[WBEL-users] Kernel errors messages
Johnny Hughes
mailing-lists at hughesjr.com
Sat Jun 25 07:57:45 CDT 2005
On Sat, 2005-06-25 at 08:27 -0400, Ing. Manuel León Moreno wrote:
> Hi.
>
> I recently installed WB-EL4. Since I did, every time I restart the
> squid service and also (doing nothing)
> several times per day, I get a chain of error messages from the
> kernel.
>
> I uninstalled the squid 2.5 and re-installed the old and probed squid
> 2.4. No change.
>
> I downloaded and installed de last kernel this very morning. No
> change.
>
> As an example, I include (in red) the chain of messages inmediately
> before the stop and
> (in green) the chain of messages inmediately after the start.
>
> My squid cache is installed in a 10 GB partition for the exclusive use
> of squid (7GB-64-256)
> and squid looks to work fine, despite the errors.
>
> Can someone help me to:
>
> a. know what these messages mean?
> b. what should I do to eliminate them?
>
> Thanks in advance.
>
> Manuel Leon
>
> > Jun 25 07:37:49 proxy kernel: audit(1119699469.209:0): avc:
> denied { getattr } for pid=2436 exe=/usr/sbin/squid
> > path=/squid/squid.cache/swap.state dev=hda9
> ino=787058 scontext=user_u:system_r:squid_t
> tcontext=user_u:object_r:file_t tclass=file
>
> > Jun 25 07:37:49 proxy kernel: audit(1119699469.209:0): avc: denied
> {setattr } for pid=2436 exe=/usr/sbin/squid name=swap.state.clean
> dev=hda9 ino=786728
> > scontext=user_u:system_r:squid_t tcontext=user_u:object_r:file_t
> tclass=file
>
> > Jun 25 07:37:49 proxy kernel: audit(1119699469.211:0): avc: denied
> { unlink } for pid=2436 exe=/usr/sbin/squid name=swap.state dev=hda9
> > ino=787058
> scontext=user_u:system_r:squid_t tcontext=user_u:object_r:file_t
> tclass=file
> >
> > Jun 25 07:37:49 proxy squid[2434]: Squid Parent: child process 2436
> exited with status 0
> >---------------------------------------------------------------------------------------------------------------------------------------
> > Jun 25 07:37:50 proxy squid[3330]: Squid Parent: child process 3332
> started
> > Jun 25 07:37:50 proxy kernel: audit(1119699470.937:0): avc: denied
> { execute } for pid=3332 path=/etc/ld.so.cache
> > dev=hda2 ino=742540
> scontext=root:system_r:squid_t tcontext=system_u:object_r:ld_so_cache_t tclass=file
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.216:0): avc:
> denied { search } for pid=3332 exe=/usr/sbin/squid name=/ dev=hda9
> > ino=2
> scontext=root:system_r:squid_t tcontext=system_u:object_r:file_t
> tclass=dir
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.216:0): avc: denied
> {getattr } for pid=3332 exe=/usr/sbin/squid
> > path=/squid/squid.cache dev=hda9 ino=781825
> scontext=root:system_r:squid_t
> tcontext=root:object_r:file_t tclass=dir
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.217:0): avc: denied
> { append } for pid=3332 exe=/usr/sbin/squid name=swap.state dev=hda9
> > ino=786728
> scontext=root:system_r:squid_t tcontext=user_u:object_r:file_t
> tclass=file
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.217:0): avc: denied
> {getattr } for pid=3332 exe=/usr/sbin/squid
> > path=/squid/squid.cache/swap.state dev=hda9 ino=786728
> scontext=root:system_r:squid_t tcontext=user_u:object_r:file_t
> tclass=file
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.218:0): avc: denied
> { write } for pid=3332 exe=/usr/sbin/squid name=squid.cache dev=hda9
> > ino=781825
> scontext=root:system_r:squid_t tcontext=root:object_r:file_t
> tclass=dir
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.218:0): avc: denied
> {add_name } for pid=3332 exe=/usr/sbin/squid
> > name=swap.state.new
> scontext=root:system_r:squid_t tcontext=root:object_r:file_t
> tclass=dir
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.218:0): avc: denied
> { create } for pid=3332 exe=/usr/sbin/squid name=swap.state.new
> > scontext=root:system_r:squid_t tcontext=root:object_r:file_t
> tclass=file
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.218:0): avc: denied
> { read } for pid=3332 exe=/usr/sbin/squid name=swap.state dev=hda9
> ino=786728
> > scontext=root:system_r:squid_t tcontext=user_u:object_r:file_t
> tclass=file
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.218:0): avc: denied
> {remove_name } for pid=3332 exe=/usr/sbin/squid
> > name=swap.state.last-clean dev=hda9 ino=787057
> scontext=root:system_r:squid_t
> tcontext=root:object_r:file_t tclass=dir
> > Jun 25 07:37:51 proxy kernel: audit(1119699471.218:0): avc: denied
> { unlink } for pid=3332 exe=/usr/sbin/squid name=swap.state.last-
> clean
> > dev=hda9 ino=787057 scontext=root:system_r:squid_t
> tcontext=user_u:object_r:file_t tclass=file
> _______________________________________________
Those are SELinux messages ... you probably have SELinux installed in
permissive (warning only) mode ... check your file:
/etc/sysconfig/selinux
You probably have SELINUX=permissive
If you are not going to use SELinux, the warning messages are
harmless ... if you want to use SELinux (ie, set the SELINUX=enforcing
in /etc/sysconfig/selinux) you will need to fix the SELinux permission
issues.
You can see more about SELinux here:
http://mirror.centos.org/centos/4/docs/html/rhel-selg-en-4/
--
Johnny Hughes
<http://www.CentOS.org/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://beau.org/pipermail/whitebox-users/attachments/20050625/c1a1ddd7/attachment.bin
More information about the Whitebox-users
mailing list