FC19, AVC mailx

Miroslav Grepl mgrepl at redhat.com
Tue Sep 3 08:34:55 UTC 2013 

On 08/20/2013 04:43 PM, m.roth at 5-cent.us wrote:
> SELinux is preventing /usr/bin/mailx from ioctl access on the
> unix_stream_socket unix_stream_socket.
>
> *****  Plugin catchall (100. confidence) suggests
> ***************************
>
> If you believe that mailx should be allowed ioctl access on the
> unix_stream_socket unix_stream_socket by default.
> <snip>
>
> Additional Information:
> Source Context                system_u:system_r:system_mail_t:s0
> Target Context                system_u:system_r:init_t:s0
> Target Objects                unix_stream_socket [ unix_stream_socket ]
> Source                        mail
> Source Path                   /usr/bin/mailx
> Port                          <Unknown>
> <snip>
> Source RPM Packages           mailx-12.5-8.fc19.x86_64
> Target RPM Packages
> Policy RPM                    selinux-policy-3.12.1-69.fc19.noarch
> Selinux Enabled               True
> Policy Type                   targeted
> Enforcing Mode                Permissive
> <snip>
> Platform                      Linux <...> 3.10.4-300.fc19.x86_64 #1 SMP
> Tue Jul
>                                30 11:29:05 UTC 2013 x86_64 x86_64
> Alert Count                   53
> First Seen                    2013-07-31 09:17:16 EDT
> Last Seen                     2013-08-20 09:06:53 EDT
> Local ID                      c515e3ea-2126-47ac-9d89-5295777101e7
>
> Raw Audit Messages
> type=AVC msg=audit(1377004013.420:62309): avc:  denied  { ioctl } for
> pid=31047 comm="mail" path="socket:[12915]" dev="sockfs" ino=12915
> scontext=system_u:system_r:system_mail_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=unix_stream_socket
>
>
> type=SYSCALL msg=audit(1377004013.420:62309): arch=x86_64 syscall=ioctl
> success=no exit=ENOTTY a0=1 a1=5401 a2=7fff8006f380 a3=7fff8006f1d0
> items=0 ppid=31031 pid=31047 auid=4294967295 uid=0 gid=0 euid=0 suid=0
> fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=mail
> exe=/usr/bin/mailx subj=system_u:system_r:system_mail_t:s0 key=(null)
>
> Hash: mail,system_mail_t,init_t,unix_stream_socket,ioctl
>
>           mark "call me befuddled"
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
What processes are running as init_t?

# ps -eZ |grep init

More information about the selinux mailing list