Sosreport Fedora 19

Miroslav Grepl mgrepl at redhat.com
Tue Sep 3 08:43:56 UTC 2013 

On 08/19/2013 12:33 PM, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 08/18/2013 12:45 AM, David Highley wrote:
>> Lots of avc for sosreport in Fedora 19.
>>
>> type=SYSCALL msg=audit(1376177902.497:110): arch=c000003e syscall=16
>> success=no exit=-65 a0=3 a1=8940 a2=7fff72ed5bf0 a3=7fff72ed59a0 items=0
>> ppid=3710 pid=3736 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
>> sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="brctl" exe="/usr/sbin/brctl"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376177902.497:110): avc:  denied  { module_request } for
>> pid=3736 comm="brctl" kmod="bridge"
>> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:system_r:kernel_t:s0 tclass=system type=SYSCALL
>> msg=audit(1376177902.968:111): arch=c000003e syscall=6 success=no exit=-13
>> a0=7fff425f9af0 a1=1dcd140 a2=1dcd140 a3=fffff800 items=0 ppid=3710
>> pid=3764 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
>> fsgid=0 ses=4294967295 tty=(none) comm="ls" exe="/usr/bin/ls"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376177902.968:111): avc:  denied  { getattr } for pid=3764
>> comm="ls" path="/dev/initctl" dev="devtmpfs" ino=8906
>> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:object_r:initctl_t:s0 tclass=fifo_file type=SYSCALL
>> msg=audit(1376177902.980:112): arch=c000003e syscall=6 success=no exit=-13
>> a0=7fff425f9af0 a1=1ddbb30 a2=1ddbb30 a3=fffffff8 items=0 ppid=3710
>> pid=3764 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
>> fsgid=0 ses=4294967295 tty=(none) comm="ls" exe="/usr/bin/ls"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376177902.980:112): avc:  denied  { getattr } for pid=3764
>> comm="ls" path="/dev/pts/ptmx" dev="devpts" ino=2
>> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:object_r:devpts_t:s0 tclass=chr_file type=SYSCALL
>> msg=audit(1376177903.375:113): arch=c000003e syscall=4 success=no exit=-13
>> a0=2051cb0 a1=7fff82adf0c0 a2=7fff82adf0c0 a3=0 items=0 ppid=3710 pid=3772
>> auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
>> ses=4294967295 tty=(none) comm="df" exe="/usr/bin/df"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376177903.375:113): avc:  denied  { getattr } for pid=3772
>> comm="df" path="/sys/fs/pstore" dev="pstore" ino=9238
>> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:object_r:pstorefs_t:s0 tclass=dir type=SYSCALL
>> msg=audit(1376177903.408:114): arch=c000003e syscall=4 success=no exit=-13
>> a0=2052470 a1=7fff82adf0c0 a2=7fff82adf0c0 a3=0 items=0 ppid=3710 pid=3772
>> auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
>> ses=4294967295 tty=(none) comm="df" exe="/usr/bin/df"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376177903.408:114): avc:  denied  { getattr } for pid=3772
>> comm="df" path="/sys/kernel/config" dev="configfs" ino=15409
>> scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:object_r:configfs_t:s0 tclass=dir type=SYSCALL
>> msg=audit(1376177904.575:115): arch=c000003e syscall=41 success=no exit=-13
>> a0=10 a1=80803 a2=f a3=d2be50 items=0 ppid=3710 pid=3803 auid=4294967295
>> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295
>> tty=(none) comm="lsusb" exe="/usr/bin/lsusb"
>> subj=system_u:system_r:sosreport_t:s0-s0:c 0.c1023 key=(null) type=AVC
>> msg=audit(1376177904.575:115): avc:  denied  { create } for pid=3803
>> comm="lsusb" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tclass=netlink_kobject_uevent_socket type=SYSCALL
>> msg=audit(1376177904.650:116): arch=c000003e syscall=41 success=no exit=-13
>> a0=10 a1=80803 a2=f a3=1697e50 items=0 ppid=3710 pid=3804 auid=4294967295
>> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295
>> tty=(none) comm="lsusb" exe="/usr/bin/lsusb"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376177904.650:116): avc:  denied  { create } for pid=3804
>> comm="lsusb" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tclass=netlink_kobject_uevent_socket type=SYSCALL
>> msg=audit(1376180405.316:271): arch=c000003e syscall=41 success=no exit=-13
>> a0=2 a1=3 a2=ff a3=7fffde20a870 items=0 ppid=3710 pid=6315 auid=4294967295
>> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295
>> tty=(none) comm="iptables" exe="/usr/sbin/xtables-multi"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376180405.316:271): avc:  denied  { create } for pid=6315
>> comm="iptables" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 tclass=rawip_socket
>> type=SYSCALL msg=audit(1376180405.317:272): arch=c000003e syscall=41
>> success=no exit=-13 a0=2 a1=3 a2=ff a3=7fffde20a810 items=0 ppid=3710
>> pid=6315 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
>> fsgid=0 ses=4294967295 tty=( none) comm="iptables"
>> exe="/usr/sbin/xtables-multi"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376180405.317:272): avc:  denied  { create } for pid=6315
>> comm="iptables" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 tclass=rawip_socket
>> type=SYSCALL msg=audit(1376180405.323:273): arch=c000003e syscall=41
>> success=no exit=-13 a0=2 a1=3 a2=ff a3=7fffec93d130 items=0 ppid=3710
>> pid=6316 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
>> fsgid=0 ses=4294967295 tty=(none) comm="iptables"
>> exe="/usr/sbin/xtables-multi"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376180405.323:273): avc:  denied  { create } for pid=6316
>> comm="iptables" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 tclass=rawip_socket
>> type=SYSCALL msg=audit(1376180405.323:274): arch=c000003e syscall=41
>> success=no exit=-13 a0=2 a1=3 a2=ff a3=7fffec93d0d0 items=0 ppid=3710
>> pid=6316 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
>> fsgid=0 ses=4294967295 tty=(none) comm="iptables"
>> exe="/usr/sbin/xtables-multi"
>> subj=system_u:system_r:sosreport_t:s0-s0:c0.c1023 key=(null) type=AVC
>> msg=audit(1376180405.323:274): avc:  denied  { create } for pid=6316
>> comm="iptables" scontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023
>> tcontext=system_u:system_r:sosreport_t:s0-s0:c0.c1023 tclass=rawip_socket
>> type=SYSCALL msg=audit(1376180405.697:281): arch=c000003e syscall=89
>> success=no exit=-13 a0=7fffa26e89e0 a1=7fffa26e87c0 a2=1d a3=3 items=0
>> ppid=3710 pid=6324 a -- selinux mailing list
>> selinux at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>>
> Please open a bugzilla.  I have checked in fixes for this into git, but need
> bugzilla for back port.
>
> Fixed in git
> 3f7534cb0eaec96d7d8b69a4e91c078a9f52634d
> 0ee08f51c6ddd43646c3fc12fd85aea82298c253
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.14 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlIR9JMACgkQrlYvE4MpobMwagCgyJmnkju8ustiB2jfkY0N6B5e
> 9YoAn2SLYJI2SX2KgpdRT+7Hpbstgax4
> =dCN6
> -----END PGP SIGNATURE-----
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Yes, the bugzilla is a better way in this case.

But back ported.

More information about the selinux mailing list