SELinux is preventing sh from getattr access on the file /usr/sbin/ldconfig.
Daniel J Walsh
dwalsh at redhat.com
Tue Jun 30 11:31:44 UTC 2015
On 06/29/2015 01:45 PM, Andras Simon wrote:
> [Sorry for the late answer, I was away from this machine.]
>
> 2015-06-28 1:01 GMT+02:00, Ed Greshko <ed.greshko at greshko.com>:
>> On 06/27/15 21:15, Andras Simon wrote:
>>> 2015-06-27 15:11 GMT+02:00, Andras Simon <szajmi at gmail.com>:
>>>> Should I be worried about the $subject?
>>> And there's also a "SELinux is preventing sh from execute access on
>>> the file /usr/sbin/ldconfig" which I've only just noticed. It sounds
>>> even scarier.
>>>
>> Does your output match these?
>>
>> [egreshko at meimei ~]$ ls -Z /bin/bash
>> system_u:object_r:shell_exec_t:s0 /bin/bash
>>
>> [egreshko at meimei ~]$ ls -Z /usr/sbin/ldconfig
>> system_u:object_r:ldconfig_exec_t:s0 /usr/sbin/ldconfig
> Yes, I get the same result.
>
> Andras
Everything seems correct.
But the AVC's indicate that firewalld was attempting to runldconfig...
Which I believe should not happen normally. The transactions at the
time of yum/rpm indicate
that the transaction or at least the post install sections were being
run as firewalld_t.
More information about the users
mailing list