amrestore problem, still
Daniel J Walsh
dwalsh at redhat.com
Thu Jan 19 16:33:01 UTC 2006
Stephen Walton wrote:
> Hi,
>
> Running FC4 pretty much out of the box. If you look at
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168136, you'll
> see a bug I filed some time ago about conflicts with SELinux and
> amrecover. The last comment there says "Fixed in
> selinux-policy-*-1.27.1-2.1" which is true for that specific bug, but
> one still can't use amrecover because of some problem with the index
> server amindexd. I've attached the audit log below. The on disk copy
> of amindexd has context system_u:object_r:amanda_inetd_exec_t.
>
> Do I need to file another bug report on bugzilla?
>
> type=AVC msg=audit(1137440126.806:65011): avc: denied { read write }
> for pid=30860 comm="amindexd" name="[39498626]" dev=sockfs
> ino=39498626 scontext=system_u:system_r:amanda_t
> tcontext=system_u:system_r:inetd_t tclass=tcp_socket
> type=SYSCALL msg=audit(1137440126.806:65011): arch=40000003 syscall=11
> success=yes exit=0 a0=8a39640 a1=8a39ab8 a2=8a3ee88 a3=bfe6b964
> items=2 pid=30860 auid=4294967295 uid=33 gid=6 euid=33 suid=33
> fsuid=33 egid=6 sgid=6 fsgid=6 comm="amindexd"
> exe="/usr/lib/amanda/amindexd"
> type=AVC_PATH msg=audit(1137440126.806:65011): path="socket:[39498626]"
> type=CWD msg=audit(1137440126.806:65011): cwd="/"
> type=PATH msg=audit(1137440126.806:65011): item=0
> name="/usr/lib/amanda/amindexd" flags=101 inode=776533 dev=fd:03
> mode=0100755 ouid=33 ogid=6 rdev=00:00
> type=PATH msg=audit(1137440126.806:65011): item=1 flags=101
> inode=89458 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
> type=AVC msg=audit(1137440126.862:65012): avc: denied { getattr }
> for pid=30860 comm="amindexd" laddr=127.0.0.1 lport=10082
> faddr=127.0.0.1 fport=521 scontext=system_u:system_r:amanda_t
> tcontext=system_u:system_r:inetd_t tclass=tcp_socket
> type=SYSCALL msg=audit(1137440126.862:65012): arch=40000003
> syscall=102 success=yes exit=0 a0=7 a1=bf9f4110 a2=aea498 a3=0 items=0
> pid=30860 auid=4294967295 uid=33 gid=6 euid=33 suid=33 fsuid=33 egid=6
> sgid=6 fsgid=6 comm="amindexd" exe="/usr/lib/amanda/amindexd"
> type=SOCKETCALL msg=audit(1137440126.862:65012): nargs=3 a0=0
> a1=bf9f4254 a2=bf9f4268
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
These error messages do not make any sense. These indicate you have a
port labeled inetd_t? I think there was something wrong with your
machine? Do you still see these errors after a reboot?
Dan
More information about the fedora-selinux-list
mailing list