Logwatch returns strange snmpd errors...RHEL4/or PE serie 9 problem ?

Florent Gilain florent.gilain at direct-energie.com
Fri Jan 12 07:47:47 CST 2007


Hi all,

Each morning, i receive a summary by logwatch of what has happen the day
before on the server.

Since i have PE 19** or 29** series, i receive mails containing strange
entries (many thousands of log lines each day) that are like that :

--------------------- Kernel Begin ------------------------ 


1 Time(s): audit(1168384436.119:216363): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=usbfs ino=1387
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
1 Time(s): audit(1168384436.119:216364): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=sda3 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
1 Time(s): audit(1168384436.119:216365): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:home_root_t
tclass=dir
1 Time(s): audit(1168384436.120:216366): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-2 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:tmp_t
tclass=dir
1 Time(s): audit(1168384436.121:216367): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-6 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:file_t
tclass=dir
1 Time(s): audit(1168384436.121:216368): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=binfmt_misc ino=7434
scontext=system_u:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
1 Time(s): audit(1168384436.124:216369): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=usbfs ino=1387
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
1 Time(s): audit(1168384436.124:216370): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=usbfs ino=1387
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
1 Time(s): audit(1168384436.124:216371): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=usbfs ino=1387
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
1 Time(s): audit(1168384436.124:216372): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=usbfs ino=1387
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
1 Time(s): audit(1168384436.124:216373): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=sda3 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
1 Time(s): audit(1168384436.124:216374): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=sda3 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
1 Time(s): audit(1168384436.125:216375): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=sda3 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
1 Time(s): audit(1168384436.131:216376): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=sda3 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir
1 Time(s): audit(1168384436.131:216377): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:home_root_t
tclass=dir
1 Time(s): audit(1168384436.132:216378): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:home_root_t
tclass=dir
1 Time(s): audit(1168384436.132:216379): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:home_root_t
tclass=dir
1 Time(s): audit(1168384436.132:216380): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-1 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:home_root_t
tclass=dir
1 Time(s): audit(1168384436.132:216381): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-2 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:tmp_t
tclass=dir
1 Time(s): audit(1168384436.132:216382): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-2 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:tmp_t
tclass=dir
1 Time(s): audit(1168384436.132:216383): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-2 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:tmp_t
tclass=dir
1 Time(s): audit(1168384436.132:216384): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-2 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:tmp_t
tclass=dir
1 Time(s): audit(1168384436.134:216385): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-6 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:file_t
tclass=dir
1 Time(s): audit(1168384436.134:216386): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-6 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:file_t
tclass=dir
1 Time(s): audit(1168384436.134:216387): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-6 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:file_t
tclass=dir
1 Time(s): audit(1168384436.134:216388): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=dm-6 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:file_t
tclass=dir
1 Time(s): audit(1168384436.135:216389): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=binfmt_misc ino=7434
scontext=system_u:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
1 Time(s): audit(1168384436.135:216390): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=binfmt_misc ino=7434
scontext=system_u:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
1 Time(s): audit(1168384436.135:216391): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=binfmt_misc ino=7434
scontext=system_u:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
1 Time(s): audit(1168384436.135:216392): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=binfmt_misc ino=7434
scontext=system_u:system_r:snmpd_t
tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir
1 Time(s): audit(1168384436.176:216393): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=usbfs ino=1387
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:usbfs_t
tclass=dir
1 Time(s): audit(1168384436.176:216394): avc:  denied  { getattr } for
pid=15525 comm="snmpd" name="/" dev=sda3 ino=2
scontext=system_u:system_r:snmpd_t tcontext=system_u:object_r:boot_t
tclass=dir


Any idea of what could generate theses log lines ?

Thanks

Florent



More information about the Linux-PowerEdge mailing list