No AVC when sshd is mislabeled

Sun Dec 12 16:21:09 UTC 2010

On Sunday 12 December 2010 11:56:24 Jorge Fábregas wrote:
> This started after the LAST kernel update for 
> Fedora 12 (last because there won't be any more updates). There's nothing
> in  /var/log/setroubleshoot/setroubleshoot.log

Running setroubleshootd vith extra verbose (-V) gets me:

2010-12-12 12:17:13,274 [database.DEBUG] created new database: name=audit_listener, 
friendly_name=Audit Listener, filepath=/var/lib/setroubleshoot/audit_listener_database.xml
2010-12-12 12:17:13,279 [database.DEBUG] database version 3.0 compatible with current 3.0 version
2010-12-12 12:17:13,285 [plugin.DEBUG] load_plugins() names=['leaks', 'pppd_can_insmod', 'wine', 
'setenforce', 'httpd_bad_labels', 'connect_ports', 'tftpd_write_content', 'use_nfs_home_dirs', 
'allow_rsync_anon_write', 'httpd_write_content', 'xen_image', 'httpd_can_network_connect_db', 'device', 
'sys_resource', 'spamd_enable_home_dirs', 'samba_export_all_ro', 'allow_smbd_anon_write', 
'catchall_boolean', 'use_samba_home_dirs', 'automount_exec_config', 'allow_execheap', 
'allow_java_execstack', 'qemu_file_image', 'samba_share', 'allow_cvs_read_shadow', 'file', 
'allow_httpd_sys_script_anon_write', 'filesystem_associate', 'httpd_builtin_scripting', 'execute', 
'ftp_home_dir', 'httpd_use_cifs', 'httpd_tty_comm', 'allow_saslauthd_read_shadow', 'disable_ipv6', 
'sys_module', 'qemu_blk_image', 'httpd_enable_ftp_server', 'firefox', 'user_tcp_server', 'catchall', 
'allow_nfsd_anon_write', 'httpd_can_network_relay', 'allow_execmod', 'allow_kerberos', 'cvs_data', 
'samba_share_nfs', 'allow_ftpd_use_cifs', 'restore_source_context', 'restorecon', 'samba_export_all_rw', 
'ftpd_is_daemon', 'squid_connect_any', 'prelink_mislabled', 'allow_execstack', 'allow_ftpd_full_access', 
'allow_ypbind', 'sshd_root', 'vbetool', 'rsync_data', 'inetd_bind_ports', 'kernel_modules', 'fcron_crond', 
'allow_ftpd_anon_write', 'httpd_can_sendmail', 'allow_ftpd_use_nfs', 'public_content', 'selinuxpolicy', 
'swapfile', 'global_ssp', 'bind_ports', 'httpd_enable_cgi', 'default', 'httpd_ssi_exec', 
'allow_httpd_anon_write', 'secure_mode_policyload', 'httpd_use_nfs', 'mmap_zero', 
'named_write_master_zones', 'nfs_export_all_ro', 'privoxy_connect_any', 'httpd_enable_homedirs', 
'allow_mplayer_execstack', 'samba_enable_home_dirs', 'allow_postfix_local_write_mail_spool', 
'allow_zebra_write_config', 'mounton', 'allow_daemons_dump_core', 'nfs_export_all_rw', 
'secure_mode_insmod']
2010-12-12 12:17:13,286 [plugin.INFO] importing /usr/share/setroubleshoot/plugins/__init__ as plugins
2010-12-12 12:17:16,655 [avc.DEBUG] Number of Plugins = 90
2010-12-12 12:17:16,661 [communication.DEBUG] parse_socket_address_list: 
input='{unix}/var/run/setroubleshoot/setroubleshoot_server'
2010-12-12 12:17:16,661 [communication.DEBUG] parse_socket_address_list: 
{unix}/var/run/setroubleshoot/setroubleshoot_server --> 
{unix}/var/run/setroubleshoot/setroubleshoot_server socket=None
2010-12-12 12:17:16,663 [communication.DEBUG] new_listening_socket: 
{unix}/var/run/setroubleshoot/setroubleshoot_server socket=None
2010-12-12 12:17:16,665 [server.INFO] creating system dbus: 
bus_name=org.fedoraproject.Setroubleshootd object_path=/org/fedoraproject/Setroubleshootd 
interface=org.fedoraproject.SetroubleshootdIface
2010-12-12 12:17:16,665 [server.DEBUG] dbus __init__ /org/fedoraproject/Setroubleshootd called
2010-12-12 12:17:26,665 [server.DEBUG] received signal=14
2010-12-12 12:17:26,666 [server.DEBUG] KeyboardInterrupt in RunFaultServer
2010-12-12 12:17:26,666 [database.DEBUG] writing database 
(/var/lib/setroubleshoot/audit_listener_database.xml) modified_count=0

I found similar messages from setruobleshootd in 
https://bugzilla.redhat.com/show_bug.cgi?id=511835

..but it's not the same problem I have no AVCs.

--
Jorge