amrestore problem, still

Daniel J Walsh dwalsh at redhat.com
Thu Jan 19 16:33:01 UTC 2006


Stephen Walton wrote:
> Hi,
>
> Running FC4 pretty much out of the box.  If you look at 
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168136, you'll 
> see a bug I filed some time ago about conflicts with SELinux and 
> amrecover.  The last comment there says "Fixed in 
> selinux-policy-*-1.27.1-2.1" which is true for that specific bug, but 
> one still can't use amrecover because of some problem with the index 
> server amindexd.  I've attached the audit log below.  The on disk copy 
> of amindexd has context system_u:object_r:amanda_inetd_exec_t.
>
> Do I need to file another bug report on bugzilla?
>
> type=AVC msg=audit(1137440126.806:65011): avc:  denied  { read write } 
> for  pid=30860 comm="amindexd" name="[39498626]" dev=sockfs 
> ino=39498626 scontext=system_u:system_r:amanda_t 
> tcontext=system_u:system_r:inetd_t tclass=tcp_socket
> type=SYSCALL msg=audit(1137440126.806:65011): arch=40000003 syscall=11 
> success=yes exit=0 a0=8a39640 a1=8a39ab8 a2=8a3ee88 a3=bfe6b964 
> items=2 pid=30860 auid=4294967295 uid=33 gid=6 euid=33 suid=33 
> fsuid=33 egid=6 sgid=6 fsgid=6 comm="amindexd" 
> exe="/usr/lib/amanda/amindexd"
> type=AVC_PATH msg=audit(1137440126.806:65011):  path="socket:[39498626]"
> type=CWD msg=audit(1137440126.806:65011):  cwd="/"
> type=PATH msg=audit(1137440126.806:65011): item=0 
> name="/usr/lib/amanda/amindexd" flags=101  inode=776533 dev=fd:03 
> mode=0100755 ouid=33 ogid=6 rdev=00:00
> type=PATH msg=audit(1137440126.806:65011): item=1 flags=101  
> inode=89458 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00
> type=AVC msg=audit(1137440126.862:65012): avc:  denied  { getattr } 
> for  pid=30860 comm="amindexd" laddr=127.0.0.1 lport=10082 
> faddr=127.0.0.1 fport=521 scontext=system_u:system_r:amanda_t 
> tcontext=system_u:system_r:inetd_t tclass=tcp_socket
> type=SYSCALL msg=audit(1137440126.862:65012): arch=40000003 
> syscall=102 success=yes exit=0 a0=7 a1=bf9f4110 a2=aea498 a3=0 items=0 
> pid=30860 auid=4294967295 uid=33 gid=6 euid=33 suid=33 fsuid=33 egid=6 
> sgid=6 fsgid=6 comm="amindexd" exe="/usr/lib/amanda/amindexd"
> type=SOCKETCALL msg=audit(1137440126.862:65012): nargs=3 a0=0 
> a1=bf9f4254 a2=bf9f4268
>
> -- 
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
These error messages do not make any sense.  These indicate you have a 
port labeled inetd_t?  I think there was something wrong with your 
machine?  Do you still see these errors after a reboot?

Dan




More information about the fedora-selinux-list mailing list