On Mon, 14 Nov 2005, Craig White wrote:
> On Mon, 2005-11-14 at 20:39 -0500, Tom Diehl wrote:
> > On Sat, 12 Nov 2005, Craig White wrote:
> >
> > > I am getting tons of these messages since I updated to 4.2
> > >
> > > Nov 12 12:21:39 srv1 dbus: Can't send to audit system: USER_AVC pid=2839
> > > uid=81 loginuid=-1 message=avc: denied { send_msg } for
> > > scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t
> > > tclass=dbus
> > >
>
> >
> > The above rpm fixed it for me, although I still do not understand the
> > problem. :-)
> ----
> apparently the problem is that the user 'dbus' is not root and is not
> thus empowered to send messages to audit system.
Sounds reasonable.
> The apparent lack of people bitching about this on nahant list or centos
> list makes me think that a large amount of RHEL 4 (or clone) users have
> simply turned SELinux off. I guess that puzzles me as much as anything.
FWIW I originally posted my problem to the Nahant list and after waiting
a couple of weeks received zero responses. Hence my post to the selinux list.
I tend to agree that most turn it off, although I fail to see how anyone expects
it to ever get fixed if no one will even try to use it.
> Craig
>
> ps - my fix, though more work, doesn't use stuff out of rawhide and
> probably is more instructive towards solving problems than simply
> installing an updated rpm from rawhide (which is eminently easier).
The rpm I suggested was not from Rawhide. It is from dwalsh at redhat.com.
It is a version of what he expects to be included into a future RHEL update.
It is a far cry from Rawhide. I do agree though that it would be nice to
actually understand the problem.
Regards,
Tom Diehl tdiehl at rogueind.com Spamtrap address mtd123 at rogueind.com