whoops, forgot the rest of the output:
---------------
Stopping yum-updatesd: [ OK ]
Stopping anacron: [ OK ]
Stopping atd: [ OK ]
Stopping cups: [ OK ]
Stopping hpiod: [ OK ]
Stopping hpssd: [ OK ]
Shutting down xfs: [ OK ]
Shutting down console mouse services: [ OK ]
Stopping sshd: [ OK ]
Shutting down sm-client: [ OK ]
Shutting down sendmail: [ OK ]
/etc/rc0.d/K50esp: line 109: [: localhost: binary operator expected
Stopping acpi daemon: [ OK ]
Stopping crond: [ OK ]
Shutting down RPC idmapd: [ OK ]
Stopping autofs: Stopping automount: [ OK ]
[ OK ]
Stopping system message bus: [ OK ]
Stopping NFS statd: [ OK ]
Stopping mcstransd: [ OK ]
Stopping portmap: [ OK ]
Stopping auditd:audit(1178276231.766:704): avc: denied { write } for
pid=2911
comm="auditd" name="log" dev=tmpfs ino=10195
scontext=system_u:system_r:auditd_
t:s0 tcontext=system_u:object_r:device_t:s0 tclass=sock_file
audit(1178276231.766:705): audit_pid=0 old=ystem_r:klogd_t:s0 key=(null)
<5>audit("log" dev=tmpfs ino==(>audit(1178276231.850:1364): avc: deniite }
for
pid=3501 comm="klogd" name="ltmpfs ino=10195 scontext=system_u:system_t:s0
tcon
text=system_u:object_r:devicelass=sock_file
<5>audit(1178276231.891:rch=c000003e syscall=42 success=no exit1
a1=55555575b960
a2=a a3=7fff7d41b1f3 ppid=1 pid=3501 auid=4294967295 uid=0 gi=0 suid=0
fsuid=0
egid=0 sgid=0 fsgid=0 e) comm="klogd" exe="/sbin/klogd"
subj=:system_r:klogd_t:s
0 key=(null)
<5>audi6231.963:4203): avc: denied { write }d=3501 comm="klogd" name="log"
dev
=tmpf195
scontext=system_u:system_r:klogd_t:sxt=system_u:object_r:device_t:s0 tc
lass=e
<5>audit(1178276232.004:5235): arch= syscall=42 success=no exit=-13 a0=1
a15b960
a2=a a3=7fff7d41b1f3 items=0 ppid501 auid=4294967295 uid=0 gid=0 euid=0
suid=0
egid=0 sgid=0 fsgid=0 tty=(none) cgd" exe="/sbin/klogd"
subj=system_u:sysogd_t:s
0 key=(null)
<5>audit(11782762342): avc: denied { write } for pid=35"klogd" name="log"
dev
=tmpfs ino=10195 =system_u:system_r:klogd_t:s0
tcontext=sobject_r:device_t:s0 tc
lass=sock_file
(1178276232.117:8074): arch=c000003e syssuccess=no exit=-13 a0=1
a1=55555575b963
=7fff7d41b1f3 items=0 ppid=1 pid=3501 4967295 uid=0 gid=0 euid=0 suid=0
fsuid= s
gid=0 fsgid=0 tty=(none) comm="klogd" in/klogd"
subj=system_u:system_r:klogd_=(n
ull)
<5>audit(1178276232.179:9623): nied { write } for pid=3501
comm="klogd41b1f3 i
tems=0 ppid=1 pid=3501 auid=42967295 uid=0 gid=0 euid=0 suid=0 fsuid=0gid=0
sgid
=0 fsgid=0 tty=(none) comm="kgd" exe="/sbin/klogd"
subj=system_u:sysm_r:klogd_t:
s0 key=(null)
<5>audit(11786232.251:11424): avc: denied { write }or pid=3501
comm="klogd" n
ame="log" detmpfs ino=10195 scontext=system_u:syster:klogd_t:s0
tcontext=system_
u:object_r:vice_t:s0 tclass=sock_file
<5>audit(18276232.302:12709): arch=c000003e syscall2 success=no exit=-13
a0=1 a1
.
.
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
