bootloader_t AVC from nash during kernel install ?

Tom London selinux at gmail.com
Sun Jul 16 18:04:54 UTC 2006 

Running targeted/enforcing (latest Rawhide).

Running .2401 kernel, 'yum update'-ing to .2405.

Notice this in /var/log/audit/audit.log:

type=AVC msg=audit(1153069191.610:60): avc:  denied  { search } for
pid=3962 comm="nash" name="net" dev=proc ino=-268435431
scontext=system_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:proc_net_t:s0 tclass=dir
type=SYSCALL msg=audit(1153069191.610:60): arch=40000003 syscall=5
success=no exit=-13 a0=bff1ba68 a1=0 a2=1b6 a3=8 items=1 ppid=3958
pid=3962 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts0 comm="nash" exe="/sbin/nash"
subj=system_u:system_r:bootloader_t:s0 key=(null)
type=CWD msg=audit(1153069191.610:60):  cwd="/"
type=PATH msg=audit(1153069191.610:60): item=0 name="/proc/net/psched"
obj=system_u:object_r:sbin_t:s0

<<<< Above repeats about 50 times >>>>

type=AVC msg=audit(1153069199.047:110): avc:  denied  { search } for
pid=4277 comm="nash" name="net" dev=proc ino=-268435431
scontext=system_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:proc_net_t:s0 tclass=dir
type=SYSCALL msg=audit(1153069199.047:110): arch=40000003 syscall=5
success=no exit=-13 a0=bf9c84d8 a1=0 a2=1b6 a3=8 items=1 ppid=4275
pid=4277 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts0 comm="nash" exe="/sbin/nash"
subj=system_u:system_r:bootloader_t:s0 key=(null)
type=CWD msg=audit(1153069199.047:110):  cwd="/sys/block/sda"
type=PATH msg=audit(1153069199.047:110): item=0
name="/proc/net/psched" obj=system_u:object_r:sbin_t:s0
type=AVC msg=audit(1153069199.711:111): avc:  denied  { getattr } for
pid=4309 comm="lvs" name="/" dev=tmpfs ino=6180
scontext=system_u:system_r:lvm_t:s0
tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir
type=SYSCALL msg=audit(1153069199.711:111): arch=40000003 syscall=195
success=no exit=-13 a0=9596cf8 a1=bfcf839c a2=4b09eff4 a3=9596cf8
items=1 ppid=4308 pid=4309 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="lvs" exe="/usr/sbin/lvm"
subj=system_u:system_r:lvm_t:s0 key=(null)
type=AVC_PATH msg=audit(1153069199.711:111):  path="/dev/shm"
type=CWD msg=audit(1153069199.711:111):  cwd="/"
type=PATH msg=audit(1153069199.711:111): item=0 name="/dev/shm"
inode=6180 dev=00:12 mode=041777 ouid=0 ogid=0 rdev=00:00
obj=system_u:object_r:tmpfs_t:s0

type=AVC msg=audit(1153069203.111:138): avc:  denied  { search } for
pid=4724 comm="nash" name="net" dev=proc ino=-268435431
scontext=system_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:proc_net_t:s0 tclass=dir
type=SYSCALL msg=audit(1153069203.111:138): arch=40000003 syscall=5
success=no exit=-13 a0=bfdc90e8 a1=0 a2=1b6 a3=8 items=1 ppid=4722
pid=4724 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts0 comm="nash" exe="/sbin/nash"
subj=system_u:system_r:bootloader_t:s0 key=(null)
type=CWD msg=audit(1153069203.111:138):  cwd="/tmp/initrd.GI4508"
type=PATH msg=audit(1153069203.111:138): item=0
name="/proc/net/psched" obj=system_u:object_r:sbin_t:s0



tom
-- 
Tom London

More information about the fedora-selinux-list mailing list