# selinux for /run freezing mouse and keyboard on X and NM

## DevPump

I am attempting to setup selinux. Using the following fstab line seems to freeze my mouse and keyboard on xfce4 and NetworkManager will not start.

```
tmpfs  /run   tmpfs  mode=0755,nosuid,nodev,rootcontext=system_u:object_r:var_run_t  0 0
```

Anyone else have this issue?

Audit Log:

```

type=DAEMON_START msg=audit(1448747612.613:2829): auditd start, ver=2.2.2 format=raw kernel=4.1.7-hardened-r1 auid=4294967295 pid=3835 subj=system_u:system_r:auditd_t res=success

type=CONFIG_CHANGE msg=audit(1448747612.873:130): auid=4294967295 ses=4294967295 subj=system_u:system_r:auditctl_t op="add_rule" key=(null) list=4 res=1

type=CONFIG_CHANGE msg=audit(1448747612.873:131): auid=4294967295 ses=4294967295 subj=system_u:system_r:auditctl_t op="add_rule" key=(null) list=4 res=1

type=CONFIG_CHANGE msg=audit(1448747612.873:132): audit_backlog_limit=8192 old=64 auid=4294967295 ses=4294967295 subj=system_u:system_r:auditctl_t res=1

type=AVC msg=audit(1448747612.995:133): avc:  denied  { create } for  pid=3808 comm="ModemManager" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=netlink_kobject_uevent_socket permissive=1

type=AVC msg=audit(1448747612.995:134): avc:  denied  { setopt } for  pid=3808 comm="ModemManager" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=netlink_kobject_uevent_socket permissive=1

type=AVC msg=audit(1448747612.996:135): avc:  denied  { bind } for  pid=3808 comm="ModemManager" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=netlink_kobject_uevent_socket permissive=1

type=AVC msg=audit(1448747612.996:136): avc:  denied  { getattr } for  pid=3808 comm="ModemManager" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=netlink_kobject_uevent_socket permissive=1

type=AVC msg=audit(1448747613.064:137): avc:  denied  { read } for  pid=3808 comm="ModemManager" name="c4:64" dev="tmpfs" ino=10136 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.064:138): avc:  denied  { open } for  pid=3808 comm="ModemManager" path="/run/udev/data/c4:64" dev="tmpfs" ino=10136 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.065:139): avc:  denied  { getattr } for  pid=3808 comm="ModemManager" path="/run/udev/data/c4:64" dev="tmpfs" ino=10136 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.131:140): avc:  denied  { read } for  pid=3868 comm="openrc" name="NetworkManager.pid" dev="tmpfs" ino=11343 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.131:140): avc:  denied  { open } for  pid=3868 comm="openrc" path="/run/NetworkManager/NetworkManager.pid" dev="tmpfs" ino=11343 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.156:141): avc:  denied  { write } for  pid=3874 comm="nm-online" name="private" dev="tmpfs" ino=11347 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1

type=SYSCALL msg=audit(1448747613.156:141): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=3a6de0b1af0 a2=6e a3=14 items=1 ppid=3841 pid=3874 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="nm-online" exe="/usr/bin/nm-online" subj=system_u:system_r:initrc_t key=(null)

type=SOCKADDR msg=audit(1448747613.156:141): saddr=01002F7661722F72756E2F4E6574776F726B4D616E616765722F707269766174650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

type=CWD msg=audit(1448747613.156:141):  cwd="/"

type=PATH msg=audit(1448747613.156:141): item=0 name="/var/run/NetworkManager/private" inode=11347 dev=00:12 mode=0140777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=NORMAL

type=UNKNOWN[1327] msg=audit(1448747613.156:141): proctitle=6E6D2D6F6E6C696E65002D740030002D78

type=AVC msg=audit(1448747613.382:142): avc:  denied  { search } for  pid=1 comm="init" name="/" dev="tmpfs" ino=6204 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747613.382:143): avc:  denied  { write } for  pid=1 comm="init" name="utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.382:144): avc:  denied  { read } for  pid=1 comm="init" name="utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.382:145): avc:  denied  { open } for  pid=1 comm="init" path="/run/utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.382:146): avc:  denied  { lock } for  pid=1 comm="init" path="/run/utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:init_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.439:147): avc:  denied  { search } for  pid=3924 comm="agetty" name="/" dev="tmpfs" ino=6204 scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=SYSCALL msg=audit(1448747613.439:147): arch=c000003e syscall=21 success=no exit=-2 a0=3568fd7a1d8 a1=0 a2=4 a3=fffffffffffffa4f items=1 ppid=1 pid=3924 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="agetty" exe="/sbin/agetty" subj=system_u:system_r:getty_t key=(null)

type=CWD msg=audit(1448747613.439:147):  cwd="/"

type=PATH msg=audit(1448747613.439:147): item=0 name="/var/run/utmpx" nametype=UNKNOWN

type=UNKNOWN[1327] msg=audit(1448747613.439:147): proctitle=2F7362696E2F6167657474790033383430300074747931006C696E7578

type=AVC msg=audit(1448747613.439:148): avc:  denied  { read } for  pid=3924 comm="agetty" name="utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.439:148): avc:  denied  { open } for  pid=3924 comm="agetty" path="/run/utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.439:149): avc:  denied  { lock } for  pid=3924 comm="agetty" path="/run/utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.439:150): avc:  denied  { write } for  pid=3924 comm="agetty" name="utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.556:151): avc:  denied  { write } for  pid=3928 comm="agetty" name="/" dev="tmpfs" ino=6204 scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747613.556:151): avc:  denied  { add_name } for  pid=3928 comm="agetty" name="agetty.reload" scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747613.556:151): avc:  denied  { create } for  pid=3928 comm="agetty" name="agetty.reload" scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.556:151): avc:  denied  { read open } for  pid=3928 comm="agetty" path="/run/agetty.reload" dev="tmpfs" ino=11733 scontext=system_u:system_r:getty_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747613.862:152): avc:  denied  { write } for  pid=3156 comm="systemd-udevd" name="udev" dev="tmpfs" ino=6508 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747613.862:153): avc:  denied  { add_name } for  pid=3156 comm="systemd-udevd" name="queue" scontext=system_u:system_r:udev_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747613.895:154): avc:  denied  { search } for  pid=3795 comm="NetworkManager" name="/" dev="tmpfs" ino=6204 scontext=system_u:system_r:NetworkManager_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747613.896:155): avc:  denied  { write } for  pid=3795 comm="NetworkManager" name="NetworkManager" dev="tmpfs" ino=11337 scontext=system_u:system_r:NetworkManager_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747613.896:156): avc:  denied  { add_name } for  pid=3795 comm="NetworkManager" name="private-dhcp" scontext=system_u:system_r:NetworkManager_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747613.979:157): avc:  denied  { remove_name } for  pid=3156 comm="systemd-udevd" name="queue" dev="tmpfs" ino=11766 scontext=system_u:system_r:udev_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747614.159:158): avc:  denied  { search } for  pid=3959 comm="nm-dhcp-helper" name="/" dev="tmpfs" ino=6204 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747614.159:158): avc:  denied  { write } for  pid=3959 comm="nm-dhcp-helper" name="private-dhcp" dev="tmpfs" ino=11783 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1

type=SYSCALL msg=audit(1448747614.159:158): arch=c000003e syscall=42 success=yes exit=0 a0=4 a1=3c8a155a9a0 a2=6e a3=14 items=1 ppid=3957 pid=3959 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="nm-dhcp-helper" exe="/usr/libexec/nm-dhcp-helper" subj=system_u:system_r:dhcpc_t key=(null)

type=SOCKADDR msg=audit(1448747614.159:158): saddr=01002F7661722F72756E2F4E6574776F726B4D616E616765722F707269766174652D64686370000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

type=CWD msg=audit(1448747614.159:158):  cwd="/"

type=PATH msg=audit(1448747614.159:158): item=0 name="/var/run/NetworkManager/private-dhcp" inode=11783 dev=00:12 mode=0140777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmpfs_t nametype=NORMAL

type=UNKNOWN[1327] msg=audit(1448747614.159:158): proctitle="/usr/libexec/nm-dhcp-helper"

type=AVC msg=audit(1448747614.164:159): avc:  denied  { write } for  pid=3957 comm="dhclient" name="/" dev="tmpfs" ino=6204 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747614.164:159): avc:  denied  { add_name } for  pid=3957 comm="dhclient" name="dhclient-wlp3s0.pid" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=AVC msg=audit(1448747614.164:159): avc:  denied  { create } for  pid=3957 comm="dhclient" name="dhclient-wlp3s0.pid" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747614.164:159): avc:  denied  { write open } for  pid=3957 comm="dhclient" path="/run/dhclient-wlp3s0.pid" dev="tmpfs" ino=11834 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747614.164:160): avc:  denied  { getattr } for  pid=3957 comm="dhclient" path="/run/dhclient-wlp3s0.pid" dev="tmpfs" ino=11834 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747650.268:161): avc:  denied  { search } for  pid=3924 comm="login" name="/" dev="tmpfs" ino=6204 scontext=system_u:system_r:local_login_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1

type=SYSCALL msg=audit(1448747650.268:161): arch=c000003e syscall=21 success=no exit=-2 a0=365f65661d8 a1=0 a2=f a3=41f07d9960 items=1 ppid=1 pid=3924 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=4294967295 comm="login" exe="/bin/login" subj=system_u:system_r:local_login_t key=(null)

type=CWD msg=audit(1448747650.268:161):  cwd="/"

type=PATH msg=audit(1448747650.268:161): item=0 name="/var/run/utmpx" nametype=UNKNOWN

type=UNKNOWN[1327] msg=audit(1448747650.268:161): proctitle=2F7362696E2F6167657474790033383430300074747931006C696E7578

type=AVC msg=audit(1448747650.268:162): avc:  denied  { read } for  pid=3924 comm="login" name="utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:local_login_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747650.268:162): avc:  denied  { open } for  pid=3924 comm="login" path="/run/utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:local_login_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747650.269:163): avc:  denied  { lock } for  pid=3924 comm="login" path="/run/utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:local_login_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=USER_AUTH msg=audit(1448747652.680:164): pid=3924 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:local_login_t msg='op=PAM:authentication grantors=pam_tally2,pam_shells,pam_unix,pam_permit acct="root" exe="/bin/login" hostname=? addr=? terminal=/dev/tty1 res=success'

type=USER_ACCT msg=audit(1448747652.773:165): pid=3924 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:local_login_t msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_permit,pam_tally2 acct="root" exe="/bin/login" hostname=? addr=? terminal=/dev/tty1 res=success'

type=LOGIN msg=audit(1448747652.787:166): pid=3924 uid=0 subj=system_u:system_r:local_login_t old-auid=4294967295 auid=0 old-ses=4294967295 ses=1 res=1

type=USER_ROLE_CHANGE msg=audit(1448747652.832:167): pid=3924 uid=0 auid=0 ses=1 subj=system_u:system_r:local_login_t msg='pam: default-context=root:sysadm_r:sysadm_t selected-context=root:sysadm_r:sysadm_t exe="/bin/login" hostname=? addr=? terminal=/dev/tty1 res=success'

type=USER_START msg=audit(1448747652.832:168): pid=3924 uid=0 auid=0 ses=1 subj=system_u:system_r:local_login_t msg='op=PAM:session_open grantors=pam_lastlog,pam_loginuid,pam_selinux,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_selinux,pam_mail acct="root" exe="/bin/login" hostname=? addr=? terminal=/dev/tty1 res=success'

type=CRED_ACQ msg=audit(1448747652.833:169): pid=3924 uid=0 auid=0 ses=1 subj=system_u:system_r:local_login_t msg='op=PAM:setcred grantors=pam_tally2,pam_shells,pam_unix,pam_permit acct="root" exe="/bin/login" hostname=? addr=? terminal=/dev/tty1 res=success'

type=USER_LOGIN msg=audit(1448747652.833:170): pid=3924 uid=0 auid=0 ses=1 subj=system_u:system_r:local_login_t msg='op=login acct="root" exe="/bin/login" hostname=? addr=? terminal=/dev/tty1 res=success'

type=AVC msg=audit(1448747652.833:171): avc:  denied  { write } for  pid=4015 comm="login" name="utmp" dev="tmpfs" ino=9435 scontext=system_u:system_r:local_login_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

type=AVC msg=audit(1448747665.504:172): avc:  denied  { read } for  pid=4019 comm="openrc" name="profile.env" dev="dm-1" ino=1203596 scontext=root:sysadm_r:run_init_t tcontext=system_u:object_r:etc_runtime_t tclass=file permissive=1

type=AVC msg=audit(1448747665.504:172): avc:  denied  { open } for  pid=4019 comm="openrc" path="/etc/profile.env" dev="dm-1" ino=1203596 scontext=root:sysadm_r:run_init_t tcontext=system_u:object_r:etc_runtime_t tclass=file permissive=1

type=AVC msg=audit(1448747665.504:173): avc:  denied  { getattr } for  pid=4019 comm="openrc" path="/etc/profile.env" dev="dm-1" ino=1203596 scontext=root:sysadm_r:run_init_t tcontext=system_u:object_r:etc_runtime_t tclass=file permissive=1

type=AVC msg=audit(1448747665.506:174): avc:  denied  { search } for  pid=4019 comm="openrc" name="1" dev="proc" ino=8948 scontext=root:sysadm_r:run_init_t tcontext=system_u:system_r:init_t tclass=dir permissive=1

type=AVC msg=audit(1448747665.506:174): avc:  denied  { read } for  pid=4019 comm="openrc" name="environ" dev="proc" ino=9439 scontext=root:sysadm_r:run_init_t tcontext=system_u:system_r:init_t tclass=file permissive=1

type=AVC msg=audit(1448747665.506:174): avc:  denied  { open } for  pid=4019 comm="openrc" path="/proc/1/environ" dev="proc" ino=9439 scontext=root:sysadm_r:run_init_t tcontext=system_u:system_r:init_t tclass=file permissive=1

type=AVC msg=audit(1448747665.506:175): avc:  denied  { getattr } for  pid=4019 comm="openrc" path="/proc/1/environ" dev="proc" ino=9439 scontext=root:sysadm_r:run_init_t tcontext=system_u:system_r:init_t tclass=file permissive=1

type=AVC msg=audit(1448747665.506:176): avc:  denied  { read } for  pid=4019 comm="openrc" name="softlevel" dev="tmpfs" ino=9476 scontext=root:sysadm_r:run_init_t tcontext=system_u:object_r:initrc_state_t tclass=file permissive=1

type=AVC msg=audit(1448747665.506:176): avc:  denied  { open } for  pid=4019 comm="openrc" path="/run/openrc/softlevel" dev="tmpfs" ino=9476 scontext=root:sysadm_r:run_init_t tcontext=system_u:object_r:initrc_state_t tclass=file permissive=1

type=AVC msg=audit(1448747665.506:177): avc:  denied  { getattr } for  pid=4019 comm="openrc" path="/run/openrc/softlevel" dev="tmpfs" ino=9476 scontext=root:sysadm_r:run_init_t tcontext=system_u:object_r:initrc_state_t tclass=file permissive=1

type=USER_AUTH msg=audit(1448747667.685:178): pid=4019 uid=0 auid=0 ses=1 subj=root:sysadm_r:run_init_t msg='op=PAM:authentication grantors=pam_unix,pam_permit acct="root" exe="/sbin/openrc" hostname=? addr=? terminal=tty1 res=success'

type=AVC msg=audit(1448747667.764:179): avc:  denied  { read write } for  pid=4033 comm="ssh-keygen" path="/dev/tty1" dev="devtmpfs" ino=5184 scontext=system_u:system_r:ssh_keygen_t tcontext=root:object_r:user_tty_device_t tclass=chr_file permissive=1

type=SYSCALL msg=audit(1448747667.764:179): arch=c000003e syscall=59 success=yes exit=0 a0=629178ea0 a1=629175f30 a2=629119ff0 a3=8 items=2 ppid=4021 pid=4033 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="ssh-keygen" exe="/usr/bin/ssh-keygen" subj=system_u:system_r:ssh_keygen_t key=(null)

type=EXECVE msg=audit(1448747667.764:179): argc=2 a0="ssh-keygen" a1="-A"

type=CWD msg=audit(1448747667.764:179):  cwd="/"

type=PATH msg=audit(1448747667.764:179): item=0 name="/usr/bin/ssh-keygen" inode=524950 dev=fe:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ssh_keygen_exec_t nametype=NORMAL

type=PATH msg=audit(1448747667.764:179): item=1 name="/lib64/ld-linux-x86-64.so.2" inode=139335 dev=fe:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t nametype=NORMAL

type=UNKNOWN[1327] msg=audit(1448747667.764:179): proctitle=7373682D6B657967656E002D41

type=AVC msg=audit(1448747667.809:180): avc:  denied  { read write } for  pid=4034 comm="sshd" path="/dev/tty1" dev="devtmpfs" ino=5184 scontext=system_u:system_r:sshd_t tcontext=root:object_r:user_tty_device_t tclass=chr_file permissive=1

type=AVC msg=audit(1448747667.809:180): avc:  denied  { use } for  pid=4034 comm="sshd" path="/dev/tty1" dev="devtmpfs" ino=5184 scontext=system_u:system_r:sshd_t tcontext=system_u:system_r:getty_t tclass=fd permissive=1

type=SYSCALL msg=audit(1448747667.809:180): arch=c000003e syscall=59 success=yes exit=0 a0=6291787b0 a1=629178a70 a2=629119ff0 a3=8 items=2 ppid=4021 pid=4034 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t key=(null)

type=EXECVE msg=audit(1448747667.809:180): argc=2 a0="/usr/sbin/sshd" a1="-t"

type=CWD msg=audit(1448747667.809:180):  cwd="/"

type=PATH msg=audit(1448747667.809:180): item=0 name="/usr/sbin/sshd" inode=827165 dev=fe:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:sshd_exec_t nametype=NORMAL

type=PATH msg=audit(1448747667.809:180): item=1 name="/lib64/ld-linux-x86-64.so.2" inode=139335 dev=fe:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t nametype=NORMAL

type=UNKNOWN[1327] msg=audit(1448747667.809:180): proctitle=2F7573722F7362696E2F73736864002D74

```

----------

