# Selinux in enforcing keyboard dead ( SOLVED )

## marios

i try to start gentoo in enforcing mode , but not work , my keyboard is locked.

with selinux in permissive mode it's ok. 

my avc.log:

[code]

Jul 12 16:06:34 localhost kernel: [  323.671673] type=1400 audit(1310479594.670:280): avc:  denied  { write } for  pid=3271 comm="cp" name="card0_pcm0c" dev=sdb7 ino=65572 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:alsa_var_lib_t tclass=file

Jul 12 16:06:35 localhost kernel: [  324.069719] type=1400 audit(1310479595.068:281): avc:  denied  { unlink } for  pid=1978 comm="gdm" name="gdm_socket" dev=sdb7 ino=73739 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:var_run_t tclass=sock_file

Jul 12 16:07:22 localhost kernel: [    2.488633] type=1400 audit(1310486832.487:2): avc:  denied  { setattr } for  pid=371 comm="khubd" name="mouse1" dev=devtmpfs ino=1996 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    2.489321] type=1400 audit(1310486832.488:3): avc:  denied  { setattr } for  pid=371 comm="khubd" name="event5" dev=devtmpfs ino=1997 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    2.490293] type=1400 audit(1310486832.489:4): avc:  denied  { setattr } for  pid=371 comm="khubd" name="hidraw2" dev=devtmpfs ino=1998 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    2.857398] type=1400 audit(1310486832.856:6): avc:  denied  { setattr } for  pid=982 comm="mount" name="/" dev=proc ino=1 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:proc_t tclass=dir

Jul 12 16:07:22 localhost kernel: [    2.940993] type=1400 audit(1310486832.939:7): avc:  denied  { setattr } for  pid=990 comm="mount" name="/" dev=tmpfs ino=281 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:initrc_state_t tclass=dir

Jul 12 16:07:22 localhost kernel: [    3.159619] type=1400 audit(1310486833.158: :Cool: : avc:  denied  { setattr } for  pid=1004 comm="mount" name="/" dev=devpts ino=1 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:devpts_t tclass=dir

Jul 12 16:07:22 localhost kernel: [    3.172532] type=1400 audit(1310486833.171:9): avc:  denied  { setattr } for  pid=1008 comm="mkdir" name="shm" dev=devtmpfs ino=286 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:device_t tclass=dir

Jul 12 16:07:22 localhost kernel: [    3.200875] type=1400 audit(1310486833.199:10): avc:  denied  { setattr } for  pid=1012 comm="mount" name="/" dev=tmpfs ino=293 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:device_t tclass=dir

Jul 12 16:07:22 localhost kernel: [    5.361261] type=1400 audit(1310479635.360:64): avc:  denied  { create } for  pid=1141 comm="mkdir" name=".test.1134" scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_run_t tclass=dir

Jul 12 16:07:22 localhost kernel: [    5.393599] type=1400 audit(1310479635.392:65): avc:  denied  { setattr } for  pid=1144 comm="chmod" name="/" dev=sdb8 ino=2 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:tmp_t tclass=dir

Jul 12 16:07:22 localhost kernel: [    5.577716] type=1400 audit(1310479635.576:66): avc:  denied  { read write } for  pid=1155 comm="restorecon" name="console" dev=devtmpfs ino=1878 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    5.577810] type=1400 audit(1310479635.576:67): avc:  denied  { read write } for  pid=1155 comm="restorecon" path="/dev/console" dev=devtmpfs ino=1878 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    5.577863] type=1400 audit(1310479635.576:6 :Cool: : avc:  denied  { read write } for  pid=1155 comm="restorecon" path="/dev/console" dev=devtmpfs ino=1878 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    5.577881] type=1400 audit(1310479635.576:69): avc:  denied  { read write } for  pid=1155 comm="restorecon" path="/dev/console" dev=devtmpfs ino=1878 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    5.684316] type=1400 audit(1310479635.683:70): avc:  denied  { create } for  pid=1156 comm="mkdir" name=".test.1134" scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_log_t tclass=dir

Jul 12 16:07:22 localhost kernel: [    5.786867] type=1400 audit(1310479635.785:71): avc:  denied  { setattr } for  pid=1170 comm="runscript.sh" name="vcs2" dev=devtmpfs ino=422 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    5.787071] type=1400 audit(1310479635.786:72): avc:  denied  { setattr } for  pid=1170 comm="runscript.sh" name="vcsa2" dev=devtmpfs ino=423 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [    5.787342] type=1400 audit(1310479635.786:73): avc:  denied  { setattr } for  pid=1170 comm="runscript.sh" name="vcs3" dev=devtmpfs ino=424 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [   11.937696] type=1400 audit(1310479641.936:152): avc:  denied  { syslog } for  pid=1909 comm="syslog-ng" capability=34  scontext=system_u:system_r:syslogd_t tcontext=system_u:system_r:syslogd_t tclass=capability2

Jul 12 16:07:22 localhost kernel: [   12.692023] type=1400 audit(1310479642.690:153): avc:  denied  { module_request } for  pid=1925 comm="named" kmod="net-pf-10" scontext=system_u:system_r:named_t tcontext=system_u:system_r:kernel_t tclass=system

Jul 12 16:07:24 localhost kernel: [   14.695496] type=1400 audit(1310479644.694:154): avc:  denied  { create } for  pid=1971 comm="gdm" name="gdm_socket" scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:var_run_t tclass=sock_file

Jul 12 16:07:25 localhost kernel: [   15.396803] type=1400 audit(1310479645.395:155): avc:  denied  { write } for  pid=2008 comm="runscript.sh" name="oss" dev=proc ino=4026532226 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:proc_t tclass=file

Jul 12 16:07:25 localhost kernel: [   15.402299] type=1400 audit(1310479645.401:156): avc:  denied  { write } for  pid=2012 comm="runscript.sh" name="oss" dev=proc ino=4026532225 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:proc_t tclass=file

Jul 12 16:07:25 localhost kernel: [   15.407583] type=1400 audit(1310479645.406:157): avc:  denied  { write } for  pid=2016 comm="runscript.sh" name="oss" dev=proc ino=4026532224 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:proc_t tclass=file

Jul 12 16:07:29 localhost kernel: [   19.097118] type=1400 audit(1310479649.096:158): avc:  denied  { create } for  pid=1974 comm="X" scontext=system_u:system_r:xserver_t tcontext=system_u:system_r:xserver_t tclass=netlink_kobject_uevent_socket

Jul 12 16:07:29 localhost kernel: [   19.877347] type=1400 audit(1310479649.876:159): avc:  denied  { append } for  pid=2089 comm="apache2" name="ssl_error_log" dev=sdb5 ino=40165 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:httpd_sys_content_t tclass=file

Jul 12 16:07:40 localhost kernel: [   30.502588] type=1400 audit(1310479660.501:160): avc:  denied  { read write } for  pid=2148 comm="modprobe" path="socket:[5100]" dev=sockfs ino=5100 scontext=system_u:system_r:insmod_t tcontext=system_u:system_r:iptables_t tclass=rawip_socket

Jul 12 16:07:40 localhost kernel: [   30.601235] type=1400 audit(1310479660.600:161): avc:  denied  { execute_no_trans } for  pid=2169 comm="make" path="/sbin/shorewall" dev=sdb5 ino=58575 scontext=system_u:system_r:shorewall_t tcontext=system_u:object_r:shorewall_exec_t tclass=file

Jul 12 16:07:40 localhost kernel: [   30.601602] type=1400 audit(1310479660.600:162): avc:  denied  { execute_no_trans } for  pid=2170 comm="make" path="/sbin/shorewall" dev=sdb5 ino=58575 scontext=system_u:system_r:shorewall_t tcontext=system_u:object_r:shorewall_exec_t tclass=file

Jul 12 16:07:41 localhost kernel: [   31.575449] type=1400 audit(1310479661.574:163): avc:  denied  { execute } for  pid=2173 comm="perl" name="getparams" dev=sdb6 ino=17219 scontext=system_u:system_r:shorewall_t tcontext=system_u:object_r:usr_t tclass=file

Jul 12 16:08:50 localhost kernel: [    3.280510] type=1400 audit(1310486919.279:3): avc:  denied  { setattr } for  pid=1008 comm="mkdir" name="shm" dev=devtmpfs ino=316 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:device_t tclass=dir

Jul 12 16:08:50 localhost kernel: [    3.350369] type=1400 audit(1310486919.349:4): avc:  denied  { read write } for  pid=1021 comm="dmesg" name="console" dev=devtmpfs ino=20 scontext=system_u:system_r:dmesg_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:08:50 localhost kernel: [    3.351800] type=1400 audit(1310486919.350:5): avc:  denied  { syslog } for  pid=1021 comm="dmesg" capability=34  scontext=system_u:system_r:dmesg_t tcontext=system_u:system_r:dmesg_t tclass=capability2

Jul 12 16:08:50 localhost kernel: [    3.446493] type=1400 audit(1310486919.445:6): avc:  denied  { read write } for  pid=1037 comm="hwclock" name="console" dev=devtmpfs ino=20 scontext=system_u:system_r:hwclock_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:08:50 localhost kernel: [    3.593143] type=1400 audit(1310479719.592:7): avc:  denied  { read write } for  pid=1062 comm="fsck" name="console" dev=devtmpfs ino=20 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:08:50 localhost kernel: [    3.642643] type=1400 audit(1310479719.641: :Cool: : avc:  denied  { ioctl } for  pid=1063 comm="fsck.ext3" path="/dev/console" dev=devtmpfs ino=20 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:08:50 localhost kernel: [    3.647908] type=1400 audit(1310479719.646:9): avc:  denied  { open } for  pid=1063 comm="fsck.ext3" name="null" dev=devtmpfs ino=1877 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:08:50 localhost kernel: [    5.915910] type=1400 audit(1310479721.914:10): avc:  denied  { getattr } for  pid=1104 comm="mount" path="/dev/sdb6" dev=devtmpfs ino=218 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:device_t tclass=blk_file

Jul 12 16:08:50 localhost kernel: [    6.554822] type=1400 audit(1310479722.553:11): avc:  denied  { write } for  pid=1139 comm="rm" name="console" dev=sdb5 ino=80078 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:lib_t tclass=dir

Jul 12 16:08:50 localhost kernel: [    6.554843] type=1400 audit(1310479722.553:12): avc:  denied  { remove_name } for  pid=1139 comm="rm" name="keymap" dev=sdb5 ino=80079 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:lib_t tclass=dir

Jul 12 16:08:50 localhost kernel: [    6.554859] type=1400 audit(1310479722.553:13): avc:  denied  { unlink } for  pid=1139 comm="rm" name="keymap" dev=sdb5 ino=80079 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:lib_t tclass=file

Jul 12 16:08:50 localhost kernel: [    6.615414] type=1400 audit(1310479722.614:14): avc:  denied  { create } for  pid=1140 comm="mkdir" name=".test.1133" scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_run_t tclass=dir

Jul 12 16:08:50 localhost kernel: [    7.028705] type=1400 audit(1310479723.027:15): avc:  denied  { unlink } for  pid=1158 comm="rm" name="syslog-ng.ctl" dev=sdb7 ino=73737 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:devlog_t tclass=sock_file

Jul 12 16:08:50 localhost kernel: [    7.121813] type=1400 audit(1310479723.120:16): avc:  denied  { setattr } for  pid=1172 comm="chmod" name="/" dev=sdb8 ino=2 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:tmp_t tclass=dir

Jul 12 16:08:50 localhost kernel: [    7.238510] type=1400 audit(1310479723.237:17): avc:  denied  { read write } for  pid=1185 comm="restorecon" name="console" dev=devtmpfs ino=20 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:08:50 localhost kernel: [    7.330532] type=1400 audit(1310479723.329:1 :Cool: : avc:  denied  { create } for  pid=1186 comm="mkdir" name=".test.1133" scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_log_t tclass=dir

Jul 12 16:08:50 localhost kernel: [    7.342223] type=1400 audit(1310479723.341:19): avc:  denied  { rmdir } for  pid=1187 comm="rmdir" name=".test.1133" dev=sdb7 ino=65614 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_log_t tclass=dir

Jul 12 16:08:50 localhost kernel: [   13.878633] type=1400 audit(1310479729.877:26): avc:  denied  { syslog } for  pid=1928 comm="syslog-ng" capability=34  scontext=system_u:system_r:syslogd_t tcontext=system_u:system_r:syslogd_t tclass=capability2

Jul 12 16:08:50 localhost kernel: [   14.394355] type=1400 audit(1310479730.393:27): avc:  denied  { module_request } for  pid=1944 comm="named" kmod="net-pf-10" scontext=system_u:system_r:named_t tcontext=system_u:system_r:kernel_t tclass=system

Jul 12 16:08:52 localhost kernel: [   16.306297] type=1400 audit(1310479732.305:2 :Cool: : avc:  denied  { create } for  pid=1992 comm="gdm" name="gdm_socket" scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:var_run_t tclass=sock_file

Jul 12 16:08:52 localhost kernel: [   16.306354] type=1400 audit(1310479732.305:29): avc:  denied  { setattr } for  pid=1992 comm="gdm" name="gdm_socket" dev=sdb7 ino=73739 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:var_run_t tclass=sock_file

Jul 12 16:08:53 localhost kernel: [   17.015871] type=1400 audit(1310479733.014:30): avc:  denied  { write } for  pid=2029 comm="runscript.sh" name="oss" dev=proc ino=4026532226 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:proc_t tclass=file

Jul 12 16:08:56 localhost kernel: [   20.550688] type=1400 audit(1310479736.549:31): avc:  denied  { create } for  pid=1995 comm="X" scontext=system_u:system_r:xserver_t tcontext=system_u:system_r:xserver_t tclass=netlink_kobject_uevent_socket

Jul 12 16:08:56 localhost kernel: [   20.550737] type=1400 audit(1310479736.549:32): avc:  denied  { bind } for  pid=1995 comm="X" scontext=system_u:system_r:xserver_t tcontext=system_u:system_r:xserver_t tclass=netlink_kobject_uevent_socket

Jul 12 16:08:56 localhost kernel: [   20.550764] type=1400 audit(1310479736.549:33): avc:  denied  { getattr } for  pid=1995 comm="X" scontext=system_u:system_r:xserver_t tcontext=system_u:system_r:xserver_t tclass=netlink_kobject_uevent_socket

Jul 12 16:08:56 localhost kernel: [   20.550784] type=1400 audit(1310479736.549:34): avc:  denied  { setopt } for  pid=1995 comm="X" scontext=system_u:system_r:xserver_t tcontext=system_u:system_r:xserver_t tclass=netlink_kobject_uevent_socket

Jul 12 16:08:56 localhost kernel: [   20.565874] type=1400 audit(1310479736.564:35): avc:  denied  { getattr } for  pid=1995 comm="X" path="/dev/.udev/db/input:event2" dev=devtmpfs ino=2867 scontext=system_u:system_r:xserver_t tcontext=system_u:object_r:udev_tbl_t tclass=file

Jul 12 16:08:56 localhost kernel: [   20.565904] type=1400 audit(1310479736.564:36): avc:  denied  { read } for  pid=1995 comm="X" name="input:event2" dev=devtmpfs ino=2867 scontext=system_u:system_r:xserver_t tcontext=system_u:object_r:udev_tbl_t tclass=file

Jul 12 16:08:57 localhost kernel: [   21.314039] type=1400 audit(1310479737.312:37): avc:  denied  { append } for  pid=2104 comm="apache2" name="ssl_error_log" dev=sdb5 ino=40165 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:httpd_sys_content_t tclass=file

Jul 12 16:08:57 localhost kernel: [   21.415589] type=1400 audit(1310479737.414:3 :Cool: : avc:  denied  { write } for  pid=2102 comm="gdmgreeter" name="gdm_socket" dev=sdb7 ino=73739 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:var_run_t tclass=sock_file

Jul 12 16:09:00 localhost kernel: [   24.885175] type=1400 audit(1310479740.884:39): avc:  denied  { read write } for  pid=2157 comm="modprobe" path="socket:[4820]" dev=sockfs ino=4820 scontext=system_u:system_r:insmod_t tcontext=system_u:system_r:iptables_t tclass=rawip_socket

Jul 12 16:09:00 localhost kernel: [   24.907704] type=1400 audit(1310479740.906:40): avc:  denied  { read } for  pid=1995 comm="X" scontext=system_u:system_r:xserver_t tcontext=system_u:system_r:xserver_t tclass=netlink_kobject_uevent_socket

Jul 12 16:09:02 localhost kernel: [   26.149270] type=1400 audit(1310479742.148:45): avc:  denied  { execute } for  pid=2213 comm="perl" name="getparams" dev=sdb6 ino=17219 scontext=system_u:system_r:shorewall_t tcontext=system_u:object_r:usr_t tclass=file

Jul 12 16:09:02 localhost kernel: [   26.149353] type=1400 audit(1310479742.148:46): avc:  denied  { execute_no_trans } for  pid=2213 comm="perl" path="/usr/share/shorewall/getparams" dev=sdb6 ino=17219 scontext=system_u:system_r:shorewall_t tcontext=system_u:object_r:usr_t tclass=file

Jul 12 16:09:05 localhost kernel: [   29.253727] type=1400 audit(1310479745.252:47): avc:  denied  { getattr } for  pid=2647 comm="console-kit-dae" path="/var/log" dev=sdb7 ino=65537 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:var_log_t tclass=dir

Jul 12 16:09:05 localhost kernel: [   29.253753] type=1400 audit(1310479745.252:4 :Cool: : avc:  denied  { search } for  pid=2647 comm="console-kit-dae" name="log" dev=sdb7 ino=65537 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:var_log_t tclass=dir

Jul 12 16:09:05 localhost kernel: [   29.276755] type=1400 audit(1310479745.276:49): avc:  denied  { append } for  pid=2647 comm="console-kit-dae" name="history" dev=sdb7 ino=68461 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:var_log_t tclass=file

Jul 12 16:09:05 localhost kernel: [   29.276777] type=1400 audit(1310479745.276:50): avc:  denied  { open } for  pid=2647 comm="console-kit-dae" name="history" dev=sdb7 ino=68461 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:var_log_t tclass=file

Jul 12 16:09:05 localhost kernel: [   29.276811] type=1400 audit(1310479745.276:51): avc:  denied  { setattr } for  pid=2647 comm="console-kit-dae" name="history" dev=sdb7 ino=68461 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:var_log_t tclass=file

Jul 12 16:09:05 localhost kernel: [   29.276860] type=1400 audit(1310479745.276:52): avc:  denied  { getattr } for  pid=2647 comm="console-kit-dae" path="/var/log/ConsoleKit/history" dev=sdb7 ino=68461 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:var_log_t tclass=file

Jul 12 16:09:05 localhost kernel: [   29.307058] type=1400 audit(1310479745.306:53): avc:  denied  { read } for  pid=2647 comm="console-kit-dae" name="tty0" dev=devtmpfs ino=21 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tty_device_t tclass=chr_file

Jul 12 16:09:05 localhost kernel: [   29.307079] type=1400 audit(1310479745.306:54): avc:  denied  { open } for  pid=2647 comm="console-kit-dae" name="tty0" dev=devtmpfs ino=21 scontext=system_u:system_r:system_dbusd_t tcontext=system_u:object_r:tty_device_t tclass=chr_file

Jul 12 16:09:07 localhost kernel: [   31.151662] type=1400 audit(1310479747.150:81): avc:  denied  { search } for  pid=2764 comm="iceauth" name="/" dev=sdb8 ino=2 scontext=staff_u:staff_r:iceauth_t tcontext=system_u:object_r:tmp_t tclass=dir

Jul 12 16:09:07 localhost kernel: [   31.151741] type=1400 audit(1310479747.150:82): avc:  denied  { read } for  pid=2764 comm="iceauth" name=".xfsm-ICE-H2EKYV" dev=sdb8 ino=19 scontext=staff_u:staff_r:iceauth_t tcontext=staff_u:object_r:user_tmp_t tclass=file

Jul 12 16:09:07 localhost kernel: [   31.151768] type=1400 audit(1310479747.150:83): avc:  denied  { open } for  pid=2764 comm="iceauth" name=".xfsm-ICE-H2EKYV" dev=sdb8 ino=19 scontext=staff_u:staff_r:iceauth_t tcontext=staff_u:object_r:user_tmp_t tclass=file

Jul 12 16:09:07 localhost kernel: [   31.151811] type=1400 audit(1310479747.150:84): avc:  denied  { getattr } for  pid=2764 comm="iceauth" path="/tmp/.xfsm-ICE-H2EKYV" dev=sdb8 ino=19 scontext=staff_u:staff_r:iceauth_t tcontext=staff_u:object_r:user_tmp_t tclass=file

Jul 12 16:09:08 localhost kernel: [   32.700452] type=1400 audit(1310479748.699:85): avc:  denied  { read } for  pid=2772 comm="evince" name="evince" dev=sdb4 ino=2981971 scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:gnome_home_t tclass=file

Jul 12 16:09:08 localhost kernel: [   32.700483] type=1400 audit(1310479748.699:86): avc:  denied  { open } for  pid=2772 comm="evince" name="evince" dev=sdb4 ino=2981971 scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:gnome_home_t tclass=file

Jul 12 16:09:09 localhost kernel: [   33.629600] type=1400 audit(1310479749.628:87): avc:  denied  { create } for  pid=2796 comm="udisks-daemon" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=netlink_kobject_uevent_socket

Jul 12 16:09:09 localhost kernel: [   33.629702] type=1400 audit(1310479749.628:8 :Cool: : avc:  denied  { setopt } for  pid=2796 comm="udisks-daemon" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=netlink_kobject_uevent_socket

Jul 12 16:09:09 localhost kernel: [   33.629741] type=1400 audit(1310479749.628:89): avc:  denied  { bind } for  pid=2796 comm="udisks-daemon" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=netlink_kobject_uevent_socket

Jul 12 16:09:09 localhost kernel: [   33.629779] type=1400 audit(1310479749.628:90): avc:  denied  { getattr } for  pid=2796 comm="udisks-daemon" scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=netlink_kobject_uevent_socket

Jul 12 16:09:12 localhost kernel: [   36.318321] type=1400 audit(1310479752.317:9 :Cool: : avc:  denied  { create } for  pid=2807 comm="gconfd-2" name=".testing.writeability" scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=file

Jul 12 16:09:12 localhost kernel: [   36.318405] type=1400 audit(1310479752.317:99): avc:  denied  { write open } for  pid=2807 comm="gconfd-2" name=".testing.writeability" dev=sdb4 ino=2974294 scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=file

Jul 12 16:09:12 localhost kernel: [   36.318513] type=1400 audit(1310479752.317:100): avc:  denied  { remove_name } for  pid=2807 comm="gconfd-2" name=".testing.writeability" dev=sdb4 ino=2974294 scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=dir

Jul 12 16:09:12 localhost kernel: [   36.318530] type=1400 audit(1310479752.317:101): avc:  denied  { unlink } for  pid=2807 comm="gconfd-2" name=".testing.writeability" dev=sdb4 ino=2974294 scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=file

Jul 12 16:09:12 localhost kernel: [   36.318590] type=1400 audit(1310479752.317:102): avc:  denied  { read } for  pid=2807 comm="gconfd-2" name=".gconf" dev=sdb4 ino=2973704 scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=dir

Jul 12 16:09:12 localhost kernel: [   36.318607] type=1400 audit(1310479752.317:103): avc:  denied  { open } for  pid=2807 comm="gconfd-2" name=".gconf" dev=sdb4 ino=2973704 scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=dir

Jul 12 16:09:12 localhost kernel: [   36.356392] type=1400 audit(1310479752.355:104): avc:  denied  { read } for  pid=2807 comm="gconfd-2" name="saved_state" dev=sdb4 ino=2974297 scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=file

Jul 12 16:09:12 localhost kernel: [   36.356462] type=1400 audit(1310479752.355:105): avc:  denied  { getattr } for  pid=2807 comm="gconfd-2" path="/home/mario/.gconfd/saved_state" dev=sdb4 ino=2974297 scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=file

Jul 12 16:09:12 localhost kernel: [   36.362673] type=1400 audit(1310479752.361:106): avc:  denied  { append } for  pid=2807 comm="gconfd-2" name="saved_state" dev=sdb4 ino=2974297 scontext=staff_u:staff_r:staff_dbusd_t tcontext=staff_u:object_r:gconf_home_t tclass=file

Jul 12 16:09:12 localhost kernel: [   36.363666] type=1400 audit(1310479752.362:107): avc:  denied  { search } for  pid=2807 comm="gconfd-2" name="dbus" dev=sdb7 ino=73733 scontext=staff_u:staff_r:staff_dbusd_t tcontext=system_u:object_r:system_dbusd_var_run_t tclass=dir

Jul 12 16:09:17 localhost kernel: [   41.798095] type=1400 audit(1310479757.797:117): avc:  denied  { sys_ptrace } for  pid=2647 comm="console-kit-dae" capability=19  scontext=system_u:system_r:system_dbusd_t tcontext=system_u:system_r:system_dbusd_t tclass=capability

Jul 12 16:09:28 localhost kernel: [   52.485866] type=1400 audit(1310479768.484:118): avc:  denied  { module_request } for  pid=2773 comm="seamonkey-bin" kmod="net-pf-10" scontext=staff_u:staff_r:staff_t tcontext=system_u:system_r:kernel_t tclass=system

Jul 12 16:09:37 localhost kernel: [   61.566025] type=1400 audit(1310479777.564:119): avc:  denied  { search } for  pid=2877 comm="su" name="root" dev=sdb5 ino=80002 scontext=staff_u:staff_r:staff_su_t tcontext=root:object_r:user_home_dir_t tclass=dir

Jul 12 16:09:37 localhost kernel: [   61.612700] type=1400 audit(1310479777.611:120): avc:  denied  { search } for  pid=2877 comm="su" name="contexts" dev=sdb5 ino=80187 scontext=staff_u:staff_r:staff_su_t tcontext=system_u:object_r:default_context_t tclass=dir

Jul 12 16:09:37 localhost kernel: [   61.612734] type=1400 audit(1310479777.611:121): avc:  denied  { search } for  pid=2877 comm="su" name="files" dev=sdb5 ino=80219 scontext=staff_u:staff_r:staff_su_t tcontext=system_u:object_r:file_context_t tclass=dir

Jul 12 16:09:37 localhost kernel: [   61.612782] type=1400 audit(1310479777.611:122): avc:  denied  { read } for  pid=2877 comm="su" name="file_contexts" dev=sdb5 ino=81260 scontext=staff_u:staff_r:staff_su_t tcontext=staff_u:object_r:file_context_t tclass=file

Jul 12 16:09:37 localhost kernel: [   61.612800] type=1400 audit(1310479777.611:123): avc:  denied  { open } for  pid=2877 comm="su" name="file_contexts" dev=sdb5 ino=81260 scontext=staff_u:staff_r:staff_su_t tcontext=staff_u:object_r:file_context_t tclass=file

Jul 12 16:09:37 localhost kernel: [   61.612824] type=1400 audit(1310479777.611:124): avc:  denied  { getattr } for  pid=2877 comm="su" path="/etc/selinux/strict/contexts/files/file_contexts" dev=sdb5 ino=81260 scontext=staff_u:staff_r:staff_su_t tcontext=staff_u:object_r:file_context_t tclass=file

Jul 12 16:09:37 localhost kernel: [   61.672714] type=1400 audit(1310479777.671:125): avc:  denied  { setfscreate } for  pid=2877 comm="su" scontext=staff_u:staff_r:staff_su_t tcontext=staff_u:staff_r:staff_su_t tclass=process

Jul 12 16:09:37 localhost kernel: [   61.672837] type=1400 audit(1310479777.671:126): avc:  denied  { write } for  pid=2877 comm="su" name="root" dev=sdb5 ino=80002 scontext=staff_u:staff_r:staff_su_t tcontext=root:object_r:user_home_dir_t tclass=dir

Jul 12 16:09:37 localhost kernel: [   61.672853] type=1400 audit(1310479777.671:127): avc:  denied  { add_name } for  pid=2877 comm="su" name=".xauthRYu8Bd" scontext=staff_u:staff_r:staff_su_t tcontext=root:object_r:user_home_dir_t tclass=dir

Jul 12 16:09:37 localhost kernel: [   61.672918] type=1400 audit(1310479777.671:128): avc:  denied  { create } for  pid=2877 comm="su" name=".xauthRYu8Bd" scontext=staff_u:staff_r:staff_su_t tcontext=root:object_r:xauth_home_t tclass=file

Jul 12 16:10:06 localhost kernel: [   90.994145] type=1400 audit(1310479806.993:141): avc:  denied  { mounton } for  pid=2889 comm="mount" path="/mnt/gentoo" dev=sdb5 ino=40006 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:mnt_t tclass=dir

Jul 12 16:10:06 localhost kernel: [   90.994205] type=1400 audit(1310479806.993:142): avc:  denied  { write } for  pid=2889 comm="mount" name="/" dev=sdb5 ino=2 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:root_t tclass=dir

Jul 12 16:10:06 localhost kernel: [   90.994280] type=1400 audit(1310479806.993:143): avc:  denied  { write } for  pid=2889 comm="mount" name="mtab" dev=sdb5 ino=74889 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:etc_runtime_t tclass=file

Jul 12 16:10:06 localhost kernel: [   90.994571] type=1400 audit(1310479806.993:144): avc:  denied  { write } for  pid=2889 comm="mount" name="etc" dev=sdb5 ino=72001 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:etc_t tclass=dir

Jul 12 16:10:06 localhost kernel: [   90.994597] type=1400 audit(1310479806.993:145): avc:  denied  { add_name } for  pid=2889 comm="mount" name="mtab~2889" scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:etc_t tclass=dir

Jul 12 16:10:06 localhost kernel: [   90.994724] type=1400 audit(1310479806.993:146): avc:  denied  { create } for  pid=2889 comm="mount" name="mtab~2889" scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:etc_t tclass=file

Jul 12 16:10:06 localhost kernel: [   90.994834] type=1400 audit(1310479806.993:147): avc:  denied  { write } for  pid=2889 comm="mount" name="mtab~2889" dev=sdb5 ino=74752 scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:etc_t tclass=file

Jul 12 16:10:06 localhost kernel: [   90.994889] type=1400 audit(1310479806.993:148): avc:  denied  { link } for  pid=2889 comm="mount" name="mtab~2889" dev=sdb5 ino=74752 scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:etc_t tclass=file

Jul 12 16:10:06 localhost kernel: [   90.994962] type=1400 audit(1310479806.993:149): avc:  denied  { remove_name } for  pid=2889 comm="mount" name="mtab~2889" dev=sdb5 ino=74752 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:etc_t tclass=dir

Jul 12 16:10:06 localhost kernel: [   90.994989] type=1400 audit(1310479806.993:150): avc:  denied  { unlink } for  pid=2889 comm="mount" name="mtab~2889" dev=sdb5 ino=74752 scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:etc_t tclass=file

Jul 12 16:11:03 localhost kernel: [  147.243846] type=1400 audit(1310479863.242:154): avc:  denied  { unmount } for  pid=2892 comm="umount" scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:fs_t tclass=filesystem

Jul 12 16:11:03 localhost kernel: [  147.244672] type=1400 audit(1310479863.243:155): avc:  denied  { write } for  pid=2892 comm="umount" name="etc" dev=sdb5 ino=72001 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:etc_t tclass=dir

Jul 12 16:11:03 localhost kernel: [  147.244700] type=1400 audit(1310479863.243:156): avc:  denied  { add_name } for  pid=2892 comm="umount" name="mtab~2892" scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:etc_t tclass=dir

Jul 12 16:11:03 localhost kernel: [  147.244887] type=1400 audit(1310479863.243:157): avc:  denied  { remove_name } for  pid=2892 comm="umount" name="mtab~2892" dev=sdb5 ino=74752 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:etc_t tclass=dir

Jul 12 16:11:10 localhost kernel: [  154.427715] type=1400 audit(1310479870.426:158): avc:  denied  { read } for  pid=2893 comm="cat" name="avc.log" dev=sdb7 ino=68464 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:var_log_t tclass=file

Jul 12 16:11:10 localhost kernel: [  154.427736] type=1400 audit(1310479870.426:159): avc:  denied  { open } for  pid=2893 comm="cat" name="avc.log" dev=sdb7 ino=68464 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:var_log_t tclass=file

Jul 12 16:14:23 localhost kernel: [  347.881903] type=1400 audit(1310480063.880:160): avc:  denied  { setuid } for  pid=2894 comm="shutdown" capability=7  scontext=staff_u:staff_r:staff_t tcontext=staff_u:staff_r:staff_t tclass=capability

Jul 12 16:14:23 localhost kernel: [  347.882127] type=1400 audit(1310480063.881:161): avc:  denied  { write } for  pid=2894 comm="shutdown" name="run" dev=sdb7 ino=73729 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:var_run_t tclass=dir

Jul 12 16:14:23 localhost kernel: [  347.882153] type=1400 audit(1310480063.881:162): avc:  denied  { add_name } for  pid=2894 comm="shutdown" name="shutdown.pid" scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:var_run_t tclass=dir

Jul 12 16:14:23 localhost kernel: [  347.882343] type=1400 audit(1310480063.881:163): avc:  denied  { create } for  pid=2894 comm="shutdown" name="shutdown.pid" scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:var_run_t tclass=file

Jul 12 16:14:23 localhost kernel: [  347.882471] type=1400 audit(1310480063.881:164): avc:  denied  { write open } for  pid=2894 comm="shutdown" name="shutdown.pid" dev=sdb7 ino=73783 scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:var_run_t tclass=file

Jul 12 16:14:23 localhost kernel: [  347.884038] type=1400 audit(1310480063.882:165): avc:  denied  { write } for  pid=2894 comm="shutdown" name="log" dev=devtmpfs ino=4489 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:devlog_t tclass=sock_file

Jul 12 16:14:23 localhost kernel: [  347.884184] type=1400 audit(1310480063.883:166): avc:  denied  { connectto } for  pid=2894 comm="shutdown" path="/dev/log" scontext=staff_u:staff_r:staff_t tcontext=system_u:system_r:syslogd_t tclass=unix_stream_socket

Jul 12 16:14:23 localhost kernel: [  347.884196] type=1400 audit(1310480063.883:167): avc:  denied  { write } for  pid=2895 comm="shutdown" name="tty7" dev=devtmpfs ino=32 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:tty_device_t tclass=chr_file

Jul 12 16:14:23 localhost kernel: [  347.884227] type=1400 audit(1310480063.883:168): avc:  denied  { open } for  pid=2895 comm="shutdown" name="tty7" dev=devtmpfs ino=32 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:tty_device_t tclass=chr_file

Jul 12 16:14:23 localhost kernel: [  347.884244] type=1400 audit(1310480063.883:169): avc:  denied  { remove_name } for  pid=2894 comm="shutdown" name="shutdown.pid" dev=sdb7 ino=73783 scontext=staff_u:staff_r:staff_t tcontext=system_u:object_r:var_run_t tclass=dir

Jul 12 16:14:31 localhost kernel: [  355.058314] type=1400 audit(1310480071.057:185): avc:  denied  { write } for  pid=3313 comm="cp" name="card0_pcm0c" dev=sdb7 ino=65572 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:alsa_var_lib_t tclass=file

Jul 12 16:14:31 localhost kernel: [  355.173264] type=1400 audit(1310480071.172:186): avc:  denied  { append } for  pid=2883 comm="bash" name=".bash_history" dev=sdb5 ino=80025 scontext=staff_u:staff_r:staff_t tcontext=root:object_r:user_home_t tclass=file

Jul 12 16:14:31 localhost kernel: [  355.173294] type=1400 audit(1310480071.172:187): avc:  denied  { open } for  pid=2883 comm="bash" name=".bash_history" dev=sdb5 ino=80025 scontext=staff_u:staff_r:staff_t tcontext=root:object_r:user_home_t tclass=file

Jul 12 16:14:31 localhost kernel: [  355.173408] type=1400 audit(1310480071.172:188): avc:  denied  { read } for  pid=2883 comm="bash" name=".bash_history" dev=sdb5 ino=80025 scontext=staff_u:staff_r:staff_t tcontext=root:object_r:user_home_t tclass=file

Jul 12 16:14:31 localhost kernel: [  355.173552] type=1400 audit(1310480071.172:189): avc:  denied  { write } for  pid=2883 comm="bash" name=".bash_history" dev=sdb5 ino=80025 scontext=staff_u:staff_r:staff_t tcontext=root:object_r:user_home_t tclass=file

Jul 12 16:14:31 localhost kernel: [  355.178297] type=1400 audit(1310480071.177:190): avc:  denied  { search } for  pid=2877 comm="su" name="root" dev=sdb5 ino=80002 scontext=staff_u:staff_r:staff_su_t tcontext=root:object_r:user_home_dir_t tclass=dir

Jul 12 16:14:31 localhost kernel: [  355.178331] type=1400 audit(1310480071.177:191): avc:  denied  { write } for  pid=2877 comm="su" name="root" dev=sdb5 ino=80002 scontext=staff_u:staff_r:staff_su_t tcontext=root:object_r:user_home_dir_t tclass=dir

Jul 12 16:14:31 localhost kernel: [  355.178383] type=1400 audit(1310480071.177:192): avc:  denied  { remove_name } for  pid=2877 comm="su" name=".xauthRYu8Bd" dev=sdb5 ino=81030 scontext=staff_u:staff_r:staff_su_t tcontext=root:object_r:user_home_dir_t tclass=dir

Jul 12 16:14:31 localhost kernel: [  355.178453] type=1400 audit(1310480071.177:193): avc:  denied  { unlink } for  pid=2877 comm="su" name=".xauthRYu8Bd" dev=sdb5 ino=81030 scontext=staff_u:staff_r:staff_su_t tcontext=staff_u:object_r:xauth_home_t tclass=file

Jul 12 16:14:31 localhost kernel: [  355.539779] type=1400 audit(1310480071.538:194): avc:  denied  { unlink } for  pid=1992 comm="gdm" name="gdm_socket" dev=sdb7 ino=73739 scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:var_run_t tclass=sock_file

Jul 12 16:15:18 localhost kernel: [    2.507635] type=1400 audit(1310487308.506:2): avc:  denied  { setattr } for  pid=371 comm="khubd" name="mouse1" dev=devtmpfs ino=2042 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    2.508325] type=1400 audit(1310487308.507:3): avc:  denied  { setattr } for  pid=371 comm="khubd" name="event5" dev=devtmpfs ino=2043 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    2.509020] type=1400 audit(1310487308.507:4): avc:  denied  { setattr } for  pid=371 comm="khubd" name="hidraw2" dev=devtmpfs ino=2044 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    2.888307] type=1400 audit(1310487308.887:6): avc:  denied  { setattr } for  pid=981 comm="mount" name="/" dev=proc ino=1 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:proc_t tclass=dir

Jul 12 16:15:18 localhost kernel: [    2.971893] type=1400 audit(1310487308.970:7): avc:  denied  { setattr } for  pid=989 comm="mount" name="/" dev=tmpfs ino=235 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:initrc_state_t tclass=dir

Jul 12 16:15:18 localhost kernel: [    3.182218] type=1400 audit(1310487309.181: :Cool: : avc:  denied  { setattr } for  pid=1003 comm="mount" name="/" dev=devpts ino=1 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:devpts_t tclass=dir

Jul 12 16:15:18 localhost kernel: [    3.195103] type=1400 audit(1310487309.194:9): avc:  denied  { setattr } for  pid=1007 comm="mkdir" name="shm" dev=devtmpfs ino=240 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:device_t tclass=dir

Jul 12 16:15:18 localhost kernel: [    3.223500] type=1400 audit(1310487309.222:10): avc:  denied  { setattr } for  pid=1011 comm="mount" name="/" dev=tmpfs ino=247 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:device_t tclass=dir

Jul 12 16:15:18 localhost kernel: [    5.375536] type=1400 audit(1310480111.375:64): avc:  denied  { create } for  pid=1140 comm="mkdir" name=".test.1133" scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_run_t tclass=dir

Jul 12 16:15:18 localhost kernel: [    5.407530] type=1400 audit(1310480111.406:65): avc:  denied  { setattr } for  pid=1143 comm="chmod" name="/" dev=sdb8 ino=2 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:tmp_t tclass=dir

Jul 12 16:15:18 localhost kernel: [    5.616987] type=1400 audit(1310480111.616:66): avc:  denied  { read write } for  pid=1154 comm="restorecon" name="console" dev=devtmpfs ino=1878 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    5.617090] type=1400 audit(1310480111.616:67): avc:  denied  { read write } for  pid=1154 comm="restorecon" path="/dev/console" dev=devtmpfs ino=1878 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    5.617145] type=1400 audit(1310480111.616:6 :Cool: : avc:  denied  { read write } for  pid=1154 comm="restorecon" path="/dev/console" dev=devtmpfs ino=1878 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    5.617163] type=1400 audit(1310480111.616:69): avc:  denied  { read write } for  pid=1154 comm="restorecon" path="/dev/console" dev=devtmpfs ino=1878 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    5.723560] type=1400 audit(1310480111.723:70): avc:  denied  { create } for  pid=1155 comm="mkdir" name=".test.1133" scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_log_t tclass=dir

Jul 12 16:15:18 localhost kernel: [    5.826329] type=1400 audit(1310480111.825:71): avc:  denied  { setattr } for  pid=1169 comm="runscript.sh" name="vcs2" dev=devtmpfs ino=380 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    5.826515] type=1400 audit(1310480111.825:72): avc:  denied  { setattr } for  pid=1169 comm="runscript.sh" name="vcsa2" dev=devtmpfs ino=381 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [    5.826793] type=1400 audit(1310480111.825:73): avc:  denied  { setattr } for  pid=1169 comm="runscript.sh" name="vcs3" dev=devtmpfs ino=382 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:15:18 localhost kernel: [   12.033687] type=1400 audit(1310480118.032:152): avc:  denied  { syslog } for  pid=1905 comm="syslog-ng" capability=34  scontext=system_u:system_r:syslogd_t tcontext=system_u:system_r:syslogd_t tclass=capability2

Jul 12 16:15:18 localhost kernel: [   12.781038] type=1400 audit(1310480118.780:153): avc:  denied  { module_request } for  pid=1921 comm="named" kmod="net-pf-10" scontext=system_u:system_r:named_t tcontext=system_u:system_r:kernel_t tclass=system

Jul 12 16:15:20 localhost kernel: [   14.759382] type=1400 audit(1310480120.758:154): avc:  denied  { create } for  pid=1967 comm="gdm" name="gdm_socket" scontext=system_u:system_r:xdm_t tcontext=system_u:object_r:var_run_t tclass=sock_file

Jul 12 16:15:21 localhost kernel: [   15.444307] type=1400 audit(1310480121.443:155): avc:  denied  { write } for  pid=2004 comm="runscript.sh" name="oss" dev=proc ino=4026532226 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:proc_t tclass=file

Jul 12 16:15:21 localhost kernel: [   15.449791] type=1400 audit(1310480121.448:156): avc:  denied  { write } for  pid=2008 comm="runscript.sh" name="oss" dev=proc ino=4026532225 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:proc_t tclass=file

Jul 12 16:15:21 localhost kernel: [   15.455156] type=1400 audit(1310480121.454:157): avc:  denied  { write } for  pid=2012 comm="runscript.sh" name="oss" dev=proc ino=4026532224 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:proc_t tclass=file

Jul 12 16:15:25 localhost kernel: [   19.136831] type=1400 audit(1310480125.135:158): avc:  denied  { create } for  pid=1970 comm="X" scontext=system_u:system_r:xserver_t tcontext=system_u:system_r:xserver_t tclass=netlink_kobject_uevent_socket

Jul 12 16:15:25 localhost kernel: [   19.941363] type=1400 audit(1310480125.940:159): avc:  denied  { append } for  pid=2085 comm="apache2" name="ssl_error_log" dev=sdb5 ino=40165 scontext=system_u:system_r:httpd_t tcontext=system_u:object_r:httpd_sys_content_t tclass=file

Jul 12 16:15:36 localhost kernel: [   30.549437] type=1400 audit(1310480136.548:160): avc:  denied  { read write } for  pid=2144 comm="modprobe" path="socket:[5103]" dev=sockfs ino=5103 scontext=system_u:system_r:insmod_t tcontext=system_u:system_r:iptables_t tclass=rawip_socket

Jul 12 16:15:36 localhost kernel: [   30.648441] type=1400 audit(1310480136.648:161): avc:  denied  { execute_no_trans } for  pid=2165 comm="make" path="/sbin/shorewall" dev=sdb5 ino=58575 scontext=system_u:system_r:shorewall_t tcontext=system_u:object_r:shorewall_exec_t tclass=file

Jul 12 16:15:36 localhost kernel: [   30.648790] type=1400 audit(1310480136.648:162): avc:  denied  { execute_no_trans } for  pid=2166 comm="make" path="/sbin/shorewall" dev=sdb5 ino=58575 scontext=system_u:system_r:shorewall_t tcontext=system_u:object_r:shorewall_exec_t tclass=file

Jul 12 16:15:37 localhost kernel: [   31.614647] type=1400 audit(1310480137.613:163): avc:  denied  { execute } for  pid=2169 comm="perl" name="getparams" dev=sdb6 ino=17219 scontext=system_u:system_r:shorewall_t tcontext=system_u:object_r:usr_t tclass=file

Jul 12 16:16:22 localhost kernel: [    3.246239] type=1400 audit(1310487372.245:3): avc:  denied  { setattr } for  pid=1008 comm="mkdir" name="shm" dev=devtmpfs ino=228 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:device_t tclass=dir

Jul 12 16:16:22 localhost kernel: [    3.316068] type=1400 audit(1310487372.315:4): avc:  denied  { read write } for  pid=1021 comm="dmesg" name="console" dev=devtmpfs ino=1880 scontext=system_u:system_r:dmesg_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:16:22 localhost kernel: [    3.317504] type=1400 audit(1310487372.316:5): avc:  denied  { syslog } for  pid=1021 comm="dmesg" capability=34  scontext=system_u:system_r:dmesg_t tcontext=system_u:system_r:dmesg_t tclass=capability2

Jul 12 16:16:22 localhost kernel: [    3.412008] type=1400 audit(1310487372.410:6): avc:  denied  { read write } for  pid=1037 comm="hwclock" name="console" dev=devtmpfs ino=1880 scontext=system_u:system_r:hwclock_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:16:22 localhost kernel: [    3.558639] type=1400 audit(1310480172.557:7): avc:  denied  { read write } for  pid=1062 comm="fsck" name="console" dev=devtmpfs ino=1880 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:16:22 localhost kernel: [    3.608125] type=1400 audit(1310480172.607: :Cool: : avc:  denied  { ioctl } for  pid=1063 comm="fsck.ext3" path="/dev/console" dev=devtmpfs ino=1880 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:16:22 localhost kernel: [    3.613404] type=1400 audit(1310480172.612:9): avc:  denied  { open } for  pid=1063 comm="fsck.ext3" name="null" dev=devtmpfs ino=1871 scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:16:22 localhost kernel: [    5.864756] type=1400 audit(1310480174.863:10): avc:  denied  { getattr } for  pid=1104 comm="mount" path="/dev/sdb6" dev=devtmpfs ino=174 scontext=system_u:system_r:mount_t tcontext=system_u:object_r:device_t tclass=blk_file

Jul 12 16:16:22 localhost kernel: [    6.495559] type=1400 audit(1310480175.494:11): avc:  denied  { write } for  pid=1139 comm="rm" name="console" dev=sdb5 ino=80078 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:lib_t tclass=dir

Jul 12 16:16:22 localhost kernel: [    6.495580] type=1400 audit(1310480175.494:12): avc:  denied  { remove_name } for  pid=1139 comm="rm" name="keymap" dev=sdb5 ino=80079 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:lib_t tclass=dir

Jul 12 16:16:22 localhost kernel: [    6.495597] type=1400 audit(1310480175.494:13): avc:  denied  { unlink } for  pid=1139 comm="rm" name="keymap" dev=sdb5 ino=80079 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:lib_t tclass=file

Jul 12 16:16:22 localhost kernel: [    6.555984] type=1400 audit(1310480175.555:14): avc:  denied  { create } for  pid=1140 comm="mkdir" name=".test.1133" scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_run_t tclass=dir

Jul 12 16:16:22 localhost kernel: [    6.961053] type=1400 audit(1310480175.960:15): avc:  denied  { unlink } for  pid=1158 comm="rm" name="syslog-ng.ctl" dev=sdb7 ino=73737 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:devlog_t tclass=sock_file

Jul 12 16:16:22 localhost kernel: [    7.056708] type=1400 audit(1310480176.055:16): avc:  denied  { setattr } for  pid=1172 comm="chmod" name="/" dev=sdb8 ino=2 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:tmp_t tclass=dir

Jul 12 16:16:22 localhost kernel: [    7.162510] type=1400 audit(1310480176.161:17): avc:  denied  { read write } for  pid=1185 comm="restorecon" name="console" dev=devtmpfs ino=1880 scontext=system_u:system_r:setfiles_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:16:22 localhost kernel: [    7.254493] type=1400 audit(1310480176.253:1 :Cool: : avc:  denied  { create } for  pid=1186 comm="mkdir" name=".test.1133" scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_log_t tclass=dir

Jul 12 16:16:22 localhost kernel: [    7.266060] type=1400 audit(1310480176.265:19): avc:  denied  { rmdir } for  pid=1187 comm="rmdir" name=".test.1133" dev=sdb7 ino=65614 scontext=system_u:system_r:initrc_t tcontext=system_u:object_r:var_log_t tclass=dir

Jul 12 16:16:22 localhost kernel: [   13.337392] type=1400 audit(1310480182.336:26): avc:  denied  { syslog } for  pid=1928 comm="syslog-ng" capability=34  scontext=system_u:system_r:syslogd_t tcontext=system_u:system_r:Last edited by marios on Fri Jul 15, 2011 12:23 pm; edited 1 time in total

----------

## Ant P.

You're denying all processes access to the keyboard/mouse input device files, among other things.

----------

## marios

I wrote the module to allow xorg., but it equally denies !

I think the cause is However this part of the log :

```

Jul 12 16:08:56 localhost kernel: [ 20.565874] type=1400 audit(1310479736.564:35): avc: denied { getattr } for pid=1995 comm="X" path="/dev/.udev/db/input:event2" dev=devtmpfs ino=2867 scontext=system_u:system_r:xserver_t tcontext=system_u:object_r:udev_tbl_t tclass=file 

```

. thank you for the answer.

----------

## Sven Vermeulen

If you boot with permissive, and switch to enforcing after boot, does that still render the keyboard useless?

At first sight, I would focus on the following:

```

Jul 12 16:07:22 localhost kernel: [ 2.488633] type=1400 audit(1310486832.487:2): avc: denied { setattr } for pid=371 comm="khubd" name="mouse1" dev=devtmpfs ino=1996 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [ 2.489321] type=1400 audit(1310486832.488:3): avc: denied { setattr } for pid=371 comm="khubd" name="event5" dev=devtmpfs ino=1997 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file

Jul 12 16:07:22 localhost kernel: [ 2.490293] type=1400 audit(1310486832.489:4): avc: denied { setattr } for pid=371 comm="khubd" name="hidraw2" dev=devtmpfs ino=1998 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t tclass=chr_file 

```

I don't know khubd or what it really does, but some quick searches on Google gave me the impression that this might help us find the culprit.

----------

## marios

hi Sven, i reinstalled gentoo with selinux-v2refpolicy-hardened profile. the previous profile was not hardened , only selinux-v2refpolicy.

he problem has come back, the keyboard is locked.

But this time, the module that I wrote, it worked. Strange! 

i' did like you : I installed xfce4 desktop with selinux enforcing (strict) policy and it works fine ! the problem is SOLVED

if it were to help someone that is the *.te file.

```

module setX 1.0;

require {

        type staff_t;

        type xserver_t;

        type udev_tbl_t;

        class process getpgid;

        class netlink_kobject_uevent_socket { bind create getattr setopt };

        class file { read getattr open };

}

#============= xserver_t ==============

allow xserver_t self:netlink_kobject_uevent_socket { bind create getattr setopt };

allow xserver_t staff_t:process getpgid;

allow xserver_t udev_tbl_t:file { read getattr open };

```

----------

