Seen in the 2.6.1-rc1-mm1 kernel, in security/selinux/avc.c:
in avc_audit(), near line 531:
/* prevent overlapping printks */
spin_lock_irqsave(&avc_log_lock,flags);
printk("%s\n", avc_level_string);
printk("%savc: %s ", avc_level_string, denied ? "denied" : "granted");
What's that first printk doing? It seems to just kick out a blank line:
Dec 31 21:08:15 turing-police kernel:
Dec 31 21:08:15 turing-police kernel: avc: denied { getattr } for pid=2230 exe=/bin/bash path=/usr/src dev=dm-8 ino=2 scontext=user_u:user_r:user_t tcontext=system_u:object_r:src_t tclass=dir
Dec 31 21:08:15 turing-police kernel:
Dec 31 21:08:15 turing-police kernel: avc: denied { read } for pid=2230 exe=/bin/bash dev=dm-8 ino=2 scontext=user_u:user_r:user_t tcontext=system_u:object_r:src_t tclass=dir
Dec 31 21:08:17 turing-police kernel:
Dec 31 21:08:17 turing-police kernel: avc: denied { search } for pid=2230 exe=/bin/bash dev=dm-8 ino=2 scontext=user_u:user_r:user_t tcontext=system_u:object_r:src_t tclass=dir
You get the idea. (It's been doing it for forever, I just finally decided to do some
cleanup for the end of the year and get a bug report out...)
This archive was generated by hypermail 2b30 : Fri Jan 02 2004 - 09:56:38 PST