avc denied messages from system cron
Russell Coker
russell at coker.com.au
Mon Jun 14 10:20:17 UTC 2004
On Mon, 14 Jun 2004 16:01, Richard Hally <rhallyx at mindspring.com> wrote:
> Jun 13 22:01:00 new2 kernel: audit(1087178460.748:0): avc: denied {
> read } for pid=3306 exe=/bin/bash name=mtab dev=hda2 ino=869481
> scontext=system_u:system_r:crond_t
> tcontext=system_u:object_r:etc_runtime_t tclass=file
> Jun 13 22:01:00 new2 kernel: audit(1087178460.748:0): avc: denied {
> getattr }
> for pid=3306 exe=/bin/bash path=/proc/meminfo dev=proc ino=-268435454
> scontext=system_u:system_r:crond_t tcontext=system_u:object_r:proc_t
> tclass=file
> Jun 13 22:01:00 new2 kernel: audit(1087178460.792:0): avc: denied {
> getattr }
> for pid=3306 exe=/bin/bash path=/usr/bin/run-parts dev=hda2 ino=55784
> scontext=system_u:system_r:crond_t tcontext=system_u:object_r:bin_t
> tclass=file
Do any other cron jobs execute correctly?
I don't think that in the normal operation of the system there should be a
bash script launched in the crond_t domain which tries to run run-parts. I
think that your crond is acting as if it does not support SE Linux.
What version of libselinux do you have installed? Maybe there is a bug in
libselinux which made cron misbehave.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list