SELinux is preventing /bin/ps from search access...
Daniel J Walsh
dwalsh at redhat.com
Thu Sep 13 20:41:15 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/13/2012 03:24 PM, m.roth at 5-cent.us wrote:
> CentOS 6.3. *Just* updated, including most current selinux-policy and
> selinux-policy-targeted. I'm getting tons of these, as in it's just
> spitting them out when I tail -f /var/log/messages: Sep 13 15:20:51
> <server> setroubleshoot: SELinux is preventing /bin/ps from search access
> on the directory @2. For complete SELinux messages. run sealert -l
> d92ec78b-3897-4760-93c5-343a662fec67 Sep 13 15:20:51 <server>
> setroubleshoot: SELinux is preventing /bin/ps from getattr access on the
> directory /proc/<pid>. For complete SELinux messages. run sealert -l
> a9c9bf7d-d646-4c29-9fe6-ac61b6806f52 Sep 13 15:20:52 <server>
> setroubleshoot: SELinux is preventing /bin/ps from search access on the
> directory 4417. For complete SELinux messages. run sealert -l
> b321ab2d-0277-45c9-bc86-545f9ff6ff91
>
> You can see how many of them there are from the timestamps.
>
> Googling, I've seen other folks complain months ago, but no answers. Anyone
> have a clue?
>
> If selinux wasn't in permissive mode, something(s) would be dead.
>
> mark
>
>
> -- selinux mailing list selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
What are the AVC's you are seeing. What domain is running ps command.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlBSROsACgkQrlYvE4MpobPgJwCgj9YvESbbsGbVg0MoA5TTCTXD
XrYAoMX6uDgLvBakzD5joGz02ntR678E
=SXoS
-----END PGP SIGNATURE-----
More information about the selinux
mailing list