=197 scontext=system_u:system_r:init_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
  406. type=SYSCALL msg=audit(1424829905.779:542): arch=c000003e syscall=90 success=yes exit=0 a0=4d225bd4a0 a1=1ed a2=0 a3=4d22582de0 items=1 ppid=1 pid=206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(systemd)" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  407. type=CWD msg=audit(1424829905.779:542):  cwd="/"
  408. type=PATH msg=audit(1424829905.779:542): item=0 name="/sys/fs/cgroup/systemd/user.slice/user-0.slice/user@0.service" inode=197 dev=00:18 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:cgroup_t nametype=NORMAL
  409. type=UNKNOWN[1327] msg=audit(1424829905.779:542): proctitle="(systemd)"
  410. type=AVC msg=audit(1424829905.792:543): avc:  denied  { getattr } for  pid=193 comm="systemd-logind" name="video0" dev="devtmpfs" ino=1613 scontext=system_u:system_r:init_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
  411. type=SYSCALL msg=audit(1424829905.792:543): arch=c000003e syscall=191 success=no exit=-61 a0=939dd1080 a1=337f3b7cfab a2=3b3a317af50 a3=84 items=1 ppid=1 pid=193 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind" exe="/usr/lib64/systemd/systemd-logind" subj=system_u:system_r:init_t key=(null)
  412. type=CWD msg=audit(1424829905.792:543):  cwd="/"
  413. type=PATH msg=audit(1424829905.792:543): item=0 name="/dev/video0" inode=1613 dev=00:05 mode=020660 ouid=0 ogid=27 rdev=51:00 obj=system_u:object_r:v4l_device_t nametype=NORMAL
  414. type=UNKNOWN[1327] msg=audit(1424829905.792:543): proctitle="/usr/lib/systemd/systemd-logind"
  415. type=AVC msg=audit(1424829905.792:544): avc:  denied  { getattr } for  pid=193 comm="systemd-logind" name="kvm" dev="devtmpfs" ino=4979 scontext=system_u:system_r:init_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
  416. type=SYSCALL msg=audit(1424829905.792:544): arch=c000003e syscall=191 success=no exit=-61 a0=939dd0ec0 a1=337f3b7cfab a2=3b3a317af50 a3=84 items=1 ppid=1 pid=193 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind" exe="/usr/lib64/systemd/systemd-logind" subj=system_u:system_r:init_t key=(null)
  417. type=CWD msg=audit(1424829905.792:544):  cwd="/"
  418. type=PATH msg=audit(1424829905.792:544): item=0 name="/dev/kvm" inode=4979 dev=00:05 mode=020600 ouid=0 ogid=0 rdev=0a:e8 obj=system_u:object_r:kvm_device_t nametype=NORMAL
  419. type=UNKNOWN[1327] msg=audit(1424829905.792:544): proctitle="/usr/lib/systemd/systemd-logind"
  420. type=AVC msg=audit(1424829905.830:545): avc:  denied  { execute } for  pid=207 comm="(systemd)" name="unix_chkpwd" dev="sda4" ino=366687 scontext=system_u:system_r:init_t tcontext=system_u:object_r:chkpwd_exec_t tclass=file permissive=1
  421. type=AVC msg=audit(1424829905.830:545): avc:  denied  { read open } for  pid=207 comm="(systemd)" path="/sbin/unix_chkpwd" dev="sda4" ino=366687 scontext=system_u:system_r:init_t tcontext=system_u:object_r:chkpwd_exec_t tclass=file permissive=1
  422. type=AVC msg=audit(1424829905.830:545): avc:  denied  { execute_no_trans } for  pid=207 comm="(systemd)" path="/sbin/unix_chkpwd" dev="sda4" ino=366687 scontext=system_u:system_r:init_t tcontext=system_u:object_r:chkpwd_exec_t tclass=file permissive=1
  423. type=SYSCALL msg=audit(1424829905.830:545): arch=c000003e syscall=59 success=yes exit=0 a0=3550bcfc36d a1=3fefc722d90 a2=3550beff048 a3=3550cd490d0 items=2 ppid=206 pid=207 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="unix_chkpwd" exe="/sbin/unix_chkpwd" subj=system_u:system_r:init_t key=(null)
  424. type=EXECVE msg=audit(1424829905.830:545): argc=3 a0="/sbin/unix_chkpwd" a1="root" a2="chkexpiry"
  425. type=CWD msg=audit(1424829905.830:545):  cwd="/"
  426. type=PATH msg=audit(1424829905.830:545): item=0 name="/sbin/unix_chkpwd" inode=366687 dev=00:10 mode=0104711 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:chkpwd_exec_t nametype=NORMAL
  427. type=PATH msg=audit(1424829905.830:545): item=1 name=(null) inode=364765 dev=00:10 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t nametype=NORMAL
  428. type=UNKNOWN[1327] msg=audit(1424829905.830:545): proctitle=2F7362696E2F756E69785F63686B70776400726F6F740063686B657870697279
  429. type=AVC msg=audit(1424829905.833:546): avc:  denied  { read } for  pid=207 comm="unix_chkpwd" name="shadow" dev="sda4" ino=298597 scontext=system_u:system_r:init_t tcontext=system_u:object_r:shadow_t tclass=file permissive=1
  430. type=AVC msg=audit(1424829905.833:546): avc:  denied  { open } for  pid=207 comm="unix_chkpwd" path="/etc/shadow" dev="sda4" ino=298597 scontext=system_u:system_r:init_t tcontext=system_u:object_r:shadow_t tclass=file permissive=1
  431. type=AVC msg=audit(1424829905.833:547): avc:  denied  { getattr } for  pid=207 comm="unix_chkpwd" path="/etc/shadow" dev="sda4" ino=298597 scontext=system_u:system_r:init_t tcontext=system_u:object_r:shadow_t tclass=file permissive=1
  432. type=AVC msg=audit(1424829905.839:548): avc:  denied  { remove_name } for  pid=206 comm="systemd" name="generator" dev="tmpfs" ino=6588 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
  433. type=AVC msg=audit(1424829905.839:548): avc:  denied  { rmdir } for  pid=206 comm="systemd" name="generator" dev="tmpfs" ino=6588 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
  434. type=SYSCALL msg=audit(1424829905.839:548): arch=c000003e syscall=84 success=yes exit=0 a0=6c1c542240 a1=6c1c541860 a2=0 a3=4 items=2 ppid=1 pid=206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  435. type=CWD msg=audit(1424829905.839:548):  cwd="/"
  436. type=PATH msg=audit(1424829905.839:548): item=0 name="/run/user/0/systemd/" inode=6587 dev=00:23 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  437. type=PATH msg=audit(1424829905.839:548): item=1 name="/run/user/0/systemd/generator" inode=6588 dev=00:23 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=DELETE
  438. type=UNKNOWN[1327] msg=audit(1424829905.839:548): proctitle="(systemd)"
  439. type=AVC msg=audit(1424829905.839:549): avc:  denied  { getattr } for  pid=206 comm="systemd" path="/root" dev="sda4" ino=39423 scontext=system_u:system_r:init_t tcontext=root:object_r:user_home_dir_t tclass=dir permissive=1
  440. type=SYSCALL msg=audit(1424829905.839:549): arch=c000003e syscall=6 success=yes exit=0 a0=6c1c542820 a1=38c4ca5ced0 a2=38c4ca5ced0 a3=6c1c5426f0 items=1 ppid=1 pid=206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  441. type=CWD msg=audit(1424829905.839:549):  cwd="/"
  442. type=PATH msg=audit(1424829905.839:549): item=0 name="/root" inode=39423 dev=00:10 mode=040700 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_dir_t nametype=NORMAL
  443. type=UNKNOWN[1327] msg=audit(1424829905.839:549): proctitle="(systemd)"
  444. type=AVC msg=audit(1424829905.896:550): avc:  denied  { create } for  pid=206 comm="systemd" name="notify" scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1
  445. type=SYSCALL msg=audit(1424829905.896:550): arch=c000003e syscall=49 success=yes exit=0 a0=b a1=38c4ca5d060 a2=1c a3=d59f8000000000 items=5 ppid=1 pid=206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  446. type=SOCKADDR msg=audit(1424829905.896:550): saddr=01002F72756E2F757365722F302F73797374656D642F6E6F74696679
  447. type=PATH msg=audit(1424829905.896:550): item=0 name=(null) inode=6587 dev=00:23 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  448. type=PATH msg=audit(1424829905.896:550): item=1 name=(null) inode=6587 dev=00:23 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  449. type=PATH msg=audit(1424829905.896:550): item=2 name=(null) nametype=CREATE
  450. type=PATH msg=audit(1424829905.896:550): item=3 name=(null) inode=6587 dev=00:23 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=PARENT
  451. type=PATH msg=audit(1424829905.896:550): item=4 name=(null) inode=5990 dev=00:23 mode=0140755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=CREATE
  452. type=UNKNOWN[1327] msg=audit(1424829905.896:550): proctitle="(systemd)"
  453. type=USER_AVC msg=audit(1424829905.899:551): pid=194 uid=108 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t msg='avc:  denied  { send_msg } for msgtype=method_return dest=:1.3 spid=193 tpid=199 scontext=system_u:system_r:init_t tcontext=system_u:system_r:local_login_t tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=108 hostname=? addr=? terminal=?'
  454. type=AVC msg=audit(1424829905.899:552): avc:  denied  { write } for  pid=199 comm="login" path="/run/systemd/sessions/1.ref" dev="tmpfs" ino=5996 scontext=system_u:system_r:local_login_t tcontext=system_u:object_r:init_var_run_t tclass=fifo_file permissive=1
  455. type=SYSCALL msg=audit(1424829905.899:552): arch=c000003e syscall=47 success=yes exit=24 a0=4 a1=3801879ee70 a2=40004040 a3=0 items=0 ppid=1 pid=199 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="login" exe="/bin/login" subj=system_u:system_r:local_login_t key=(null)
  456. type=UNKNOWN[1327] msg=audit(1424829905.899:552): proctitle=2F7362696E2F616765747479002D2D6E6F636C6561720074747931006C696E7578
  457. type=AVC msg=audit(1424829924.268:553): avc:  denied  { setattr } for  pid=218 comm="systemd-udevd" name="003" dev="devtmpfs" ino=6012 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
  458. type=SYSCALL msg=audit(1424829924.268:553): arch=c000003e syscall=90 success=yes exit=0 a0=59bd49e200 a1=21b4 a2=3b0bce03150 a3=1 items=1 ppid=129 pid=218 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  459. type=CWD msg=audit(1424829924.268:553):  cwd="/"
  460. type=PATH msg=audit(1424829924.268:553): item=0 name="/dev/bus/usb/001/003" inode=6012 dev=00:05 mode=020600 ouid=0 ogid=0 rdev=bd:02 obj=system_u:object_r:device_t nametype=NORMAL
  461. type=UNKNOWN[1327] msg=audit(1424829924.268:553): proctitle="/usr/lib/systemd/systemd-udevd"
  462. type=AVC msg=audit(1424829924.268:554): avc:  denied  { relabelfrom } for  pid=218 comm="systemd-udevd" name="003" dev="devtmpfs" ino=6012 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
  463. type=SYSCALL msg=audit(1424829924.268:554): arch=c000003e syscall=189 success=yes exit=0 a0=59bd49e200 a1=3362488d55e a2=59bd4ac1e0 a3=1f items=1 ppid=129 pid=218 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  464. type=CWD msg=audit(1424829924.268:554):  cwd="/"
  465. type=PATH msg=audit(1424829924.268:554): item=0 name="/dev/bus/usb/001/003" inode=6012 dev=00:05 mode=020664 ouid=0 ogid=85 rdev=bd:02 obj=system_u:object_r:device_t nametype=NORMAL
  466. type=UNKNOWN[1327] msg=audit(1424829924.268:554): proctitle="/usr/lib/systemd/systemd-udevd"
  467. type=AVC msg=audit(1424829924.268:555): avc:  denied  { create } for  pid=218 comm="systemd-udevd" name="189:2" scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=lnk_file permissive=1
  468. type=SYSCALL msg=audit(1424829924.268:555): arch=c000003e syscall=88 success=yes exit=0 a0=3b0bce028b0 a1=3b0bce031e0 a2=0 a3=746165726373662f items=3 ppid=129 pid=218 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  469. type=CWD msg=audit(1424829924.268:555):  cwd="/"
  470. type=PATH msg=audit(1424829924.268:555): item=0 name="../bus/usb/001/003" nametype=UNKNOWN
  471. type=PATH msg=audit(1424829924.268:555): item=1 name="/dev/char/" inode=4653 dev=00:05 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:device_t nametype=PARENT
  472. type=PATH msg=audit(1424829924.268:555): item=2 name="/dev/char/189:2" inode=6021 dev=00:05 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:device_t nametype=CREATE
  473. type=UNKNOWN[1327] msg=audit(1424829924.268:555): proctitle="/usr/lib/systemd/systemd-udevd"
  474. type=AVC msg=audit(1424829925.740:556): avc:  denied  { setattr } for  pid=16 comm="kdevtmpfs" name="sdc" dev="devtmpfs" ino=6037 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
  475. type=AVC msg=audit(1424829925.753:557): avc:  denied  { read } for  pid=219 comm="systemd-udevd" name="sdc" dev="devtmpfs" ino=6037 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
  476. type=AVC msg=audit(1424829925.753:557): avc:  denied  { open } for  pid=219 comm="systemd-udevd" path="/dev/sdc" dev="devtmpfs" ino=6037 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
  477. type=AVC msg=audit(1424829925.753:558): avc:  denied  { lock } for  pid=219 comm="systemd-udevd" path="/dev/sdc" dev="devtmpfs" ino=6037 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
  478. type=SYSCALL msg=audit(1424829925.753:558): arch=c000003e syscall=73 success=yes exit=0 a0=7 a1=5 a2=59bd49fe40 a3=b3877900000000 items=0 ppid=129 pid=219 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  479. type=UNKNOWN[1327] msg=audit(1424829925.753:558): proctitle="/usr/lib/systemd/systemd-udevd"
  480. type=AVC msg=audit(1424829925.755:559): avc:  denied  { getattr } for  pid=219 comm="systemd-udevd" path="/dev/sdc" dev="devtmpfs" ino=6037 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
  481. type=AVC msg=audit(1424829925.755:560): avc:  denied  { ioctl } for  pid=219 comm="systemd-udevd" path="/dev/sdc" dev="devtmpfs" ino=6037 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
  482. type=SYSCALL msg=audit(1424829925.755:560): arch=c000003e syscall=16 success=yes exit=0 a0=8 a1=80081272 a2=59bd4afc90 a3=2d items=0 ppid=129 pid=219 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  483. type=UNKNOWN[1327] msg=audit(1424829925.755:560): proctitle="/usr/lib/systemd/systemd-udevd"
  484. type=AVC msg=audit(1424829925.829:561): avc:  denied  { setattr } for  pid=219 comm="systemd-udevd" name="sdc" dev="devtmpfs" ino=6037 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
  485. type=SYSCALL msg=audit(1424829925.829:561): arch=c000003e syscall=90 success=yes exit=0 a0=59bd49fe40 a1=61b0 a2=3b0bce03150 a3=1 items=1 ppid=129 pid=219 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  486. type=CWD msg=audit(1424829925.829:561):  cwd="/"
  487. type=PATH msg=audit(1424829925.829:561): item=0 name="/dev/sdc" inode=6037 dev=00:05 mode=060600 ouid=0 ogid=0 rdev=08:20 obj=system_u:object_r:device_t nametype=NORMAL
  488. type=UNKNOWN[1327] msg=audit(1424829925.829:561): proctitle="/usr/lib/systemd/systemd-udevd"
  489. type=AVC msg=audit(1424829925.829:562): avc:  denied  { relabelfrom } for  pid=219 comm="systemd-udevd" name="sdc" dev="devtmpfs" ino=6037 scontext=system_u:system_r:init_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
  490. type=SYSCALL msg=audit(1424829925.829:562): arch=c000003e syscall=189 success=yes exit=0 a0=59bd49fe40 a1=3362488d55e a2=59bd4b85f0 a3=26 items=1 ppid=129 pid=219 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-udevd" exe="/usr/lib64/systemd/systemd-udevd" subj=system_u:system_r:init_t key=(null)
  491. type=CWD msg=audit(1424829925.829:562):  cwd="/"
  492. type=PATH msg=audit(1424829925.829:562): item=0 name="/dev/sdc" inode=6037 dev=00:05 mode=060660 ouid=0 ogid=6 rdev=08:20 obj=system_u:object_r:device_t nametype=NORMAL
  493. type=UNKNOWN[1327] msg=audit(1424829925.829:562): proctitle="/usr/lib/systemd/systemd-udevd"
  494. type=AVC msg=audit(1424829934.367:563): avc:  denied  { write } for  pid=191 comm="sd-resolve" laddr=192.168.0.11 lport=43646 faddr=212.27.40.241 fport=53 scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=udp_socket permissive=1
  495. type=SYSCALL msg=audit(1424829934.367:563): arch=c000003e syscall=307 success=yes exit=2 a0=d a1=3382d1c2ab0 a2=2 a3=4000 items=0 ppid=1 pid=191 auid=4294967295 uid=107 gid=241 euid=107 suid=107 fsuid=107 egid=241 sgid=241 fsgid=241 tty=(none) ses=4294967295 comm="sd-resolve" exe="/usr/lib64/systemd/systemd-timesyncd" subj=system_u:system_r:init_t key=(null)
  496. type=UNKNOWN[1327] msg=audit(1424829934.367:563): proctitle="/usr/lib/systemd/systemd-timesyncd"
  497. type=AVC msg=audit(1424829934.502:564): avc:  denied  { getattr } for  pid=191 comm="sd-resolve" path="socket:[6623]" dev="sockfs" ino=6623 scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=udp_socket permissive=1
  498. type=SYSCALL msg=audit(1424829934.502:564): arch=c000003e syscall=16 success=yes exit=0 a0=d a1=541b a2=3382d1c2a6c a3=4000 items=0 ppid=1 pid=191 auid=4294967295 uid=107 gid=241 euid=107 suid=107 fsuid=107 egid=241 sgid=241 fsgid=241 tty=(none) ses=4294967295 comm="sd-resolve" exe="/usr/lib64/systemd/systemd-timesyncd" subj=system_u:system_r:init_t key=(null)
  499. type=UNKNOWN[1327] msg=audit(1424829934.502:564): proctitle="/usr/lib/systemd/systemd-timesyncd"
  500. type=AVC msg=audit(1424829934.502:565): avc:  denied  { read } for  pid=191 comm="sd-resolve" laddr=192.168.0.11 lport=43646 faddr=212.27.40.241 fport=53 scontext=system_u:system_r:init_t tcontext=system_u:system_r:init_t tclass=udp_socket permissive=1
  501. type=SYSCALL msg=audit(1424829934.502:565): arch=c000003e syscall=45 success=yes exit=103 a0=d a1=3382d1c3840 a2=800 a3=0 items=0 ppid=1 pid=191 auid=4294967295 uid=107 gid=241 euid=107 suid=107 fsuid=107 egid=241 sgid=241 fsgid=241 tty=(none) ses=4294967295 comm="sd-resolve" exe="/usr/lib64/systemd/systemd-timesyncd" subj=system_u:system_r:init_t key=(null)
  502. type=SOCKADDR msg=audit(1424829934.502:565): saddr=02000035D41B28F10000000000000000
  503. type=UNKNOWN[1327] msg=audit(1424829934.502:565): proctitle="/usr/lib/systemd/systemd-timesyncd"
  504. type=AVC msg=audit(1424829952.035:566): avc:  denied  { getattr } for  pid=222 comm="mount" path="/run/mount/utab" dev="tmpfs" ino=1342 scontext=root:sysadm_r:mount_t tcontext=system_u:object_r:init_var_run_t tclass=file permissive=1
  505. type=SYSCALL msg=audit(1424829952.035:566): arch=c000003e syscall=6 success=yes exit=0 a0=2dd80ef9765 a1=3c1d0046580 a2=3c1d0046580 a3=0 items=1 ppid=211 pid=222 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="mount" exe="/bin/mount" subj=root:sysadm_r:mount_t key=(null)
  506. type=CWD msg=audit(1424829952.035:566):  cwd="/root"
  507. type=PATH msg=audit(1424829952.035:566): item=0 name="/run/mount/utab" inode=1342 dev=00:16 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t nametype=NORMAL
  508. type=UNKNOWN[1327] msg=audit(1424829952.035:566): proctitle=6D6F756E74002F6465762F73646331002F6D6E742F7562756E7475
  509. type=AVC msg=audit(1424829952.035:567): avc:  denied  { read write } for  pid=222 comm="mount" name="utab" dev="tmpfs" ino=1342 scontext=root:sysadm_r:mount_t tcontext=system_u:object_r:init_var_run_t tclass=file permissive=1
  510. type=AVC msg=audit(1424829952.035:567): avc:  denied  { open } for  pid=222 comm="mount" path="/run/mount/utab" dev="tmpfs" ino=1342 scontext=root:sysadm_r:mount_t tcontext=system_u:object_r:init_var_run_t tclass=file permissive=1
  511. type=AVC msg=audit(1424829993.926:568): avc:  denied  { getattr } for  pid=206 comm="systemd" path="/root" dev="sda4" ino=39423 scontext=system_u:system_r:init_t tcontext=root:object_r:user_home_dir_t tclass=dir permissive=1
  512. type=SYSCALL msg=audit(1424829993.926:568): arch=c000003e syscall=6 success=yes exit=0 a0=6c1c5712e0 a1=38c4ca5cbc0 a2=38c4ca5cbc0 a3=6f6d2d616964656d items=1 ppid=1 pid=206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd" exe="/usr/lib64/systemd/systemd" subj=system_u:system_r:init_t key=(null)
  513. type=CWD msg=audit(1424829993.926:568):  cwd="/"
  514. type=PATH msg=audit(1424829993.926:568): item=0 name="/root" inode=39423 dev=00:10 mode=040700 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_dir_t nametype=NORMAL
  515. type=UNKNOWN[1327] msg=audit(1424829993.926:568): proctitle="(systemd)"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!