I have tons of audit denied messages in my logs and dmesg:
Code: Select all
[ 528.090461] audit: type=1400 audit(1478343185.933:743): avc: denied { create } for pid=2785 comm="auditd" name="auditd" scontext=user_u:user_r:user_t tcontext=user_u:object_r:initrc_state_t tclass=lnk_file permissive=1
[ 528.091293] audit: type=1400 audit(1478343185.934:744): avc: denied { getattr } for pid=2128 comm="syslog-ng" path="/var/log/messages" dev="sda4" ino=9962284 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 528.091314] audit: type=1400 audit(1478343185.934:745): avc: denied { append } for pid=2128 comm="syslog-ng" name="messages" dev="sda4" ino=9962284 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 528.091324] audit: type=1400 audit(1478343185.934:746): avc: denied { open } for pid=2128 comm="syslog-ng" path="/var/log/messages" dev="sda4" ino=9962284 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 528.091345] audit: type=1400 audit(1478343185.934:747): avc: denied { setattr } for pid=2128 comm="syslog-ng" name="messages" dev="sda4" ino=9962284 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
What are they and how do I get rid of them?
This is a gentoo Linux server
4.4.6-gentoo