[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: mailman, cron, /bin/sh (more on Re: restorecon vs. setfiles???)



On Fri, 2004-05-21 at 16:30, Tom London wrote:
> I did a FC2 install 'everything' and that seems to have turned on mailman
> cron entries. Unfortuneately, the one that runs /var/mailman/cron/gate_news
> (every 5 minutes!) fails and sends email to email with the report:

>     May 21 12:00:00 dell kernel: audit(1085166000.890:0): avc:  denied  
> { transition } for     pid=7796 exe=/usr/sbin/crond path=/bin/bash 
> dev=hdb3 ino=376840 scontext=system_u:system_r:crond_t 
> tcontext=user_u:sysadm_r:sysadm_t tclass=process

crond shouldn't be attempting to transition to sysadm_t for a cron job. 
getconlist user_u system_u:system_r:crond_t shows a default of
user_u:user_r:user_crond_t.

-- 
Stephen Smalley <sds epoch ncsc mil>
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]