AVC on install of libutempter ?
Tom London
selinux at gmail.com
Sat Jul 29 17:07:57 UTC 2006
After installing today's rawhide (selinux-policy-2.3.3-14), I 'yum
install libutempter'. I believe the following occured then:
type=USER_CHAUTHTOK msg=audit(07/29/2006 09:51:16.038:68) : user
pid=4163 uid=root auid=tbl subj=user_u:system_r:groupadd_t:s0
msg='op=adding group acct=utempter exe=(hostname=?, addr=?,
terminal=pts/0 res=success)'
----
type=PATH msg=audit(07/29/2006 09:51:16.042:69) : item=1
name=inode=7798798 dev=fd:00 mode=file,755 ouid=root ogid=root
rdev=00:00 obj=system_u:object_r:ld_so_t:s0
type=PATH msg=audit(07/29/2006 09:51:16.042:69) : item=0
name=inode=8303056 dev=fd:00 mode=file,755 ouid=root ogid=root
rdev=00:00 obj=system_u:object_r:nscd_exec_t:s0
type=CWD msg=audit(07/29/2006 09:51:16.042:69) : cwd=
type=EXECVE msg=audit(07/29/2006 09:51:16.042:69) :
a0="/usr/sbin/nscd" a1="nscd" a2="-i" a3="group"
type=AVC_PATH msg=audit(07/29/2006 09:51:16.042:69) : path=
type=AVC_PATH msg=audit(07/29/2006 09:51:16.042:69) : path=
type=SYSCALL msg=audit(07/29/2006 09:51:16.042:69) : arch=i386
syscall=execve success=yes exit=0 a0=804de0d a1=bf8131a4 a2=bf8131b8
a3=1 items=2 ppid=4163 pid=4164 auid=tbl uid=root gid=root euid=root
suid=root fsuid=root egid=root sgid=root fsgid=root tty=pts0
comm=exe=subj=user_u:system_r:nscd_t:s0 key=(null)
type=AVC msg=audit(07/29/2006 09:51:16.042:69) : avc: denied { read
write } for pid=4164 comm=name=dev=dm-0 ino=853755
scontext=user_u:system_r:nscd_t:s0
tcontext=system_u:object_r:shadow_t:s0 tclass=file
type=AVC msg=audit(07/29/2006 09:51:16.042:69) : avc: denied { write
} for pid=4164 comm=name=dev=dm-0 ino=854746
scontext=user_u:system_r:nscd_t:s0 tcontext=system_u:object_r:etc_t:s0
tclass=file
tom
--
Tom London
More information about the fedora-selinux-list
mailing list