hotplug_t?
Axel Thimm
Axel.Thimm at ATrpms.net
Tue Aug 1 12:51:42 UTC 2006
On Tue, Aug 01, 2006 at 08:48:41AM -0400, Stephen Smalley wrote:
> On Tue, 2006-08-01 at 07:10 +0200, Axel Thimm wrote:
> > On Mon, Jul 31, 2006 at 10:41:42AM -0400, Daniel J Walsh wrote:
> > > Axel Thimm wrote:
> > > >Hi,
> > > >
> > > >after upgrading FC4 to FC5 and enabling selinux/targeted/permissive I
> > > >see lot's of hotplug_t domains. Most prominently every bash login and
> > > >the default ssh -l root domains (before newrole) are such. This
> > > >doesn't look right, did the upgrade go wrong somewhere?
> > > >
> > > >Thanks!
> > > >
> > > Sounds like you have a major labeling problem. touch /.autorelabel; reboot
> >
> > As said I cannot put the system off-line for several hours and the
> > last relabeling took about 5-6h.
> >
> > But the relabeling was done according to /etc/rc.sysinit, only
> > manually. E.g. I rm'd /.autorelabel, rebooted and called
> > /sbin/fixfiles restore
> >
> > The following is also returning an empty output:
> >
> > # ls -Z {,/usr}/*bin/*| grep hotplug_t
>
> hotplug_t is the domain of the process, whereas the executable file
> would have hotplug_exec_t.
>
Does the following output help? Looks like anything called from sshd
gets into hotplug_t. The main sshd process runs under
system_u:system_r:kernel_t.
Thanks!
# ps uaxwwZf|grep -1 hotplug
system_u:system_r:kernel_t root 4469 0.0 0.1 8140 2848 ? Ss Jul30 0:01 \_ sshd: root at pts/0
root:system_r:hotplug_t:SystemLow-SystemHigh root 4511 0.0 0.1 5464 2308 pts/0 Ss Jul30 0:00 | \_ -bash
root:system_r:hotplug_t:SystemLow-SystemHigh root 27711 0.0 0.0 4464 1032 pts/0 S Jul31 0:00 | \_ newrole -t unconfined_t
root:system_r:unconfined_t:SystemLow-SystemHigh root 27740 0.0 0.1 5468 2264 pts/0 S+ Jul31 0:00 | \_ /bin/bash
system_u:system_r:kernel_t root 5438 0.0 0.1 8364 3172 ? Ss Jul31 0:00 \_ sshd: root at pts/1
root:system_r:hotplug_t:SystemLow-SystemHigh root 5461 0.0 0.1 5468 2320 pts/1 Ss Jul31 0:00 | \_ -bash
root:system_r:hotplug_t:SystemLow-SystemHigh root 20352 0.0 0.0 4860 1344 pts/1 R+ 14:48 0:00 | \_ ps uaxwwZf
root:system_r:hotplug_t:SystemLow-SystemHigh root 20353 0.0 0.0 4156 688 pts/1 S+ 14:48 0:00 | \_ grep -1 hotplug
system_u:system_r:kernel_t root 21263 0.0 0.1 7876 2688 ? Ss Jul31 0:00 \_ sshd: christin [priv]
system_u:system_r:kernel_t christin 21285 0.0 0.0 8168 2060 ? S Jul31 0:00 | \_ sshd: christin at pts/2
user_u:system_r:hotplug_t christin 21286 0.0 0.1 6732 2928 pts/2 Ss+ Jul31 0:00 | \_ -tcsh
system_u:system_r:kernel_t root 20327 0.5 0.1 7876 2468 ? Ss 14:48 0:00 \_ sshd: glaweh [priv]
system_u:system_r:kernel_t glaweh 20332 2.0 0.1 8008 2228 ? S 14:48 0:00 \_ sshd: glaweh at notty
user_u:system_r:hotplug_t glaweh 20341 3.0 0.1 7056 2676 ? Ss 14:48 0:00 \_ /usr/libexec/dovecot/imap
system_u:system_r:kernel_t root 2962 0.0 0.0 2228 884 ? Ss Jul30 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
--
root:system_r:spamd_t:SystemLow-SystemHigh root 17359 1.4 1.9 46480 40212 ? S 14:40 0:07 \_ spamd child
user_u:system_r:hotplug_t christin 21332 0.0 0.0 4848 592 pts/2 S Jul31 0:00 /bin/sh /home/christin/bin/boxes
user_u:system_r:hotplug_t christin 21333 0.0 0.0 4036 1904 pts/2 SN Jul31 0:00 \_ xbuffy -bg rgb:90/80/90 -fg black -boxfile /home/christin/.xbuffyrc
root:system_r:spamd_t:SystemLow-SystemHigh root 26331 0.0 0.0 2492 216 ? Ss Jul31 0:00 /usr/libexec/dcc/dccifd -tCMN,5, -llog -wwhiteclnt -Uuserdirs -SHELO -Smail_host -SSender -SList-ID
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20060801/e245945f/attachment.bin
More information about the selinux
mailing list