From Fedora Project Wiki

Line 17: Line 17:
 
# No AVC errors in profiles.
 
# No AVC errors in profiles.
 
# In case there are some errors like bellow, please fill the bug:
 
# In case there are some errors like bellow, please fill the bug:
#:<pre>type=SYSCALL msg=audit(10/10/2012 08:11:23.095:165) : arch=x86_64 syscall=statfs success=no exit=-13(Permission denied) a0=0x9370d0 a1=0x7fffab314cd0 a2=0x7fffab314dd0 a3=0x11 items=0 ppid=12200 pid=12201 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=df exe=/usr/bin/df subj=system_u:system_r:tuned_t:s0 key=(null)
+
#:<pre>type=SYSCALL msg=audit(10/10/2012 08:11:23.095:165) : arch=x86_64 syscall=statfs success=no exit=-13(Permission denied) ...</pre>
type=AVC msg=audit(10/10/2012 08:11:23.095:165) : avc:  denied  { getattr } for  pid=12201 comm=df name=/ dev="mqueue" ino=7335 scontext=system_u:system_r:tuned_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem
 
</pre>
 
 
.
 
.
 
}}
 
}}
  
 
[[Category:Power_Management_Test_Cases]]
 
[[Category:Power_Management_Test_Cases]]

Revision as of 12:24, 10 October 2012

Description

This test case tests tests all profiles enable and try to fing if there happen selinux AVCs in all profiles

Setup

  1. Check that you have Package-x-generic-16.pngtuned package version 2 or newer installed:
    $ rpm -q tuned
    There must be installed tuned version 2 or newer (but not 1) and tuned-utils subpackage.
    • If not install it:
    # yum install tuned tuned-utils

How to test

  1. Start tuned (via systemd):
    # systemctl start tuned.service
  2. Do test for all available profiles in tuned:
    for I in `tuned-adm list | grep "^- " | cut -d ' ' -f 2` ; do dd if=/dev/null of=/var/log/audit/audit.log >& /dev/null; tuned-adm active ; tuned-adm profile $I ; sleep 5; ausearch -m avc -m user_avc -i ; done

Expected Results

  1. No AVC errors in profiles.
  2. In case there are some errors like bellow, please fill the bug:
    type=SYSCALL msg=audit(10/10/2012 08:11:23.095:165) : arch=x86_64 syscall=statfs success=no exit=-13(Permission denied) ...

.