amrestore problem, still

Stephen Walton stephen.walton at csun.edu
Mon Jan 16 19:40:29 UTC 2006 

Hi,

Running FC4 pretty much out of the box.  If you look at 
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168136, you'll see 
a bug I filed some time ago about conflicts with SELinux and amrecover.  
The last comment there says "Fixed in selinux-policy-*-1.27.1-2.1" which 
is true for that specific bug, but one still can't use amrecover because 
of some problem with the index server amindexd.  I've attached the audit 
log below.  The on disk copy of amindexd has context 
system_u:object_r:amanda_inetd_exec_t.

Do I need to file another bug report on bugzilla?

type=AVC msg=audit(1137440126.806:65011): avc:  denied  { read write } 
for  pid=30860 comm="amindexd" name="[39498626]" dev=sockfs ino=39498626 
scontext=system_u:system_r:amanda_t tcontext=system_u:system_r:inetd_t 
tclass=tcp_socket
type=SYSCALL msg=audit(1137440126.806:65011): arch=40000003 syscall=11 
success=yes exit=0 a0=8a39640 a1=8a39ab8 a2=8a3ee88 a3=bfe6b964 items=2 
pid=30860 auid=4294967295 uid=33 gid=6 euid=33 suid=33 fsuid=33 egid=6 
sgid=6 fsgid=6 comm="amindexd" exe="/usr/lib/amanda/amindexd"
type=AVC_PATH msg=audit(1137440126.806:65011):  path="socket:[39498626]"
type=CWD msg=audit(1137440126.806:65011):  cwd="/"
type=PATH msg=audit(1137440126.806:65011): item=0 
name="/usr/lib/amanda/amindexd" flags=101  inode=776533 dev=fd:03 
mode=0100755 ouid=33 ogid=6 rdev=00:00
type=PATH msg=audit(1137440126.806:65011): item=1 flags=101  inode=89458 
dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1137440126.862:65012): avc:  denied  { getattr } for  
pid=30860 comm="amindexd" laddr=127.0.0.1 lport=10082 faddr=127.0.0.1 
fport=521 scontext=system_u:system_r:amanda_t 
tcontext=system_u:system_r:inetd_t tclass=tcp_socket
type=SYSCALL msg=audit(1137440126.862:65012): arch=40000003 syscall=102 
success=yes exit=0 a0=7 a1=bf9f4110 a2=aea498 a3=0 items=0 pid=30860 
auid=4294967295 uid=33 gid=6 euid=33 suid=33 fsuid=33 egid=6 sgid=6 
fsgid=6 comm="amindexd" exe="/usr/lib/amanda/amindexd"
type=SOCKETCALL msg=audit(1137440126.862:65012): nargs=3 a0=0 
a1=bf9f4254 a2=bf9f4268

More information about the fedora-selinux-list mailing list