more setroubleshoot troubles ;)

Tom London selinux at gmail.com
Thu Jan 4 20:46:15 UTC 2007 

Running latest rawhide, targeted enforcing.

Installing latest python-libs (fixes execstack issue in _ctypes.so)
other packages, and rebooting, I get the following AVCs:

type=AVC msg=audit(1167943082.579:7): avc:  denied  { execute } for
pid=2331 comm="sh" name="ldconfig" dev=dm-0 ino=11337788
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.579:7): arch=40000003 syscall=11
success=no exit=-13 a0=91d4dd8 a1=91d4e58 a2=91d4330 a3=0 items=0
ppid=2330 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1167943082.646:8): avc:  denied  { getattr } for
pid=2331 comm="sh" name="ldconfig" dev=dm-0 ino=11337788
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.646:8): arch=40000003 syscall=195
success=no exit=-13 a0=91d4dd8 a1=bfcbee10 a2=47818ff4 a3=0 items=0
ppid=2330 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC_PATH msg=audit(1167943082.646:8):  path="/sbin/ldconfig"
type=AVC msg=audit(1167943082.647:9): avc:  denied  { getattr } for
pid=2331 comm="sh" name="ldconfig" dev=dm-0 ino=11337788
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.647:9): arch=40000003 syscall=195
success=no exit=-13 a0=91d4dd8 a1=bfcbed30 a2=47818ff4 a3=91d4dd8
items=0 ppid=2330 pid=2331 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC_PATH msg=audit(1167943082.647:9):  path="/sbin/ldconfig"
type=AVC msg=audit(1167943082.756:10): avc:  denied  {
execute_no_trans } for  pid=2340 comm="ldd" name="ld-2.5.90.so"
dev=dm-0 ino=7209012 scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.756:10): arch=40000003 syscall=11
success=no exit=-13 a0=8196308 a1=8196988 a2=819cd48 a3=40 items=0
ppid=2339 pid=2340 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="ldd" exe="/bin/bash"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC_PATH msg=audit(1167943082.756:10):  path="/lib/ld-2.5.90.so"
type=AVC msg=audit(1167943082.758:11): avc:  denied  { write } for
pid=2253 comm="setroubleshootd" name="tmp" dev=dm-0 ino=2686977
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:tmp_t:s0 tclass=dir
type=SYSCALL msg=audit(1167943082.758:11): arch=40000003 syscall=5
success=no exit=-13 a0=88b4970 a1=280c2 a2=180 a3=280c2 items=0 ppid=1
pid=2253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1167943082.759:12): avc:  denied  { write } for
pid=2253 comm="setroubleshootd" name="tmp" dev=dm-0 ino=65540
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:tmp_t:s0 tclass=dir
type=SYSCALL msg=audit(1167943082.759:12): arch=40000003 syscall=5
success=no exit=-13 a0=8921b50 a1=280c2 a2=180 a3=280c2 items=0 ppid=1
pid=2253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1167943082.759:13): avc:  denied  { write } for
pid=2253 comm="setroubleshootd" name="tmp" dev=dm-0 ino=65540
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:tmp_t:s0 tclass=dir
type=SYSCALL msg=audit(1167943082.759:13): arch=40000003 syscall=5
success=no exit=-13 a0=8921b50 a1=280c2 a2=180 a3=280c2 items=0 ppid=1
pid=2253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1167943082.760:14): avc:  denied  { unlink } for
pid=2253 comm="setroubleshootd" name="Yp9cip" dev=dm-0 ino=164238
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:root_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.760:14): arch=40000003 syscall=10
success=no exit=-13 a0=88c80c0 a1=1 a2=ae50b4 a3=874f1b0 items=0
ppid=1 pid=2253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd"
exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0
key=(null)
type=AVC msg=audit(1167943082.765:15): avc:  denied  { execute } for
pid=2342 comm="sh" name="ldconfig" dev=dm-0 ino=11337788
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.765:15): arch=40000003 syscall=11
success=no exit=-13 a0=8bd4dd8 a1=8bd4e58 a2=8bd4330 a3=0 items=0
ppid=2341 pid=2342 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1167943082.765:16): avc:  denied  { getattr } for
pid=2342 comm="sh" name="ldconfig" dev=dm-0 ino=11337788
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.765:16): arch=40000003 syscall=195
success=no exit=-13 a0=8bd4dd8 a1=bfa425c0 a2=47818ff4 a3=0 items=0
ppid=2341 pid=2342 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC_PATH msg=audit(1167943082.765:16):  path="/sbin/ldconfig"
type=AVC msg=audit(1167943082.766:17): avc:  denied  { getattr } for
pid=2342 comm="sh" name="ldconfig" dev=dm-0 ino=11337788
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.766:17): arch=40000003 syscall=195
success=no exit=-13 a0=8bd4dd8 a1=bfa424e0 a2=47818ff4 a3=8bd4dd8
items=0 ppid=2341 pid=2342 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="sh" exe="/bin/bash"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC_PATH msg=audit(1167943082.766:17):  path="/sbin/ldconfig"
type=AVC msg=audit(1167943082.782:18): avc:  denied  {
execute_no_trans } for  pid=2345 comm="ldd" name="ld-2.5.90.so"
dev=dm-0 ino=7209012 scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.782:18): arch=40000003 syscall=11
success=no exit=-13 a0=84f4308 a1=84f4988 a2=84fad48 a3=40 items=0
ppid=2344 pid=2345 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="ldd" exe="/bin/bash"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC_PATH msg=audit(1167943082.782:18):  path="/lib/ld-2.5.90.so"
type=AVC msg=audit(1167943082.784:19): avc:  denied  { write } for
pid=2253 comm="setroubleshootd" name="tmp" dev=dm-0 ino=2686977
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:tmp_t:s0 tclass=dir
type=SYSCALL msg=audit(1167943082.784:19): arch=40000003 syscall=5
success=no exit=-13 a0=88c9600 a1=280c2 a2=180 a3=280c2 items=0 ppid=1
pid=2253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1167943082.785:20): avc:  denied  { write } for
pid=2253 comm="setroubleshootd" name="tmp" dev=dm-0 ino=65540
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:tmp_t:s0 tclass=dir
type=SYSCALL msg=audit(1167943082.785:20): arch=40000003 syscall=5
success=no exit=-13 a0=8921b50 a1=280c2 a2=180 a3=280c2 items=0 ppid=1
pid=2253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1167943082.786:21): avc:  denied  { write } for
pid=2253 comm="setroubleshootd" name="tmp" dev=dm-0 ino=65540
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:tmp_t:s0 tclass=dir
type=SYSCALL msg=audit(1167943082.786:21): arch=40000003 syscall=5
success=no exit=-13 a0=8921b50 a1=280c2 a2=180 a3=280c2 items=0 ppid=1
pid=2253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC msg=audit(1167943082.787:22): avc:  denied  { unlink } for
pid=2253 comm="setroubleshootd" name="PRdzmq" dev=dm-0 ino=164259
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:root_t:s0 tclass=file
type=SYSCALL msg=audit(1167943082.787:22): arch=40000003 syscall=10
success=no exit=-13 a0=88d22a0 a1=1 a2=ae50b4 a3=874f1b0 items=0
ppid=1 pid=2253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd"
exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0
key=(null)

tom
-- 
Tom London

More information about the fedora-selinux-list mailing list