Project

General

Profile

Download (17.7 KB)

Bug #18409 ยป avc.txt

Yvan Broccard, 02/08/2017 05:18 AM

 
type=SERVICE_START msg=audit(1486395141.928:64396): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1486395141.928:64397): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1486395143.613:64398): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486395143.784:64399): avc: denied { execmem } for pid=96336 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486395143.784:64399): arch=c000003e syscall=10 success=no exit=-13 a0=7fe38abd7000 a1=1000 a2=5 a3=7ffe5592d7b0 items=0 ppid=1 pid=96336 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=SERVICE_STOP msg=audit(1486395143.802:64400): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=SERVICE_START msg=audit(1486395170.895:64401): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486395170.959:64402): avc: denied { execmem } for pid=96377 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486395170.959:64402): arch=c000003e syscall=10 success=no exit=-13 a0=7f247d711000 a1=1000 a2=5 a3=7ffe3460ef30 items=0 ppid=1 pid=96377 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=SERVICE_STOP msg=audit(1486395170.974:64403): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=CRYPTO_KEY_USER msg=audit(1486395201.827:64404): pid=96483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=f6:1d:c7:80:14:36:40:41:29:4d:78:23:4f:b7:61:7d direction=? spid=96483 suid=0 exe="/usr/sbin/sshd" hostname=? addr=172.22.2.125 terminal=? res=success'
--
type=SERVICE_STOP msg=audit(1486395372.274:64431): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dhcpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1486395372.616:64432): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dhcpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1486395388.294:64433): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486395388.374:64434): avc: denied { execmem } for pid=96989 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486395388.374:64434): arch=c000003e syscall=10 success=no exit=-13 a0=7f44a9562000 a1=1000 a2=5 a3=7ffce0910090 items=0 ppid=1 pid=96989 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=SERVICE_STOP msg=audit(1486395388.389:64435): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=USER_ACCT msg=audit(1486395601.699:64436): pid=97149 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
--
type=CRED_DISP msg=audit(1486395601.881:64441): pid=97149 uid=0 auid=0 ses=8962 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=USER_END msg=audit(1486395601.882:64442): pid=97149 uid=0 auid=0 ses=8962 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=SERVICE_START msg=audit(1486395723.007:64443): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486395723.040:64444): avc: denied { execmem } for pid=97265 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486395723.040:64444): arch=c000003e syscall=10 success=no exit=-13 a0=7fa4af2f7000 a1=1000 a2=5 a3=7ffdc7c87f30 items=0 ppid=1 pid=97265 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=SERVICE_STOP msg=audit(1486395723.054:64445): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=USER_ACCT msg=audit(1486396201.896:64446): pid=97559 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
--
type=SERVICE_STOP msg=audit(1486396501.627:64487): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1486396501.865:64488): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1486396525.231:64489): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486396525.275:64490): avc: denied { execmem } for pid=98388 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486396525.275:64490): arch=c000003e syscall=10 success=no exit=-13 a0=7f6ead999000 a1=1000 a2=5 a3=7ffedfb7bde0 items=0 ppid=1 pid=98388 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=SERVICE_STOP msg=audit(1486396525.288:64491): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=CRYPTO_KEY_USER msg=audit(1486396602.234:64492): pid=98443 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=f6:1d:c7:80:14:36:40:41:29:4d:78:23:4f:b7:61:7d direction=? spid=98443 suid=0 exe="/usr/sbin/sshd" hostname=? addr=172.22.2.125 terminal=? res=success'
--
type=CRED_ACQ msg=audit(1486396610.227:64516): pid=98500 uid=0 auid=2017 ses=8964 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/3 res=success'
type=USER_START msg=audit(1486396610.229:64517): pid=98500 uid=0 auid=2017 ses=8964 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/3 res=success'
type=SERVICE_START msg=audit(1486396625.584:64518): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486396625.636:64519): avc: denied { execmem } for pid=98763 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486396625.636:64519): arch=c000003e syscall=10 success=no exit=-13 a0=7f880fa8a000 a1=1000 a2=5 a3=7fff73a93810 items=0 ppid=1 pid=98763 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=SERVICE_STOP msg=audit(1486396625.651:64520): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=USER_ACCT msg=audit(1486396801.128:64522): pid=98963 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="foreman" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
--
type=SYSCALL msg=audit(1486397345.945:64549): arch=c000003e syscall=1 success=yes exit=1 a0=3 a1=7ffcafda1d00 a2=1 a3=7ffcafda1a80 items=0 ppid=94841 pid=99389 auid=2017 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=8954 comm="setenforce" exe="/usr/sbin/setenforce" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
type=USER_AVC msg=audit(1486397350.407:64550): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: received setenforce notice (enforcing=0) exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
type=SERVICE_START msg=audit(1486397352.127:64551): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486397352.171:64552): avc: denied { execmem } for pid=99418 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486397352.171:64552): arch=c000003e syscall=10 success=yes exit=0 a0=7f9c928c1000 a1=1000 a2=5 a3=7fff3cbdfa40 items=0 ppid=1 pid=99418 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=USER_ACCT msg=audit(1486397401.039:64553): pid=99516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_ACQ msg=audit(1486397401.039:64554): pid=99516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
--
type=CRED_DISP msg=audit(1486398247.911:64604): pid=100471 uid=0 auid=2017 ses=8954 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="foreman-proxy" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=SERVICE_STOP msg=audit(1486398256.430:64605): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1486398257.342:64606): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486398257.456:64607): avc: denied { execmem } for pid=100518 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486398257.456:64607): arch=c000003e syscall=10 success=yes exit=0 a0=7fc56db27000 a1=1000 a2=5 a3=7ffecdbbd990 items=0 ppid=1 pid=100518 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=AVC msg=audit(1486398277.165:64608): avc: denied { getattr } for pid=100547 comm="websockify.py" path="/etc/pki/tls/certs/vmctldeploy30.pem" dev="dm-0" ino=143987 scontext=system_u:system_r:websockify_t:s0 tcontext=unconfined_u:object_r:cert_t:s0 tclass=file
type=SYSCALL msg=audit(1486398277.165:64608): arch=c000003e syscall=4 success=yes exit=0 a0=144cf70 a1=7ffe06a6c790 a2=7ffe06a6c790 a3=3 items=0 ppid=99855 pid=100547 auid=4294967295 uid=993 gid=990 euid=993 suid=993 fsuid=993 egid=990 sgid=990 fsgid=990 tty=(none) ses=4294967295 comm="websockify.py" exe="/usr/bin/python2.7" subj=system_u:system_r:websockify_t:s0 key=(null)
--
type=CRED_DISP msg=audit(1486399363.285:64683): pid=102072 uid=0 auid=2017 ses=8975 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="foreman-proxy" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/3 res=success'
type=SERVICE_STOP msg=audit(1486399375.390:64684): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1486399376.148:64685): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=foreman-proxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1486399376.237:64686): avc: denied { execmem } for pid=102092 comm="ruby" scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:system_r:foreman_proxy_t:s0 tclass=process
type=SYSCALL msg=audit(1486399376.237:64686): arch=c000003e syscall=10 success=yes exit=0 a0=7f071d29b000 a1=1000 a2=5 a3=7fff6cc4d870 items=0 ppid=1 pid=102092 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=SERVICE_STOP msg=audit(1486399483.206:64687): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=SERVICE_START msg=audit(1486399483.449:64688): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=httpd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
--
type=CRED_REFR msg=audit(1486482001.643:66585): pid=30173 uid=0 auid=0 ses=9234 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_DISP msg=audit(1486482001.654:66586): pid=30173 uid=0 auid=0 ses=9234 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=USER_END msg=audit(1486482001.657:66587): pid=30173 uid=0 auid=0 ses=9234 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=AVC msg=audit(1486482145.253:66588): avc: denied { write } for pid=30296 comm="ruby" name="foreman-proxy_172.22.23.0_24.tmp" dev="dm-0" ino=1121 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file
type=AVC msg=audit(1486482145.253:66588): avc: denied { open } for pid=30296 comm="ruby" path="/tmp/foreman-proxy_172.22.23.0_24.tmp" dev="dm-0" ino=1121 scontext=system_u:system_r:foreman_proxy_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1486482145.253:66588): arch=c000003e syscall=2 success=yes exit=12 a0=7f06f8035530 a1=80002 a2=1b6 a3=e items=0 ppid=1 pid=30296 auid=4294967295 uid=992 gid=989 euid=992 suid=992 fsuid=992 egid=989 sgid=989 fsgid=989 tty=(none) ses=4294967295 comm="ruby" exe="/usr/bin/ruby" subj=system_u:system_r:foreman_proxy_t:s0 key=(null)
type=USER_ACCT msg=audit(1486482601.691:66589): pid=30512 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_ACQ msg=audit(1486482601.691:66590): pid=30512 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
    (1-1/1)