kernel - audits

JACOB_LIBERMAN@Dell.com JACOB_LIBERMAN at Dell.com
Tue Jul 5 16:53:12 CDT 2005


Alan,

These errors are the result of SELinux targeted policy audits.  This is
a new feature in RHEL4.  If you're not using SELinux -- and it sounds
like you are not -- you can make these errors go away by disabling
SELinux with the setenforce command or by changing "SELINUX=disabled" in
/etc/selinux/config to disable it at boot. Alternately, you might be
able to make the error go away by changing the context of snmpd.log with
the chcon command. 

In summary, this is not a problem with the RAID controller.

Thanks, jacob

>    Jun 29 18:40:42 localhost kernel: audit(1120095642.654:0): avc:
denied  {
>    write } for  pid=7739 exe=/usr/sbin/snmpd name=snmpd.log dev=sda7
>    ino=83664 scontext=root:system_r:snmpd_t
>    tcontext=user_u:object_r:var_log_t tclass=file
> 
>    Jun 29 18:40:43 localhost kernel: audit(1120095643.075:0): avc:
denied  {
>    read append } for  pid=7741 exe=/usr/sbin/snmpd name=snmpd.log
dev=sda7
>    ino=83664 scontext=root:system_r:snmpd_t
>    tcontext=user_u:object_r:var_log_t tclass=file



More information about the Linux-PowerEdge mailing list