cron/init leaking file descriptor?
Tom London
selinux at gmail.com
Tue Jan 4 16:30:55 UTC 2005
Running strict/enforcing, latest Rawhide.
Started getting these avcs today.
Jan 4 08:21:28 fedora kernel: audit(1104855688.541:0): avc: denied
{ use } for pid=5131 exe=/usr/sbin/sendmail.sendmail path=/null
dev=selinuxfs ino=254 scontext=system_u:system_r:system_mail_t
tcontext=system_u:system_r:init_t tclass=fd
Jan 4 08:22:21 fedora kernel: audit(1104855741.192:0): avc: denied
{ use } for pid=5286 exe=/usr/sbin/logrotate path=/null dev=selinuxfs
ino=254 scontext=system_u:system_r:logrotate_t
tcontext=system_u:system_r:init_t tclass=fd
My naive reading of this indicates that someone is
leaving a open file descriptor (to /selinux/null ?)
tom
--
Tom London
More information about the fedora-selinux-list
mailing list