On 07/20/2015 11:57 AM, Gordon Messmer wrote:
On 07/20/2015 10:47 AM, jd1008 wrote:
So, how did it become permissive??
We have no way to answer that. Your audit log would record the time
at which the system entered permissive mode.
How incredibly mysterious is that?
here are a few of the lines from audit.log.
All of the output of the command below
showed .......permissive=0
# grep -i permissive audit.log
type=AVC msg=audit(1437355414.517:526): avc: denied { write } for
pid=2365 comm="blueman-mechani" name="/" dev="tmpfs" ino=13776
scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023
tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1437355414.517:527): avc: denied { write } for
pid=2365 comm="blueman-mechani" name="/" dev="debugfs" ino=1
scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023
tcontext=system_u:object_r:debugfs_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1437355414.517:528): avc: denied { write } for
pid=2365 comm="blueman-mechani" name="/" dev="nfsd" ino=1
scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023
tcontext=system_u:object_r:nfsd_fs_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1437355414.517:529): avc: denied { write } for
pid=2365 comm="blueman-mechani" name="/" dev="sdb3" ino=2
scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023
tcontext=system_u:object_r:default_t:s0 tclass=dir permissive=0
type=AVC msg=audit(1437355414.517:530): avc: denied { write } for
pid=2365 comm="blueman-mechani" name="/" dev="fusectl" ino=1
scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023
tcontext=system_u:object_r:fusefs_t:s0 tclass=dir permissive=0
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
