On Fri, Apr 09, 2010 at 08:13:41AM +0100, Arthur Dent wrote:
Hi Dominick,
Still not quite there yet...
(Apologies if there are duplicates here):
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270762877.688:48174): avc: denied { signal } for
pid=14587 comm="httpd" scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:system_r:mlogc_t:s0 tclass=process
node=troodos.org.uk type=SYSCALL msg=audit(1270762877.688:48174): arch=40000003
syscall=37 success=yes exit=0 a0=ffffc705 a1=f a2=2b9ff4 a3=1 items=0 ppid=1 pid=14587
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270762931.148:48179): avc: denied { getattr } for
pid=15736 comm="mlogc" path="/etc/passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=SYSCALL msg=audit(1270762931.148:48179): arch=40000003
syscall=195 success=yes exit=0 a0=8c43fe a1=b64133dc a2=d1eff4 a3=3 items=0 ppid=15707
pid=15736 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270762931.150:48180): avc: denied { read } for
pid=15736 comm="mlogc" name="passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=AVC msg=audit(1270762931.150:48180): avc: denied { open } for
pid=15736 comm="mlogc" name="passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=SYSCALL msg=audit(1270762931.150:48180): arch=40000003 syscall=5
success=yes exit=8 a0=8c43fe a1=0 a2=1b6 a3=8d15aa items=0 ppid=15707 pid=15736
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270762931.150:48180): avc: denied { read } for
pid=15736 comm="mlogc" name="passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=AVC msg=audit(1270762931.150:48180): avc: denied { open } for
pid=15736 comm="mlogc" name="passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=SYSCALL msg=audit(1270762931.150:48180): arch=40000003 syscall=5
success=yes exit=8 a0=8c43fe a1=0 a2=1b6 a3=8d15aa items=0 ppid=15707 pid=15736
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270762931.153:48181): avc: denied { read } for
pid=15736 comm="mlogc" name="tmp" dev=sda5 ino=820801
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
node=troodos.org.uk type=AVC msg=audit(1270762931.153:48181): avc: denied { open } for
pid=15736 comm="mlogc" name="tmp" dev=sda5 ino=820801
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
node=troodos.org.uk type=SYSCALL msg=audit(1270762931.153:48181): arch=40000003 syscall=5
success=yes exit=8 a0=8c4437 a1=0 a2=1b6 a3=8d15aa items=0 ppid=15707 pid=15736
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270762931.153:48181): avc: denied { read } for
pid=15736 comm="mlogc" name="tmp" dev=sda5 ino=820801
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
node=troodos.org.uk type=AVC msg=audit(1270762931.153:48181): avc: denied { open } for
pid=15736 comm="mlogc" name="tmp" dev=sda5 ino=820801
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
node=troodos.org.uk type=SYSCALL msg=audit(1270762931.153:48181): arch=40000003 syscall=5
success=yes exit=8 a0=8c4437 a1=0 a2=1b6 a3=8d15aa items=0 ppid=15707 pid=15736
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270763183.873:48186): avc: denied { signal } for
pid=15707 comm="httpd" scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:system_r:mlogc_t:s0 tclass=process
node=troodos.org.uk type=SYSCALL msg=audit(1270763183.873:48186): arch=40000003
syscall=37 success=yes exit=0 a0=ffffc2a5 a1=f a2=7ddff4 a3=1 items=0 ppid=1 pid=15707
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270763457.339:48197): avc: denied { signal } for
pid=15806 comm="httpd" scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:system_r:mlogc_t:s0 tclass=process
node=troodos.org.uk type=SYSCALL msg=audit(1270763457.339:48197): arch=40000003
syscall=37 success=yes exit=0 a0=ffffc242 a1=f a2=5bdff4 a3=1 items=0 ppid=1 pid=15806
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270763495.89:48202): avc: denied { getattr } for
pid=15903 comm="mlogc" path="/etc/passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=SYSCALL msg=audit(1270763495.89:48202): arch=40000003
syscall=195 success=yes exit=0 a0=aee3fe a1=b63bb3dc a2=27bff4 a3=3 items=0 ppid=15881
pid=15903 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270763495.104:48203): avc: denied { read } for
pid=15903 comm="mlogc" name="passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=AVC msg=audit(1270763495.104:48203): avc: denied { open } for
pid=15903 comm="mlogc" name="passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=SYSCALL msg=audit(1270763495.104:48203): arch=40000003 syscall=5
success=yes exit=8 a0=aee3fe a1=0 a2=1b6 a3=afb5aa items=0 ppid=15881 pid=15903
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270763495.104:48203): avc: denied { read } for
pid=15903 comm="mlogc" name="passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=AVC msg=audit(1270763495.104:48203): avc: denied { open } for
pid=15903 comm="mlogc" name="passwd" dev=sda5 ino=1233517
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
node=troodos.org.uk type=SYSCALL msg=audit(1270763495.104:48203): arch=40000003 syscall=5
success=yes exit=8 a0=aee3fe a1=0 a2=1b6 a3=afb5aa items=0 ppid=15881 pid=15903
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270763495.107:48204): avc: denied { read } for
pid=15903 comm="mlogc" name="tmp" dev=sda5 ino=820801
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
node=troodos.org.uk type=AVC msg=audit(1270763495.107:48204): avc: denied { open } for
pid=15903 comm="mlogc" name="tmp" dev=sda5 ino=820801
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
node=troodos.org.uk type=SYSCALL msg=audit(1270763495.107:48204): arch=40000003 syscall=5
success=yes exit=8 a0=aee437 a1=0 a2=1b6 a3=afb5aa items=0 ppid=15881 pid=15903
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270763495.107:48204): avc: denied { read } for
pid=15903 comm="mlogc" name="tmp" dev=sda5 ino=820801
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
node=troodos.org.uk type=AVC msg=audit(1270763495.107:48204): avc: denied { open } for
pid=15903 comm="mlogc" name="tmp" dev=sda5 ino=820801
scontext=unconfined_u:system_r:mlogc_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
node=troodos.org.uk type=SYSCALL msg=audit(1270763495.107:48204): arch=40000003 syscall=5
success=yes exit=8 a0=aee437 a1=0 a2=1b6 a3=afb5aa items=0 ppid=15881 pid=15903
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="mlogc" exe="/usr/bin/mlogc"
subj=unconfined_u:system_r:mlogc_t:s0 key=(null)
Raw Audit Messages :
node=troodos.org.uk type=AVC msg=audit(1270780538.4:48826): avc: denied { signal } for
pid=24426 comm="httpd" scontext=system_u:system_r:httpd_t:s0-s0:c0.c1023
tcontext=system_u:system_r:mlogc_t:s0-s0:c0.c1023 tclass=process
node=troodos.org.uk type=SYSCALL msg=audit(1270780538.4:48826): arch=40000003 syscall=37
success=yes exit=0 a0=5f6c a1=f a2=3851e4 a3=13ea018 items=0 ppid=24425 pid=24426 auid=0
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3072
comm="httpd" exe="/usr/sbin/httpd"
subj=system_u:system_r:httpd_t:s0-s0:c0.c1023 key=(null)
# cat avcs | audit2allow -R
require {
type httpd_t;
type mlogc_t;
class process signal;
}
#============= httpd_t ==============
allow httpd_t mlogc_t:process signal;
This should have been allowed when we created mlogc_signal() in mlogc.if, and called
mlogc_signal(httpd_t) in myapache.te as i suggested in my previous message.
Make sure that after you 've added this policy, that you rebuild and reinstall both
myapache and mlogc modules:
make -f /usr/share/selinux/devel/Makefile
sudo semodule -i *.pp
#============= mlogc_t ==============
files_list_tmp(mlogc_t)
Above can be added.
files_rw_etc_files(mlogc_t)
This is a bug in audit2allow -R: mlogc_t want to read /etc/passwd.
Add the following to your mlogc.te to allow it:
files_read_etc_files(mlogc_t)
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux