LISTSERV - SCIENTIFIC-LINUX-DEVEL Archives

SCIENTIFIC-LINUX-DEVEL Archives

January 2014

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-DEVEL Home
	SCIENTIFIC-LINUX-DEVEL January 2014

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Latest SELinux targeted policy -231 breaking OpenAFS server processes
From:	"Aaron K. Reffett" <[log in to unmask]>
Reply To:	Aaron K. Reffett
Date:	Thu, 2 Jan 2014 14:34:30 +0000
Content-Type:	multipart/mixed
Parts/Attachments:	text/plain (3732 bytes) , afs-db-server-avc.txt (23 kB) , afs-fs-server-avc.txt (28 kB)
Unrelated: openafs-1.6.5.1 SRPM has not been pushed to 6.5/SRPMS/sl6

After updating to selinux-policy 3.7.19-231 our AFS server processes failed to start with a slew of AVCs in the audit.log. There appears to be a multitude of issues with the AFS SELinux policy shipped by TUV which were triggered by this update.  I set our servers in to permissive which resolved allowed the processes to come up but I'm not sure how to approach a real fix for this issue.

My initial question is this: was AFS ever supposed to run confined to begin with?  I don't think it was, as files created by the processes themselves before this policy were labeled with the unconfined_u user.  If they weren't, a workaround may be to reset the server executables to bin_t to prevent them from transitioning to confined contexts.

SELinux fs contexts greped for afs:

/afs                                               directory          system_u:object_r:mnt_t:s0 
/etc/rc\.d/init\.d/afs                             regular file       system_u:object_r:afs_initrc_exec_t:s0 
/etc/rc\.d/init\.d/openafs-client                  regular file       system_u:object_r:afs_initrc_exec_t:s0 
/usr/afs/bin/bosserver                             regular file       system_u:object_r:afs_bosserver_exec_t:s0 
/usr/afs/bin/fileserver                            regular file       system_u:object_r:afs_fsserver_exec_t:s0 
/usr/afs/bin/kaserver                              regular file       system_u:object_r:afs_kaserver_exec_t:s0 
/usr/afs/bin/ptserver                              regular file       system_u:object_r:afs_ptserver_exec_t:s0 
/usr/afs/bin/salvager                              regular file       system_u:object_r:afs_fsserver_exec_t:s0 
/usr/afs/bin/vlserver                              regular file       system_u:object_r:afs_vlserver_exec_t:s0 
/usr/afs/bin/volserver                             regular file       system_u:object_r:afs_fsserver_exec_t:s0 
/usr/afs/db                                        directory          system_u:object_r:afs_dbdir_t:s0 
/usr/afs/db/ka.*                                   regular file       system_u:object_r:afs_ka_db_t:s0 
/usr/afs/db/pr.*                                   regular file       system_u:object_r:afs_pt_db_t:s0 
/usr/afs/db/vl.*                                   regular file       system_u:object_r:afs_vl_db_t:s0 
/usr/afs/etc(/.*)?                                 all files          system_u:object_r:afs_config_t:s0 
/usr/afs/local(/.*)?                               all files          system_u:object_r:afs_config_t:s0 
/usr/afs/logs(/.*)?                                all files          system_u:object_r:afs_logfile_t:s0 
/usr/sbin/afsd                                     regular file       system_u:object_r:afs_exec_t:s0 
/usr/vice/cache(/.*)?                              all files          system_u:object_r:afs_cache_t:s0 
/usr/vice/etc/afsd                                 regular file       system_u:object_r:afs_exec_t:s0 
/var/cache/afs(/.*)?                               all files          system_u:object_r:afs_cache_t:s0 
/vicepa                                            all files          system_u:object_r:afs_files_t:s0 
/vicepb                                            all files          system_u:object_r:afs_files_t:s0 
/vicepc                                            all files          system_u:object_r:afs_files_t:s0

Only some of the AFS executables are labeled with execution contexts, notably da{fileserver,volserver,salvager} are not labeled, nor is buserver.

Attached is a sampling of the audit logs from my DB and FS servers which shows many denied actions from the various AFS processes.

~Aaron



type=AVC msg=audit(1388417385.672:14535): avc:  denied  { search } for  pid=4742 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.673:14536): avc:  denied  { search } for  pid=4742 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.673:14537): avc:  denied  { search } for  pid=4742 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.680:14538): avc:  denied  { read } for  pid=4741 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388417385.680:14539): avc:  denied  { read } for  pid=4741 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388417385.681:14540): avc:  denied  { write } for  pid=4741 comm="vlserver" name="vldb.DBSYS1" dev=dm-0 ino=143160 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=unconfined_u:object_r:usr_t:s0 tclass=file
type=AVC msg=audit(1388417385.681:14541): avc:  denied  { read } for  pid=4742 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388417385.682:14542): avc:  denied  { read } for  pid=4742 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388417385.683:14543): avc:  denied  { write } for  pid=4742 comm="ptserver" name="prdb.DBSYS1" dev=dm-0 ino=143156 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=unconfined_u:object_r:usr_t:s0 tclass=file
type=AVC msg=audit(1388417385.688:14544): avc:  denied  { search } for  pid=4743 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.688:14545): avc:  denied  { search } for  pid=4743 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.689:14546): avc:  denied  { search } for  pid=4743 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.689:14547): avc:  denied  { search } for  pid=4743 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.691:14548): avc:  denied  { search } for  pid=4744 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.691:14549): avc:  denied  { search } for  pid=4744 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.692:14550): avc:  denied  { search } for  pid=4744 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.692:14551): avc:  denied  { search } for  pid=4744 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388417385.700:14552): avc:  denied  { read } for  pid=4743 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388417385.700:14553): avc:  denied  { read } for  pid=4743 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388417385.701:14554): avc:  denied  { write } for  pid=4743 comm="vlserver" name="vldb.DBSYS1" dev=dm-0 ino=143160 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=unconfined_u:object_r:usr_t:s0 tclass=file
type=AVC msg=audit(1388417385.701:14555): avc:  denied  { read } for  pid=4744 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388417385.702:14556): avc:  denied  { read } for  pid=4744 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388417385.703:14557): avc:  denied  { write } for  pid=4744 comm="ptserver" name="prdb.DBSYS1" dev=dm-0 ino=143156 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=unconfined_u:object_r:usr_t:s0 tclass=file
type=AVC msg=audit(1388418272.620:14582): avc:  denied  { execute } for  pid=5172 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.626:14583): avc:  denied  { execute } for  pid=5175 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.629:14584): avc:  denied  { execute } for  pid=5176 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.629:14585): avc:  denied  { search } for  pid=5173 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388418272.630:14586): avc:  denied  { search } for  pid=5173 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388418272.631:14587): avc:  denied  { search } for  pid=5173 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388418272.631:14588): avc:  denied  { search } for  pid=5173 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388418272.633:14589): avc:  denied  { execute } for  pid=5177 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.632:14590): avc:  denied  { search } for  pid=5174 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388418272.634:14591): avc:  denied  { search } for  pid=5174 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388418272.634:14592): avc:  denied  { search } for  pid=5174 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388418272.634:14593): avc:  denied  { search } for  pid=5174 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388418272.636:14594): avc:  denied  { execute } for  pid=5178 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.639:14595): avc:  denied  { execute } for  pid=5179 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.641:14596): avc:  denied  { read } for  pid=5173 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388418272.642:14597): avc:  denied  { read } for  pid=5173 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388418272.643:14598): avc:  denied  { execute } for  pid=5180 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.646:14599): avc:  denied  { execute } for  pid=5181 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.647:14600): avc:  denied  { read } for  pid=5174 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388418272.647:14601): avc:  denied  { read } for  pid=5174 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388418272.649:14602): avc:  denied  { execute } for  pid=5182 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.651:14603): avc:  denied  { execute } for  pid=5183 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.653:14604): avc:  denied  { execute } for  pid=5184 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.655:14605): avc:  denied  { execute } for  pid=5185 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.658:14606): avc:  denied  { execute } for  pid=5186 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418272.668:14607): avc:  denied  { read } for  pid=5174 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388418272.673:14608): avc:  denied  { read } for  pid=5173 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.563:14646): avc:  denied  { execute } for  pid=5765 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388419395.563:14646): avc:  denied  { read open } for  pid=5765 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388419395.563:14646): avc:  denied  { execute_no_trans } for  pid=5765 comm="bosserver" path="/usr/afs/bin/buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388419395.565:14647): avc:  denied  { read } for  pid=5763 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.565:14647): avc:  denied  { open } for  pid=5763 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.566:14648): avc:  denied  { getattr } for  pid=5763 comm="bosserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.571:14649): avc:  denied  { search } for  pid=5766 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388419395.571:14650): avc:  denied  { search } for  pid=5767 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388419395.584:14651): avc:  denied  { read } for  pid=5766 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.584:14651): avc:  denied  { open } for  pid=5766 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.585:14652): avc:  denied  { getattr } for  pid=5766 comm="ptserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.585:14653): avc:  denied  { read } for  pid=5767 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.585:14653): avc:  denied  { open } for  pid=5767 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419395.586:14654): avc:  denied  { getattr } for  pid=5767 comm="vlserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419396.092:14655): avc:  denied  { name_bind } for  pid=5765 comm="buserver" src=7021 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
type=AVC msg=audit(1388419939.833:14662): avc:  denied  { execute } for  pid=6023 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388419939.833:14662): avc:  denied  { read open } for  pid=6023 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388419939.833:14662): avc:  denied  { execute_no_trans } for  pid=6023 comm="bosserver" path="/usr/afs/bin/buserver" dev=dm-0 ino=131268 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388419939.836:14663): avc:  denied  { read } for  pid=6021 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419939.836:14663): avc:  denied  { open } for  pid=6021 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419939.836:14664): avc:  denied  { getattr } for  pid=6021 comm="bosserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419939.843:14665): avc:  denied  { name_bind } for  pid=6023 comm="buserver" src=7021 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
type=AVC msg=audit(1388419939.843:14666): avc:  denied  { search } for  pid=6025 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388419939.848:14667): avc:  denied  { write } for  pid=6023 comm="buserver" name="bdb.DBSYS1" dev=dm-0 ino=143152 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=unconfined_u:object_r:usr_t:s0 tclass=file
type=AVC msg=audit(1388419939.851:14668): avc:  denied  { search } for  pid=6024 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388419939.857:14669): avc:  denied  { read } for  pid=6025 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419939.857:14669): avc:  denied  { open } for  pid=6025 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419939.858:14670): avc:  denied  { getattr } for  pid=6025 comm="vlserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419939.861:14671): avc:  denied  { read } for  pid=6024 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419939.861:14671): avc:  denied  { open } for  pid=6024 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419939.861:14672): avc:  denied  { getattr } for  pid=6024 comm="ptserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476793.952:19): avc:  denied  { execute } for  pid=2126 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388476793.952:19): avc:  denied  { read open } for  pid=2126 comm="bosserver" name="buserver" dev=dm-0 ino=131268 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388476793.952:19): avc:  denied  { execute_no_trans } for  pid=2126 comm="bosserver" path="/usr/afs/bin/buserver" dev=dm-0 ino=131268 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388476793.965:20): avc:  denied  { read } for  pid=2122 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476793.965:20): avc:  denied  { open } for  pid=2122 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476793.965:21): avc:  denied  { getattr } for  pid=2122 comm="bosserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476793.997:22): avc:  denied  { search } for  pid=2128 comm="vlserver" name="nscd" dev=dm-2 ino=131533 scontext=system_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388476794.025:23): avc:  denied  { read } for  pid=2128 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476794.025:23): avc:  denied  { open } for  pid=2128 comm="vlserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476794.025:24): avc:  denied  { getattr } for  pid=2128 comm="vlserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_vlserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476794.028:25): avc:  denied  { search } for  pid=2127 comm="ptserver" name="nscd" dev=dm-2 ino=131533 scontext=system_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:nscd_var_run_t:s0 tclass=dir
type=AVC msg=audit(1388476794.038:26): avc:  denied  { read } for  pid=2127 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476794.038:26): avc:  denied  { open } for  pid=2127 comm="ptserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476794.039:27): avc:  denied  { getattr } for  pid=2127 comm="ptserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_ptserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388476794.052:28): avc:  denied  { name_bind } for  pid=2126 comm="buserver" src=7021 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
type=AVC msg=audit(1388476794.057:29): avc:  denied  { write } for  pid=2126 comm="buserver" name="bdb.DBSYS1" dev=dm-0 ino=143152 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=unconfined_u:object_r:usr_t:s0 tclass=file
type=AVC msg=audit(1388484060.552:215): avc:  denied  { getattr } for  pid=2122 comm="bosserver" path="/usr/afs/bin/buserver" dev=dm-0 ino=131268 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388570420.453:2263): avc:  denied  { getattr } for  pid=2122 comm="bosserver" path="/usr/afs/bin/buserver" dev=dm-0 ino=131268 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388656841.168:4312): avc:  denied  { getattr } for  pid=2122 comm="bosserver" path="/usr/afs/bin/buserver" dev=dm-0 ino=131268 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file


type=AVC msg=audit(1387961088.208:5): avc:  denied  { getattr } for  pid=1885 comm="bosserver" path="/usr/afs/bin/dafileserver" dev=sdb2 ino=1713422 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418511.647:5495): avc:  denied  { getattr } for  pid=1869 comm="bosserver" path="/usr/afs/bin/dafileserver" dev=sdb2 ino=1713422 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388418858.378:5503): avc:  denied  { getattr } for  pid=2035 comm="bosserver" path="/usr/afs/bin/salvageserver" dev=sdb2 ino=1713951 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
type=AVC msg=audit(1388419022.216:5504): avc:  denied  { read } for  pid=2120 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419022.217:5505): avc:  denied  { read } for  pid=2120 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419022.271:5508): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419022.274:5509): avc:  denied  { read } for  pid=2122 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419022.275:5510): avc:  denied  { read } for  pid=2122 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419022.280:5511): avc:  denied  { read } for  pid=2122 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419022.304:5512): avc:  denied  { read } for  pid=2122 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419022.307:5513): avc:  denied  { unlink } for  pid=2130 comm="dafileserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419022.307:5514): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419025.272:5516): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419025.308:5517): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419028.273:5519): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419028.309:5520): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419031.273:5522): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419031.309:5523): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419036.273:5525): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419036.309:5526): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419041.273:5528): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419041.309:5529): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419046.274:5531): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419046.310:5532): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419053.274:5538): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419053.310:5539): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419068.274:5543): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419068.310:5544): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419084.274:5552): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419084.310:5553): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419108.275:5563): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419108.310:5564): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419140.274:5575): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419140.309:5576): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419180.275:5593): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419180.311:5594): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419228.276:5618): avc:  denied  { write } for  pid=2123 comm="davolserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419228.289:5619): avc:  denied  { read } for  pid=2123 comm="davolserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419228.289:5620): avc:  denied  { read } for  pid=2123 comm="davolserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419228.292:5621): avc:  denied  { search } for  pid=2250 comm="davolserver" name="/" dev=sysfs ino=1 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1388419228.292:5622): avc:  denied  { search } for  pid=2249 comm="davolserver" name="/" dev=sysfs ino=1 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1388419228.293:5623): avc:  denied  { search } for  pid=2251 comm="davolserver" name="/" dev=sysfs ino=1 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1388419228.311:5625): avc:  denied  { write } for  pid=2122 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419228.318:5627): avc:  denied  { read } for  pid=2253 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419228.319:5628): avc:  denied  { read } for  pid=2253 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419228.324:5629): avc:  denied  { read } for  pid=2253 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419228.341:5630): avc:  denied  { read } for  pid=2253 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419228.360:5631): avc:  denied  { unlink } for  pid=2258 comm="dafileserver" name="fssync.sock" dev=sdb2 ino=1705324 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419228.360:5632): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419231.361:5634): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419234.361:5635): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419237.361:5637): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419242.361:5639): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419247.361:5644): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419252.361:5646): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419259.361:5649): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419274.362:5662): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419290.362:5667): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419314.361:5677): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419346.363:5689): avc:  denied  { write } for  pid=2253 comm="dafileserver" name="salvsync.sock" dev=sdb2 ino=1705319 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:afs_config_t:s0 tclass=sock_file
type=AVC msg=audit(1388419376.226:5702): avc:  denied  { read } for  pid=2382 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419376.226:5702): avc:  denied  { open } for  pid=2382 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419376.226:5703): avc:  denied  { getattr } for  pid=2382 comm="bosserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419376.231:5704): avc:  denied  { read } for  pid=2384 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419376.231:5704): avc:  denied  { open } for  pid=2384 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419376.232:5705): avc:  denied  { getattr } for  pid=2384 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419376.258:5706): avc:  denied  { connectto } for  pid=2384 comm="dafileserver" path="/usr/afs/local/salvsync.sock" scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=unconfined_u:system_r:afs_fsserver_t:s0 tclass=unix_stream_socket
type=AVC msg=audit(1388419376.299:5707): avc:  denied  { search } for  pid=2401 comm="dafileserver" name="/" dev=sysfs ino=1 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1388419376.299:5707): avc:  denied  { read } for  pid=2401 comm="dafileserver" name="online" dev=sysfs ino=23 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1388419376.299:5707): avc:  denied  { open } for  pid=2401 comm="dafileserver" name="online" dev=sysfs ino=23 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1388419379.233:5708): avc:  denied  { read } for  pid=2385 comm="davolserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419379.233:5708): avc:  denied  { open } for  pid=2385 comm="davolserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388419379.233:5709): avc:  denied  { getattr } for  pid=2385 comm="davolserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388420047.306:5716): avc:  denied  { read } for  pid=2729 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388420047.306:5716): avc:  denied  { open } for  pid=2729 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388420047.306:5717): avc:  denied  { getattr } for  pid=2729 comm="bosserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388420047.312:5718): avc:  denied  { read } for  pid=2731 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388420047.312:5718): avc:  denied  { open } for  pid=2731 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388420047.313:5719): avc:  denied  { getattr } for  pid=2731 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388420047.339:5720): avc:  denied  { connectto } for  pid=2731 comm="dafileserver" path="/usr/afs/local/salvsync.sock" scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=unconfined_u:system_r:afs_fsserver_t:s0 tclass=unix_stream_socket
type=AVC msg=audit(1388420047.344:5721): avc:  denied  { search } for  pid=2748 comm="dafileserver" name="/" dev=sysfs ino=1 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1388554314.427:7344): avc:  denied  { read } for  pid=2749 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388554314.427:7344): avc:  denied  { open } for  pid=2749 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388554314.427:7345): avc:  denied  { getattr } for  pid=2749 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388556079.721:7370): avc:  denied  { read } for  pid=2750 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388556079.721:7370): avc:  denied  { open } for  pid=2750 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388556079.721:7371): avc:  denied  { getattr } for  pid=2750 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=unconfined_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565166.451:4): avc:  denied  { read } for  pid=1879 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565166.451:4): avc:  denied  { open } for  pid=1879 comm="bosserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565166.451:5): avc:  denied  { getattr } for  pid=1879 comm="bosserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_bosserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565166.498:6): avc:  denied  { read } for  pid=1887 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565166.498:6): avc:  denied  { open } for  pid=1887 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565166.498:7): avc:  denied  { getattr } for  pid=1887 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565166.543:8): avc:  denied  { connectto } for  pid=1887 comm="dafileserver" path="/usr/afs/local/salvsync.sock" scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:system_r:afs_fsserver_t:s0 tclass=unix_stream_socket
type=AVC msg=audit(1388565166.611:9): avc:  denied  { search } for  pid=1932 comm="dafileserver" name="/" dev=sysfs ino=1 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1388565166.611:9): avc:  denied  { read } for  pid=1932 comm="dafileserver" name="online" dev=sysfs ino=23 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1388565166.611:9): avc:  denied  { open } for  pid=1932 comm="dafileserver" name="online" dev=sysfs ino=23 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1388565166.611:10): avc:  denied  { search } for  pid=1934 comm="dafileserver" name="/" dev=sysfs ino=1 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1388565168.319:11): avc:  denied  { read } for  pid=1936 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565168.319:11): avc:  denied  { open } for  pid=1936 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565168.320:12): avc:  denied  { getattr } for  pid=1936 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565169.541:14): avc:  denied  { read } for  pid=1888 comm="davolserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565169.541:14): avc:  denied  { open } for  pid=1888 comm="davolserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565169.541:15): avc:  denied  { getattr } for  pid=1888 comm="davolserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565169.544:16): avc:  denied  { search } for  pid=2100 comm="davolserver" name="/" dev=sysfs ino=1 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1388565169.544:16): avc:  denied  { read } for  pid=2100 comm="davolserver" name="online" dev=sysfs ino=23 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1388565169.544:16): avc:  denied  { open } for  pid=2100 comm="davolserver" name="online" dev=sysfs ino=23 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1388565169.545:17): avc:  denied  { read } for  pid=2101 comm="davolserver" name="online" dev=sysfs ino=23 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1388565169.545:17): avc:  denied  { open } for  pid=2101 comm="davolserver" name="online" dev=sysfs ino=23 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file
type=AVC msg=audit(1388565173.478:18): avc:  denied  { read } for  pid=1914 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565173.478:18): avc:  denied  { open } for  pid=1914 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388565173.479:19): avc:  denied  { getattr } for  pid=1914 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388567432.946:59): avc:  denied  { read } for  pid=1934 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388567432.946:59): avc:  denied  { open } for  pid=1934 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388567432.946:60): avc:  denied  { getattr } for  pid=1934 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388642401.985:945): avc:  denied  { read } for  pid=1935 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388642401.985:945): avc:  denied  { open } for  pid=1935 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388642401.986:946): avc:  denied  { getattr } for  pid=1935 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388642555.817:953): avc:  denied  { read } for  pid=1933 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388642555.817:953): avc:  denied  { open } for  pid=1933 comm="dafileserver" name="urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
type=AVC msg=audit(1388642555.818:954): avc:  denied  { getattr } for  pid=1933 comm="dafileserver" path="/dev/urandom" dev=devtmpfs ino=3703 scontext=system_u:system_r:afs_fsserver_t:s0 tcontext=system_u:object_r:urandom_device_t:s0 tclass=chr_file
ATOM RSS1 RSS2
LISTSERV.FNAL.GOV