On 22/06/09 07:58, Paul Howarth wrote:
On Sun, 21 Jun 2009 01:49:01 +0530
Rahul Sundaram<sundaram@fedoraproject.org> wrote:
On 06/20/2009 04:41 PM, Daniel J Walsh wrote:
On 06/19/2009 05:54 AM, Rahul Sundaram wrote:
Is it continuing to happen or was this a one time occurrence. The
only code that I imagine opens and reads /selinux/mls is
libselinux and this opens it, reads the value and closes the file
in the same function call, so it can not leak.
It happens everytime I connect to a CDMA network via NetworkManager
and run vpnc.
Rahul
I've just had a very similar denial, when starting openvpn via
NetworkManager:
type=AVC msg=audit(1245653684.772:27): avc: denied { read } for
pid=5486 comm="openvpn" name="mls" dev=selinuxfs ino=12
scontext=system_u:system_r:openvpn_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=file type=SYSCALL
msg=audit(1245653684.772:27): arch=c000003e syscall=2 success=no
exit=-13 a0=7fff5652e270 a1=0 a2=7fff5652e27c a3=fffffff8 items=0
ppid=5475 pid=5486 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="openvpn"
exe="/usr/sbin/openvpn" subj=system_u:system_r:openvpn_t:s0
key=(null)
Didn't stop openvpn working.
Just got this one too, after running "rndc querylog" to turn on
named's query logging from a root shell.
type=AVC msg=audit(1245663191.793:115): avc: denied { read } for
pid=21774 comm="rndc" name="mls" dev=selinuxfs ino=12
scontext=unconfined_u:unconfined_r:ndc_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=file
type=SYSCALL msg=audit(1245663191.793:115): arch=c000003e syscall=2
success=no exit=-13 a0=7fffa1a717d0 a1=0 a2=7fffa1a717dc a3=fffffff8
items=0 ppid=14800 pid=21774 auid=500 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts4 ses=5 comm="rndc"
exe="/usr/sbin/rndc"
subj=unconfined_u:unconfined_r:ndc_t:s0-s0:c0.c1023 key=(null)