How do I figure out on what file dac_override is attempted?
Daniel J Walsh
dwalsh at redhat.com
Mon Jan 18 21:40:33 UTC 2010
On 01/18/2010 04:05 PM, Göran Uddeborg wrote:
> Here is another strange AVC I'm trying to understand.
>
> SETroubleshoot on one of my machines is telling me that
>
> SELinux is preventing plymouthd (plymouthd_t) "dac_override" plymouthd_t.
>
> The full message is attached.
>
> If I have understood this correctly, this means that plymouthd was
> trying to read a file as root. But the regular permissions bits of
> the file would not allow that. (Right?)
>
> I assume there is some file with wrong permission bits, which causes
> this to happen. But I can't find any indication WHAT file it was.
> Looking at the message, it seems to me it was trying a dac_override on
> itself.
>
> Is there a way to know what file was involved?
>
>
>
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Is this a case were we could instument the kernel to give us more information. Like a path? This avc indicates plymouth tried to open something that root is not allowed to access. But we have no way to discover from the error what plymouth was trying to open.
More information about the selinux
mailing list