Sosreport Fedora 19

Daniel J Walsh dwalsh at redhat.com
Mon Aug 19 10:33:55 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/18/2013 12:45 AM, David Highley wrote:
> Lots of avc for sosreport in Fedora 19.
> 
> type=SYSCALL msg=audit(1376177902.497:110): arch=c000003e syscall=16 
> success=no exit=-65 a0=3 a1=8940 a2=7fff72ed5bf0 a3=7fff72ed59a0 items=0 
> ppid=3710 pid=3736 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
> sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="brctl" exe="/usr/sbin/brctl"
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376177902.497:110): avc:  denied  { module_request } for
> pid=3736 comm="brctl" kmod="bridge" 
> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:system_r:kernel_t:s0 tclass=system type=SYSCALL
> msg=audit(1376177902.968:111): arch=c000003e syscall=6 success=no exit=-13
> a0=7fff425f9af0 a1=1dcd140 a2=1dcd140 a3=fffff800 items=0 ppid=3710
> pid=3764 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
> fsgid=0 ses=4294967295 tty=(none) comm="ls" exe="/usr/bin/ls"
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376177902.968:111): avc:  denied  { getattr } for pid=3764
> comm="ls" path="/dev/initctl" dev="devtmpfs" ino=8906 
> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:object_r:initctl_t:s0 tclass=fifo_file type=SYSCALL
> msg=audit(1376177902.980:112): arch=c000003e syscall=6 success=no exit=-13
> a0=7fff425f9af0 a1=1ddbb30 a2=1ddbb30 a3=fffffff8 items=0 ppid=3710
> pid=3764 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
> fsgid=0 ses=4294967295 tty=(none) comm="ls" exe="/usr/bin/ls"
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376177902.980:112): avc:  denied  { getattr } for pid=3764 
> comm="ls" path="/dev/pts/ptmx" dev="devpts" ino=2 
> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:object_r:devpts_t:s0 tclass=chr_file type=SYSCALL
> msg=audit(1376177903.375:113): arch=c000003e syscall=4 success=no exit=-13
> a0=2051cb0 a1=7fff82adf0c0 a2=7fff82adf0c0 a3=0 items=0 ppid=3710 pid=3772
> auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
> ses=4294967295 tty=(none) comm="df" exe="/usr/bin/df"
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376177903.375:113): avc:  denied  { getattr } for pid=3772
> comm="df" path="/sys/fs/pstore" dev="pstore" ino=9238 
> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:object_r:pstorefs_t:s0 tclass=dir type=SYSCALL
> msg=audit(1376177903.408:114): arch=c000003e syscall=4 success=no exit=-13
> a0=2052470 a1=7fff82adf0c0 a2=7fff82adf0c0 a3=0 items=0 ppid=3710 pid=3772
> auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
> ses=4294967295 tty=(none) comm="df" exe="/usr/bin/df"
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376177903.408:114): avc:  denied  { getattr } for pid=3772
> comm="df" path="/sys/kernel/config" dev="configfs" ino=15409 
> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:object_r:configfs_t:s0 tclass=dir type=SYSCALL
> msg=audit(1376177904.575:115): arch=c000003e syscall=41 success=no exit=-13
> a0=10 a1=80803 a2=f a3=d2be50 items=0 ppid=3710 pid=3803 auid=4294967295
> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295
> tty=(none) comm="lsusb" exe="/usr/bin/lsusb" 
> subj=system_u:system_r:sosreport_t:s0-s0:c 0.c1023 key=(null) type=AVC
> msg=audit(1376177904.575:115): avc:  denied  { create } for pid=3803
> comm="lsusb" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tclass=netlink_kobject_uevent_socket type=SYSCALL
> msg=audit(1376177904.650:116): arch=c000003e syscall=41 success=no exit=-13
> a0=10 a1=80803 a2=f a3=1697e50 items=0 ppid=3710 pid=3804 auid=4294967295
> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295
> tty=(none) comm="lsusb" exe="/usr/bin/lsusb" 
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376177904.650:116): avc:  denied  { create } for pid=3804
> comm="lsusb" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tclass=netlink_kobject_uevent_socket type=SYSCALL
> msg=audit(1376180405.316:271): arch=c000003e syscall=41 success=no exit=-13
> a0=2 a1=3 a2=ff a3=7fffde20a870 items=0 ppid=3710 pid=6315 auid=4294967295
> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295
> tty=(none) comm="iptables" exe="/usr/sbin/xtables-multi" 
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376180405.316:271): avc:  denied  { create } for pid=6315
> comm="iptables" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 tclass=rawip_socket 
> type=SYSCALL msg=audit(1376180405.317:272): arch=c000003e syscall=41 
> success=no exit=-13 a0=2 a1=3 a2=ff a3=7fffde20a810 items=0 ppid=3710 
> pid=6315 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
> fsgid=0 ses=4294967295 tty=( none) comm="iptables"
> exe="/usr/sbin/xtables-multi" 
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376180405.317:272): avc:  denied  { create } for pid=6315
> comm="iptables" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 tclass=rawip_socket 
> type=SYSCALL msg=audit(1376180405.323:273): arch=c000003e syscall=41 
> success=no exit=-13 a0=2 a1=3 a2=ff a3=7fffec93d130 items=0 ppid=3710 
> pid=6316 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
> fsgid=0 ses=4294967295 tty=(none) comm="iptables" 
> exe="/usr/sbin/xtables-multi" 
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376180405.323:273): avc:  denied  { create } for pid=6316
> comm="iptables" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 tclass=rawip_socket 
> type=SYSCALL msg=audit(1376180405.323:274): arch=c000003e syscall=41 
> success=no exit=-13 a0=2 a1=3 a2=ff a3=7fffec93d0d0 items=0 ppid=3710 
> pid=6316 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
> fsgid=0 ses=4294967295 tty=(none) comm="iptables" 
> exe="/usr/sbin/xtables-multi" 
> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
> msg=audit(1376180405.323:274): avc:  denied  { create } for pid=6316
> comm="iptables" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 
> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 tclass=rawip_socket 
> type=SYSCALL msg=audit(1376180405.697:281): arch=c000003e syscall=89 
> success=no exit=-13 a0=7fffa26e89e0 a1=7fffa26e87c0 a2=1d a3=3 items=0 
> ppid=3710 pid=6324 a -- selinux mailing list 
> selinux at lists.fedoraproject.org 
> https://admin.fedoraproject.org/mailman/listinfo/selinux
> 
> 
Please open a bugzilla.  I have checked in fixes for this into git, but need
bugzilla for back port.

Fixed in git
3f7534cb0eaec96d7d8b69a4e91c078a9f52634d
0ee08f51c6ddd43646c3fc12fd85aea82298c253

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlIR9JMACgkQrlYvE4MpobMwagCgyJmnkju8ustiB2jfkY0N6B5e
9YoAn2SLYJI2SX2KgpdRT+7Hpbstgax4
=dCN6
-----END PGP SIGNATURE-----

More information about the selinux mailing list