SE Linux AVCs - Fwd: Re: /proc/$PID/environ and /proc/$PID/cmdline
Daniel J Walsh
dwalsh at redhat.com
Mon Sep 18 13:52:47 UTC 2006
>
> ---------- Forwarded Message ----------
>
> Subject: Re: /proc/$PID/environ and /proc/$PID/cmdline
> Date: Saturday 16 September 2006 18:16
> From: Dawid Gajownik <gajownik at gmail.com>
> To: Steve Grubb <sgrubb at redhat.com>
> Cc: fedora-test-list at redhat.com
>
> Dnia 09/16/2006 11:22 PM, Użytkownik Steve Grubb napisał:
>
>> Do you have AVC messages? We want 'em if you got 'em.
>>
>
> Sure :)
>
> audit(1158442856.531:129): avc: denied { getattr } for pid=2429
> comm="ls" name="413" dev=proc ino=27066370
> scontext=user_u:system_r:unconfined_t:s0
> tcontext=system_u:system_r:udev_t:s0-s0:c0.c255 tclass=dir
>
> (I had to load enableaudit.pp policy)
>
> Maybe my system is just broken. I see lots of this messages, too:
>
> audit(1158442534.947:59): avc: denied { search } for pid=1616
> comm="mcstransd" name="1745" dev=proc ino=114360322
> scontext=system_u:system_r:setrans_t:s0
> tcontext=system_u:system_r:crond_t:s0-s0:c0.c255 tclass=dir
>
> I did not have time lately to use my Rawhide installation and I had to
> apply today ~350MB of updates. These messages started to show up on my
> console screen just after updating selinux-policy-targeted to 2.3.13-5
> version. I'm not able to tell you whether there were problems during
> this update because console has limited history (SHIFT+PgUp) and yum
> does not log all information :/
>
> I did `touch /.autorelabel && reboot` but it did not resolve this issue.
>
> Full logs can be found here:
> http://gajownik.fedorapl.org/dmesg.txt
> http://gajownik.fedorapl.org/messages
>
> Hope that helps,
> Dawid
>
> --
>
> ^_*
>
> -------------------------------------------------------
>
Fixed in selinux-policy-2.3.14-3
More information about the test
mailing list