From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from jazzhorn.ncsc.mil (mummy.ncsc.mil [144.51.88.129]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id l0PH8l6o000956 for ; Thu, 25 Jan 2007 12:08:47 -0500 Received: from mail.nagafix.co.uk (jazzhorn.ncsc.mil [144.51.5.9]) by jazzhorn.ncsc.mil (8.12.10/8.12.10) with ESMTP id l0PH9kgs017098 for ; Thu, 25 Jan 2007 17:09:46 GMT Received: from [192.168.0.6] (82-45-188-29.cable.ubr02.camd.blueyonder.co.uk [82.45.188.29]) (using SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.nagafix.co.uk (Postfix) with ESMTP id 863BC43B28 for ; Thu, 25 Jan 2007 17:09:42 +0000 (GMT) Message-ID: <45B8E456.5090501@nagafix.co.uk> Date: Thu, 25 Jan 2007 17:09:42 +0000 From: Antoine Martin MIME-Version: 1.0 To: selinux@tycho.nsa.gov Subject: new postfix-script errors idr_remove Content-Type: text/plain; charset=ISO-8859-15; format=flowed Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov This message just started appearing on one of my servers. Any idea what this means? [ 1766.037624] audit(1169838474.626:79): avc: denied { search } for pid=13983 comm="postfix-script" name="/" dev=devpts ino=1 scontext=system_u:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir [ 1766.037694] idr_remove called for id=4 which is not allocated. [ 1766.037698] [] sub_remove+0xe5/0xf0 [ 1766.037710] [] idr_remove+0x18/0x80 [ 1766.037715] [] release_dev+0x490/0x6d0 [ 1766.037727] [] tty_ldisc_enable+0x26/0x30 [ 1766.037731] [] init_dev+0x237/0x4e0 [ 1766.037736] [] tty_open+0x13f/0x2b0 [ 1766.037740] [] chrdev_open+0x52/0x120 [ 1766.037746] [] chrdev_open+0x0/0x120 [ 1766.037750] [] __dentry_open+0x9a/0x170 [ 1766.037755] [] nameidata_to_filp+0x35/0x40 [ 1766.037759] [] filp_open+0x3b/0x50 [ 1766.037762] [] get_unused_fd+0x45/0xb0 [ 1766.037766] [] do_sys_open+0x3d/0xd0 [ 1766.037770] [] sysenter_past_esp+0x54/0x75 [ 1766.038778] audit(1169838474.626:80): avc: denied { search } for pid=13983 comm="postfix-script" name="/" dev=devpts ino=1 scontext=system_u:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir [ 1766.064173] audit(1169838474.654:81): avc: denied { search } for pid=13985 comm="postfix-script" name="/" dev=devpts ino=1 scontext=system_u:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir [ 1766.064242] idr_remove called for id=4 which is not allocated. [ 1766.064246] [] sub_remove+0xe5/0xf0 [ 1766.064257] [] idr_remove+0x18/0x80 [ 1766.064261] [] release_dev+0x490/0x6d0 [ 1766.064272] [] tty_ldisc_enable+0x26/0x30 [ 1766.064277] [] init_dev+0x237/0x4e0 [ 1766.064281] [] tty_open+0x13f/0x2b0 [ 1766.064286] [] chrdev_open+0x52/0x120 [ 1766.064291] [] chrdev_open+0x0/0x120 [ 1766.064295] [] __dentry_open+0x9a/0x170 [ 1766.064300] [] nameidata_to_filp+0x35/0x40 [ 1766.064304] [] filp_open+0x3b/0x50 [ 1766.064307] [] get_unused_fd+0x45/0xb0 [ 1766.064311] [] do_sys_open+0x3d/0xd0 [ 1766.064315] [] sysenter_past_esp+0x54/0x75 [ 1766.065227] audit(1169838474.654:82): avc: denied { search } for pid=13985 comm="postfix-script" name="/" dev=devpts ino=1 scontext=system_u:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir [ 1766.071472] audit(1169838474.658:83): avc: denied { search } for pid=13986 comm="sh" name="/" dev=devpts ino=1 scontext=system_u:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir [ 1766.071550] idr_remove called for id=4 which is not allocated. [ 1766.071554] [] sub_remove+0xe5/0xf0 [ 1766.071565] [] idr_remove+0x18/0x80 [ 1766.071570] [] release_dev+0x490/0x6d0 [ 1766.071580] [] apic_timer_interrupt+0x1c/0x24 [ 1766.071586] [] tty_ldisc_enable+0x26/0x30 [ 1766.071591] [] init_dev+0x237/0x4e0 [ 1766.071595] [] tty_open+0x13f/0x2b0 [ 1766.071600] [] chrdev_open+0x52/0x120 [ 1766.071606] [] chrdev_open+0x0/0x120 [ 1766.071610] [] __dentry_open+0x9a/0x170 [ 1766.071615] [] nameidata_to_filp+0x35/0x40 [ 1766.071619] [] filp_open+0x3b/0x50 [ 1766.071622] [] get_unused_fd+0x45/0xb0 [ 1766.071626] [] do_sys_open+0x3d/0xd0 [ 1766.071630] [] sysenter_past_esp+0x54/0x75 [ 1766.072744] audit(1169838474.662:84): avc: denied { search } for pid=13986 comm="sh" name="/" dev=devpts ino=1 scontext=system_u:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir [ 1766.504354] audit(1169838475.094:85): avc: denied { search } for pid=14003 comm="postfix-script" name="/" dev=devpts ino=1 scontext=system_u:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir [ 1766.504425] idr_remove called for id=4 which is not allocated. [ 1766.504430] [] sub_remove+0xe5/0xf0 [ 1766.504442] [] idr_remove+0x18/0x80 [ 1766.504446] [] release_dev+0x490/0x6d0 [ 1766.504457] [] tty_ldisc_enable+0x26/0x30 [ 1766.504462] [] init_dev+0x237/0x4e0 [ 1766.504466] [] tty_open+0x13f/0x2b0 [ 1766.504471] [] chrdev_open+0x52/0x120 [ 1766.504477] [] chrdev_open+0x0/0x120 [ 1766.504480] [] __dentry_open+0x9a/0x170 [ 1766.504486] [] nameidata_to_filp+0x35/0x40 [ 1766.504489] [] filp_open+0x3b/0x50 [ 1766.504493] [] get_unused_fd+0x45/0xb0 [ 1766.504497] [] do_sys_open+0x3d/0xd0 [ 1766.504500] [] sysenter_past_esp+0x54/0x75 [ 1766.504726] audit(1169838475.094:86): avc: denied { search } for pid=14003 comm="postfix-script" name="/" dev=devpts ino=1 scontext=system_u:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir [ 1766.706517] idr_remove called for id=4 which is not allocated. [ 1766.706527] [] sub_remove+0xe5/0xf0 [ 1766.706540] [] idr_remove+0x18/0x80 [ 1766.706545] [] release_dev+0x490/0x6d0 [ 1766.706556] [] free_pte_range+0x32/0x40 [ 1766.706567] [] tty_release+0x7/0x10 [ 1766.706572] [] __fput+0x97/0x140 [ 1766.706578] [] filp_close+0x47/0x80 [ 1766.706582] [] exit_mmap+0xae/0xd0 [ 1766.706588] [] put_files_struct+0x97/0xc0 [ 1766.706593] [] do_exit+0x116/0x310 [ 1766.706596] [] do_group_exit+0x26/0x60 [ 1766.706600] [] sysenter_past_esp+0x54/0x75 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.