1527684 – Flood of 'read' denials for systemd-journald with selinux-policy-3.13.1-306.fc28

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1527684 - Flood of 'read' denials for systemd-journald with selinux-policy-3.13.1-306.fc28

Summary: Flood of 'read' denials for systemd-journald with selinux-policy-3.13.1-306.fc28

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-targeted
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	urgent
Target Milestone:	---
Assignee:	Lukas Vrabec
QA Contact:	Ben Levenson
Docs Contact:
URL:
Whiteboard:	AcceptedBlocker
Depends On:
Blocks:	F28BetaBlocker
TreeView+	depends on / blocked

Reported:	2017-12-19 22:18 UTC by Adam Williamson
Modified:	2018-02-20 11:17 UTC (History)
CC List:	9 users (show)
Fixed In Version:	selinux-policy-3.13.1-307.fc28
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-02-20 11:17:57 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Adam Williamson 2017-12-19 22:18:55 UTC

Since selinux-policy-3.13.1-306.fc28 landed in Rawhide, there seems to be a flood of 'read' denials for systemd-journald immediately after any boot and install. Here's all the denials from one test:

----
time->Mon Dec 18 08:33:32 2017
type=PROCTITLE msg=audit(1513604012.447:90): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604012.447:90): item=0 name="/run/systemd/units/invocation:auditd.service" inode=16120 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604012.447:90): cwd="/"
type=SYSCALL msg=audit(1513604012.447:90): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276733d0 a2=56501f7d51c0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604012.447:90): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:auditd.service" dev="tmpfs" ino=16120 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:32 2017
type=PROCTITLE msg=audit(1513604012.533:94): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604012.533:94): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=16303 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604012.533:94): cwd="/"
type=SYSCALL msg=audit(1513604012.533:94): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d5830 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604012.533:94): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=16303 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:32 2017
type=PROCTITLE msg=audit(1513604012.548:95): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604012.548:95): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=16303 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604012.548:95): cwd="/"
type=SYSCALL msg=audit(1513604012.548:95): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d51c0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604012.548:95): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=16303 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:32 2017
type=PROCTITLE msg=audit(1513604012.587:96): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604012.587:96): item=0 name="/run/systemd/units/invocation:sssd.service" inode=16296 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604012.587:96): cwd="/"
type=SYSCALL msg=audit(1513604012.587:96): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730f0 a2=56501f7d6d90 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604012.587:96): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=16296 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:32 2017
type=PROCTITLE msg=audit(1513604012.696:101): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604012.696:101): item=0 name="/run/systemd/units/invocation:sssd.service" inode=16296 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604012.696:101): cwd="/"
type=SYSCALL msg=audit(1513604012.696:101): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730f0 a2=56501f7c7900 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604012.696:101): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=16296 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:32 2017
type=PROCTITLE msg=audit(1513604012.968:106): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604012.968:106): item=0 name="/run/systemd/units/invocation:sssd.service" inode=16296 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604012.968:106): cwd="/"
type=SYSCALL msg=audit(1513604012.968:106): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730f0 a2=56501f7d54a0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604012.968:106): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=16296 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:33 2017
type=PROCTITLE msg=audit(1513604013.089:107): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604013.089:107): item=0 name="/run/systemd/units/invocation:lvm2-pvscan@252:2.service" inode=15908 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604013.089:107): cwd="/"
type=SYSCALL msg=audit(1513604013.089:107): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276733e0 a2=56501f7d2150 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604013.089:107): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:lvm2-pvscan@252:2.service" dev="tmpfs" ino=15908 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:33 2017
type=PROCTITLE msg=audit(1513604013.192:111): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604013.192:111): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604013.192:111): cwd="/"
type=SYSCALL msg=audit(1513604013.192:111): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d4a80 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604013.192:111): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:33 2017
type=PROCTITLE msg=audit(1513604013.460:113): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604013.460:113): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=17556 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604013.460:113): cwd="/"
type=SYSCALL msg=audit(1513604013.460:113): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d6930 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604013.460:113): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=17556 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:33 2017
type=PROCTITLE msg=audit(1513604013.479:114): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604013.479:114): item=0 name="/run/systemd/units/invocation:dbus.service" inode=16312 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604013.479:114): cwd="/"
type=SYSCALL msg=audit(1513604013.479:114): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d8e30 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604013.479:114): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:dbus.service" dev="tmpfs" ino=16312 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:33 2017
type=PROCTITLE msg=audit(1513604013.664:120): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604013.664:120): item=0 name="/run/systemd/units/invocation:sshd.service" inode=17678 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604013.664:120): cwd="/"
type=SYSCALL msg=audit(1513604013.664:120): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d95d0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604013.664:120): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:sshd.service" dev="tmpfs" ino=17678 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:33 2017
type=PROCTITLE msg=audit(1513604013.695:124): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604013.695:124): item=0 name="/run/systemd/units/invocation:NetworkManager-dispatcher.service" inode=19011 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604013.695:124): cwd="/"
type=SYSCALL msg=audit(1513604013.695:124): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730d0 a2=56501f7cea40 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604013.695:124): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:NetworkManager-dispatcher.service" dev="tmpfs" ino=19011 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:33 2017
type=PROCTITLE msg=audit(1513604013.821:136): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604013.821:136): item=0 name="/run/systemd/units/invocation:polkit.service" inode=19359 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604013.821:136): cwd="/"
type=SYSCALL msg=audit(1513604013.821:136): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7ca730 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604013.821:136): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:polkit.service" dev="tmpfs" ino=19359 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:34 2017
type=PROCTITLE msg=audit(1513604014.588:157): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604014.588:157): item=0 name="/run/systemd/units/invocation:firewalld.service" inode=17464 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604014.588:157): cwd="/"
type=SYSCALL msg=audit(1513604014.588:157): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7cdfd0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604014.588:157): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:firewalld.service" dev="tmpfs" ino=17464 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:34 2017
type=PROCTITLE msg=audit(1513604014.714:185): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604014.714:185): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=17556 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604014.714:185): cwd="/"
type=SYSCALL msg=audit(1513604014.714:185): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d61c0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604014.714:185): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=17556 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:34 2017
type=PROCTITLE msg=audit(1513604014.751:186): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604014.751:186): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=17556 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604014.751:186): cwd="/"
type=SYSCALL msg=audit(1513604014.751:186): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730d0 a2=56501f7ce6e0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604014.751:186): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=17556 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:34 2017
type=PROCTITLE msg=audit(1513604014.766:187): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604014.766:187): item=0 name="/run/systemd/units/invocation:NetworkManager-dispatcher.service" inode=19011 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604014.766:187): cwd="/"
type=SYSCALL msg=audit(1513604014.766:187): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673080 a2=56501f7cd180 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604014.766:187): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:NetworkManager-dispatcher.service" dev="tmpfs" ino=19011 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:36 2017
type=PROCTITLE msg=audit(1513604016.828:188): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604016.828:188): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=17556 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604016.828:188): cwd="/"
type=SYSCALL msg=audit(1513604016.828:188): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7cdfd0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604016.828:188): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=17556 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:39 2017
type=PROCTITLE msg=audit(1513604019.008:194): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604019.008:194): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604019.008:194): cwd="/"
type=SYSCALL msg=audit(1513604019.008:194): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d2150 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604019.008:194): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:39 2017
type=PROCTITLE msg=audit(1513604019.082:199): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604019.082:199): item=0 name="/run/systemd/units/invocation:user" inode=20219 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604019.082:199): cwd="/"
type=SYSCALL msg=audit(1513604019.082:199): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d1220 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604019.082:199): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20219 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:39 2017
type=PROCTITLE msg=audit(1513604019.157:200): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604019.157:200): item=0 name="/run/systemd/units/invocation:user" inode=20219 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604019.157:200): cwd="/"
type=SYSCALL msg=audit(1513604019.157:200): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730a0 a2=56501f7d2150 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604019.157:200): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20219 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:39 2017
type=PROCTITLE msg=audit(1513604019.188:203): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604019.188:203): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=18404 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604019.188:203): cwd="/"
type=SYSCALL msg=audit(1513604019.188:203): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d0780 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604019.188:203): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=18404 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:39 2017
type=PROCTITLE msg=audit(1513604019.190:206): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604019.190:206): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=18404 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604019.190:206): cwd="/"
type=SYSCALL msg=audit(1513604019.190:206): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d0300 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604019.190:206): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=18404 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:39 2017
type=PROCTITLE msg=audit(1513604019.900:207): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604019.900:207): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=16303 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604019.900:207): cwd="/"
type=SYSCALL msg=audit(1513604019.900:207): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d0300 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604019.900:207): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=16303 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:41 2017
type=PROCTITLE msg=audit(1513604021.399:208): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604021.399:208): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=16303 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604021.399:208): cwd="/"
type=SYSCALL msg=audit(1513604021.399:208): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d5830 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604021.399:208): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=16303 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:43 2017
type=PROCTITLE msg=audit(1513604023.077:211): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604023.077:211): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=18404 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604023.077:211): cwd="/"
type=SYSCALL msg=audit(1513604023.077:211): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d1060 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604023.077:211): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=18404 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:43 2017
type=PROCTITLE msg=audit(1513604023.109:216): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604023.109:216): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604023.109:216): cwd="/"
type=SYSCALL msg=audit(1513604023.109:216): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d3630 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604023.109:216): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:43 2017
type=PROCTITLE msg=audit(1513604023.123:217): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604023.123:217): item=0 name="/run/systemd/units/invocation:user" inode=20219 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604023.123:217): cwd="/"
type=SYSCALL msg=audit(1513604023.123:217): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730a0 a2=56501f7d1220 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604023.123:217): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20219 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:46 2017
type=PROCTITLE msg=audit(1513604026.772:225): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604026.772:225): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604026.772:225): cwd="/"
type=SYSCALL msg=audit(1513604026.772:225): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7cdfd0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604026.772:225): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:46 2017
type=PROCTITLE msg=audit(1513604026.847:230): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604026.847:230): item=0 name="/run/systemd/units/invocation:user" inode=20361 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604026.847:230): cwd="/"
type=SYSCALL msg=audit(1513604026.847:230): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7da220 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604026.847:230): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20361 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:46 2017
type=PROCTITLE msg=audit(1513604026.908:231): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604026.908:231): item=0 name="/run/systemd/units/invocation:user" inode=20361 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604026.908:231): cwd="/"
type=SYSCALL msg=audit(1513604026.908:231): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730a0 a2=56501f7cdfd0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604026.908:231): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=20361 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:46 2017
type=PROCTITLE msg=audit(1513604026.935:233): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604026.935:233): item=0 name="/run/systemd/units/invocation:session-3.scope" inode=20366 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604026.935:233): cwd="/"
type=SYSCALL msg=audit(1513604026.935:233): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7da3d0 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604026.935:233): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:session-3.scope" dev="tmpfs" ino=20366 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:59 2017
type=PROCTITLE msg=audit(1513604039.177:243): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604039.177:243): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=17529 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604039.177:243): cwd="/"
type=SYSCALL msg=audit(1513604039.177:243): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff27673090 a2=56501f7d1220 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604039.177:243): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=17529 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Mon Dec 18 08:33:59 2017
type=PROCTITLE msg=audit(1513604039.195:244): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1513604039.195:244): item=0 name="/run/systemd/units/invocation:session-5.scope" inode=20912 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1513604039.195:244): cwd="/"
type=SYSCALL msg=audit(1513604039.195:244): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fff276730e0 a2=56501f7d0970 a3=63 items=1 ppid=1 pid=402 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1513604039.195:244): avc:  denied  { read } for  pid=402 comm="systemd-journal" name="invocation:session-5.scope" dev="tmpfs" ino=20912 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0

I'm gonna presume this is preventing logging from working fully, and propose it as a Beta blocker as a violation of Basic release criterion "A system logging infrastructure must be available, enabled by default, and working" - https://fedoraproject.org/wiki/Basic_Release_Criteria#System_logging

Comment 1 Lukas Vrabec 2017-12-19 23:17:17 UTC

Adam, 

Today, I created new selinux-policy package nvr 307.fc28 which fixing this issue. Moving to MODIFIED.

Comment 2 Adam Williamson 2018-01-05 00:31:38 UTC

Sorry, but I don't believe this is fixed. Still seeing similar denials in today's Rawhide compose, 20180104.n.0, like this:

----
time->Thu Jan  4 19:16:14 2018
type=PROCTITLE msg=audit(1515111374.722:92): proctitle="/usr/lib/systemd/systemd-journald"
type=SYSCALL msg=audit(1515111374.722:92): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc08370 a3=63 items=0 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111374.722:92): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:auditd.service" dev="tmpfs" ino=17501 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:14 2018
type=PROCTITLE msg=audit(1515111374.795:94): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111374.795:94): item=0 name="/run/systemd/units/invocation:auditd.service" inode=17501 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111374.795:94): cwd="/"
type=SYSCALL msg=audit(1515111374.795:94): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8dba280 a2=555cadc08370 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111374.795:94): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:auditd.service" dev="tmpfs" ino=17501 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:14 2018
type=PROCTITLE msg=audit(1515111374.831:98): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111374.831:98): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=17663 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111374.831:98): cwd="/"
type=SYSCALL msg=audit(1515111374.831:98): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc20810 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111374.831:98): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=17663 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:14 2018
type=PROCTITLE msg=audit(1515111374.835:99): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111374.835:99): item=0 name="/run/systemd/units/invocation:chronyd.service" inode=17663 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111374.835:99): cwd="/"
type=SYSCALL msg=audit(1515111374.835:99): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc08370 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111374.835:99): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:chronyd.service" dev="tmpfs" ino=17663 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.141:108): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.141:108): item=0 name="/run/systemd/units/invocation:sssd.service" inode=17396 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.141:108): cwd="/"
type=SYSCALL msg=audit(1515111375.141:108): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9fa0 a2=555cadc10e60 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.141:108): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=17396 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.218:109): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.218:109): item=0 name="/run/systemd/units/invocation:sssd.service" inode=17396 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.218:109): cwd="/"
type=SYSCALL msg=audit(1515111375.218:109): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9fa0 a2=555cadc202b0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.218:109): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=17396 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.589:110): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.589:110): item=0 name="/run/systemd/units/invocation:sssd.service" inode=17396 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.589:110): cwd="/"
type=SYSCALL msg=audit(1515111375.589:110): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9fa0 a2=555cadc23620 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.589:110): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:sssd.service" dev="tmpfs" ino=17396 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.643:113): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.643:113): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.643:113): cwd="/"
type=SYSCALL msg=audit(1515111375.643:113): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc23390 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.643:113): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.764:115): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.764:115): item=0 name="/run/systemd/units/invocation:NetworkManager.service" inode=18632 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.764:115): cwd="/"
type=SYSCALL msg=audit(1515111375.764:115): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1fbb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.764:115): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:NetworkManager.service" dev="tmpfs" ino=18632 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:15 2018
type=PROCTITLE msg=audit(1515111375.784:116): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111375.784:116): item=0 name="/run/systemd/units/invocation:dbus.service" inode=17727 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111375.784:116): cwd="/"
type=SYSCALL msg=audit(1515111375.784:116): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc25590 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111375.784:116): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:dbus.service" dev="tmpfs" ino=17727 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:16 2018
type=PROCTITLE msg=audit(1515111376.009:125): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111376.009:125): item=0 name="/run/systemd/units/invocation:sshd.service" inode=18168 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111376.009:125): cwd="/"
type=SYSCALL msg=audit(1515111376.009:125): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc17bb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111376.009:125): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:sshd.service" dev="tmpfs" ino=18168 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:16 2018
type=PROCTITLE msg=audit(1515111376.035:127): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111376.035:127): item=0 name="/run/systemd/units/invocation:NetworkManager-dispatcher.service" inode=19002 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111376.035:127): cwd="/"
type=SYSCALL msg=audit(1515111376.035:127): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f80 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111376.035:127): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:NetworkManager-dispatcher.service" dev="tmpfs" ino=19002 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:16 2018
type=PROCTITLE msg=audit(1515111376.088:128): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111376.088:128): item=0 name="/run/systemd/units/invocation:iscsi.service" inode=18997 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111376.088:128): cwd="/"
type=SYSCALL msg=audit(1515111376.088:128): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8dba280 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111376.088:128): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:iscsi.service" dev="tmpfs" ino=18997 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:16 2018
type=PROCTITLE msg=audit(1515111376.135:131): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111376.135:131): item=0 name="/run/systemd/units/invocation:iscsid.service" inode=19496 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111376.135:131): cwd="/"
type=SYSCALL msg=audit(1515111376.135:131): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111376.135:131): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:iscsid.service" dev="tmpfs" ino=19496 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.244:149): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.244:149): item=0 name="/run/systemd/units/invocation:polkit.service" inode=19122 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.244:149): cwd="/"
type=SYSCALL msg=audit(1515111378.244:149): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1b730 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.244:149): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:polkit.service" dev="tmpfs" ino=19122 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.347:151): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.347:151): item=0 name="/run/systemd/units/invocation:NetworkManager-dispatcher.service" inode=19002 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.347:151): cwd="/"
type=SYSCALL msg=audit(1515111378.347:151): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f30 a2=555cadc17bb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.347:151): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:NetworkManager-dispatcher.service" dev="tmpfs" ino=19002 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.353:153): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.353:153): item=0 name="/run/systemd/units/invocation:dbus.service" inode=17727 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.353:153): cwd="/"
type=SYSCALL msg=audit(1515111378.353:153): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1fbb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.353:153): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:dbus.service" dev="tmpfs" ino=17727 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.383:154): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.383:154): item=0 name="/run/systemd/units/invocation:iscsi.service" inode=18997 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.383:154): cwd="/"
type=SYSCALL msg=audit(1515111378.383:154): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8dba280 a2=555cadc1b7a0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.383:154): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:iscsi.service" dev="tmpfs" ino=18997 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:19 2018
type=PROCTITLE msg=audit(1515111379.136:189): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111379.136:189): item=0 name="/run/systemd/units/invocation:iscsid.service" inode=19496 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111379.136:189): cwd="/"
type=SYSCALL msg=audit(1515111379.136:189): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111379.136:189): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:iscsid.service" dev="tmpfs" ino=19496 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:17 2018
type=PROCTITLE msg=audit(1515111377.135:146): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111377.135:146): item=0 name="/run/systemd/units/invocation:iscsid.service" inode=19496 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111377.135:146): cwd="/"
type=SYSCALL msg=audit(1515111377.135:146): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1b8d0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111377.135:146): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:iscsid.service" dev="tmpfs" ino=19496 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:18 2018
type=PROCTITLE msg=audit(1515111378.960:169): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111378.960:169): item=0 name="/run/systemd/units/invocation:firewalld.service" inode=17332 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111378.960:169): cwd="/"
type=SYSCALL msg=audit(1515111378.960:169): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1bbf0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111378.960:169): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:firewalld.service" dev="tmpfs" ino=17332 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.387:195): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.387:195): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.387:195): cwd="/"
type=SYSCALL msg=audit(1515111384.387:195): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1fbb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.387:195): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.461:199): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.461:199): item=0 name="/run/systemd/units/invocation:user" inode=21718 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.461:199): cwd="/"
type=SYSCALL msg=audit(1515111384.461:199): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc25650 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.461:199): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21718 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.531:201): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.531:201): item=0 name="/run/systemd/units/invocation:user" inode=21718 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.531:201): cwd="/"
type=SYSCALL msg=audit(1515111384.531:201): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f50 a2=555cadc1fbb0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.531:201): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21718 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.553:203): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.553:203): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=21724 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.553:203): cwd="/"
type=SYSCALL msg=audit(1515111384.553:203): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1b1c0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.553:203): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=21724 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:24 2018
type=PROCTITLE msg=audit(1515111384.555:207): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111384.555:207): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=21724 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111384.555:207): cwd="/"
type=SYSCALL msg=audit(1515111384.555:207): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1b490 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111384.555:207): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=21724 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:27 2018
type=PROCTITLE msg=audit(1515111387.446:210): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111387.446:210): item=0 name="/run/systemd/units/invocation:session-1.scope" inode=21724 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111387.446:210): cwd="/"
type=SYSCALL msg=audit(1515111387.446:210): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1b1c0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111387.446:210): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:session-1.scope" dev="tmpfs" ino=21724 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:27 2018
type=PROCTITLE msg=audit(1515111387.465:215): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111387.465:215): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111387.465:215): cwd="/"
type=SYSCALL msg=audit(1515111387.465:215): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc23620 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111387.465:215): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:27 2018
type=PROCTITLE msg=audit(1515111387.475:216): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111387.475:216): item=0 name="/run/systemd/units/invocation:user" inode=21718 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111387.475:216): cwd="/"
type=SYSCALL msg=audit(1515111387.475:216): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f50 a2=555cadc25650 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111387.475:216): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21718 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:27 2018
type=PROCTITLE msg=audit(1515111387.487:217): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111387.487:217): item=0 name="/run/systemd/units/invocation:user" inode=21718 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111387.487:217): cwd="/"
type=SYSCALL msg=audit(1515111387.487:217): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc25650 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111387.487:217): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21718 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:31 2018
type=PROCTITLE msg=audit(1515111391.186:225): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111391.186:225): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111391.186:225): cwd="/"
type=SYSCALL msg=audit(1515111391.186:225): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111391.186:225): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:31 2018
type=PROCTITLE msg=audit(1515111391.278:230): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111391.278:230): item=0 name="/run/systemd/units/invocation:user" inode=21215 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111391.278:230): cwd="/"
type=SYSCALL msg=audit(1515111391.278:230): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc23620 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111391.278:230): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21215 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:31 2018
type=PROCTITLE msg=audit(1515111391.317:231): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111391.317:231): item=0 name="/run/systemd/units/invocation:user" inode=21215 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111391.317:231): cwd="/"
type=SYSCALL msg=audit(1515111391.317:231): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f50 a2=555cadc1a110 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111391.317:231): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:user" dev="tmpfs" ino=21215 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:31 2018
type=PROCTITLE msg=audit(1515111391.335:233): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111391.335:233): item=0 name="/run/systemd/units/invocation:session-3.scope" inode=21294 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111391.335:233): cwd="/"
type=SYSCALL msg=audit(1515111391.335:233): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc1cce0 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111391.335:233): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:session-3.scope" dev="tmpfs" ino=21294 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:46 2018
type=PROCTITLE msg=audit(1515111406.727:244): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111406.727:244): item=0 name="/run/systemd/units/invocation:systemd-logind.service" inode=18513 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111406.727:244): cwd="/"
type=SYSCALL msg=audit(1515111406.727:244): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f40 a2=555cadc25650 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111406.727:244): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:systemd-logind.service" dev="tmpfs" ino=18513 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0
----
time->Thu Jan  4 19:16:46 2018
type=PROCTITLE msg=audit(1515111406.735:247): proctitle="/usr/lib/systemd/systemd-journald"
type=PATH msg=audit(1515111406.735:247): item=0 name="/run/systemd/units/invocation:session-5.scope" inode=22021 dev=00:16 mode=0120777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:init_var_run_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1515111406.735:247): cwd="/"
type=SYSCALL msg=audit(1515111406.735:247): arch=c000003e syscall=267 success=no exit=-13 a0=ffffff9c a1=7fffb8db9f90 a2=555cadc26770 a3=63 items=1 ppid=1 pid=604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:syslogd_t:s0 key=(null)
type=AVC msg=audit(1515111406.735:247): avc:  denied  { read } for  pid=604 comm="systemd-journal" name="invocation:session-5.scope" dev="tmpfs" ino=22021 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=lnk_file permissive=0

Comment 3 Paul Whalen 2018-01-08 17:43:22 UTC

Still seeing this on the nominated compose - Fedora-Rawhide-20180107.n.0

Comment 4 Petr Schindler 2018-01-08 17:49:40 UTC

Discussed at 2018-01-08 blocker review meeting: [1]. 

This bug was accepted as Beta blocker: this is accepted as a violation of Basic criterion "A system logging infrastructure must be available, enabled by default, and working" - also Final criterion "There must be no SELinux denial notifications...on boot of or during installation from a release-blocking live image, or at first login after a default install of a release-blocking desktop" for Xfce, possibly GNOME

[1] https://meetbot-raw.fedoraproject.org/fedora-blocker-review/2018-01-08/

Comment 5 Lukas Vrabec 2018-01-09 09:35:10 UTC

commit 1702c2a3ad9c1bb17d7f01dcfeabf429df2a4787 (HEAD -> rawhide, origin/rawhide)
Author: Lukas Vrabec <lvrabec>
Date:   Tue Jan 9 10:23:32 2018 +0100

    Add Label systemd_unit_file_t for /var/run/systemd/units/

Note You need to log in before you can comment on or make changes to this bug.