libicudata.so.26.0, prelink, symbolic link, ...
Tom London
selinux at gmail.com
Fri Mar 25 21:39:53 UTC 2005
Running targeted/enforcing, latest rawhide.
Noticed the following AVC in log:
Mar 25 07:38:36 localhost kernel: audit(1111765116.214:0): avc:
denied { execmod } for pid=13994 comm=ld-linux.so.2
path=/usr/lib/openoffice.org1.9.87/program/libicudata.so.26.0 dev=dm-0
ino=164963 scontext=user_u:system_r:crond_t
tcontext=system_u:object_r:lib_t tclass=file
This appears to be generated by prelink run from cron.
Here are entries from prelink.log:
Prelinking /usr/lib/openoffice.org1.9.87/program/libicudata.so.26.0
/usr/sbin/prelink:
/usr/lib/openoffice.org1.9.87/program/libicudata.so.26.0 Could not
trace symbol resolving
/usr/sbin/prelink: Could not prelink
/usr/lib/openoffice.org1.9.87/program/libicuuc.so.26.0 because its
dependency /usr/lib/openoffice.org1.9.87/program/libicudata.so.26.0
could not be prelinked
/usr/sbin/prelink: Could not prelink
/usr/lib/openoffice.org1.9.87/program/libicule.so.26.0 because its
dependency /usr/lib/openoffice.org1.9.87/program/libicuuc.so.26.0
could not be prelinked
Prelinking /usr/lib/openoffice.org1.9.87/program/libjvmaccessgcc3.so.3
/usr/sbin/prelink: Could not prelink
/usr/lib/openoffice.org1.9.87/program/libvcl680li.so because its
dependency /usr/lib/openoffice.org1.9.87/program/libicuuc.so.26.0
could not be prelinked
<<<< etc. >>>
Interestingly, the AVC seems to be showing the the type of the link
instead of the type of the real file:
[root at tlondon program]# ls -lZ libicudata*
lrwxrwxrwx root root system_u:object_r:lib_t
libicudata.so -> libicudata.so.26.0
lrwxrwxrwx root root system_u:object_r:lib_t
libicudata.so.26 -> libicudata.so.26.0
-r--r--r-- root root system_u:object_r:shlib_t
libicudata.so.26.0
Any significance to this?
tom
--
Tom London
More information about the fedora-selinux-list
mailing list