iptables denied read to inotifyfs
Kristen
kristen at atmyhome.org
Wed Jan 2 23:19:23 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Jan 2, 2013, at 9:30 AM, Daniel J Walsh wrote:
>
> On 12/28/2012 01:10 AM, Kristen R wrote:
>>
>> I am finding after a reboot of my server these AVC denials:
>>
>> type=AVC msg=audit(1356666298.031:40): avc: denied { read } for
>> pid=2837
>> comm="iptables" path="inotify" dev=inotifyfs ino=337
>> scontext=system_u:system_r:iptables_t:s0
>> tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir
>>
>> Installed is: selinux-policy-2.4.6-327.el5
>>
>> on a CentOS 5.5 build with kernel 2.6.18-308.24.1.el5
>>
>> Should this be allowed?
>>
>> Kristen
>>
>
> Most likely a leak, and you could dontaudit it.
>
> http://danwalsh.livejournal.com/53603.html
>
If this is so, shall I report a Bug as Miroslav Grepl suggested?
Kristen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAlDkwHsACgkQF1wXlvLxlNh6dgCfVJF/7MxJyLEOY/aHj9Rn1xQW
mUkAn0QR97emYoz8Hhy1dyazD4ohWOl2
=l27Q
-----END PGP SIGNATURE-----
More information about the selinux
mailing list