Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 578657 Details for
Bug 814254
SELinux is preventing /usr/sbin/getsebool from read access on the directory /selinux/booleans/.
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
AVCs which appeared in permissive mode
cobbler-check-in-permissive.txt (text/plain), 10.12 KB, created by
Milos Malik
on 2012-04-19 14:03:58 UTC
(
hide
)
Description:
AVCs which appeared in permissive mode
Filename:
MIME Type:
Creator:
Milos Malik
Created:
2012-04-19 14:03:58 UTC
Size:
10.12 KB
patch
obsolete
>---- >time->Thu Apr 19 16:01:01 2012 >type=SYSCALL msg=audit(1334844061.100:21917): arch=40000003 syscall=5 success=yes exit=3 a0=bffae95c a1=98800 a2=3e6ff4 a3=ffffffff items=0 ppid=2012 pid=2084 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="getsebool" exe="/usr/sbin/getsebool" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844061.100:21917): avc: denied { read } for pid=2084 comm="getsebool" name="booleans" dev=selinuxfs ino=21 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=dir >---- >time->Thu Apr 19 16:01:04 2012 >type=SYSCALL msg=audit(1334844064.927:21924): arch=40000003 syscall=33 success=yes exit=0 a0=89bbca0 a1=5 a2=d03284 a3=bf8960dc items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844064.927:21924): avc: denied { read search } for pid=2088 comm="semanage" name="active" dev=sda3 ino=229978 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:object_r:semanage_store_t:s0 tclass=dir >---- >time->Thu Apr 19 16:01:04 2012 >type=SYSCALL msg=audit(1334844064.931:21925): arch=40000003 syscall=33 success=yes exit=0 a0=89a9800 a1=4 a2=d03284 a3=89a9800 items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844064.931:21925): avc: denied { read } for pid=2088 comm="semanage" name="semanage.read.LOCK" dev=sda3 ino=144275 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:semanage_read_lock_t:s0 tclass=file >---- >time->Thu Apr 19 16:01:04 2012 >type=SYSCALL msg=audit(1334844064.931:21926): arch=40000003 syscall=33 success=yes exit=0 a0=8a88170 a1=7 a2=d03284 a3=89a9800 items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844064.931:21926): avc: denied { write } for pid=2088 comm="semanage" name="modules" dev=sda3 ino=229979 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:object_r:semanage_store_t:s0 tclass=dir >---- >time->Thu Apr 19 16:01:04 2012 >type=SYSCALL msg=audit(1334844064.932:21927): arch=40000003 syscall=5 success=yes exit=3 a0=89bc378 a1=0 a2=1b6 a3=cf9ac8 items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844064.932:21927): avc: denied { open } for pid=2088 comm="semanage" name="policy.kern" dev=sda3 ino=229031 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:object_r:semanage_store_t:s0 tclass=file >type=AVC msg=audit(1334844064.932:21927): avc: denied { read } for pid=2088 comm="semanage" name="policy.kern" dev=sda3 ino=229031 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:object_r:semanage_store_t:s0 tclass=file >---- >time->Thu Apr 19 16:01:04 2012 >type=SYSCALL msg=audit(1334844064.932:21928): arch=40000003 syscall=197 success=yes exit=0 a0=3 a1=bf897ee0 a2=3e6ff4 a3=8a80d38 items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844064.932:21928): avc: denied { getattr } for pid=2088 comm="semanage" path="/etc/selinux/targeted/modules/active/policy.kern" dev=sda3 ino=229031 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:object_r:semanage_store_t:s0 tclass=file >---- >time->Thu Apr 19 16:01:05 2012 >type=SYSCALL msg=audit(1334844065.680:21929): arch=40000003 syscall=102 success=yes exit=3 a0=1 a1=bf897cd0 a2=3953ff4 a3=896bc4c items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844065.680:21929): avc: denied { create } for pid=2088 comm="semanage" scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:system_r:cobblerd_t:s0 tclass=netlink_audit_socket >---- >time->Thu Apr 19 16:01:05 2012 >type=SYSCALL msg=audit(1334844065.684:21930): arch=40000003 syscall=5 success=no exit=-2 a0=af853b0 a1=8000 a2=1b6 a3=af8ce39 items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844065.684:21930): avc: denied { search } for pid=2088 comm="semanage" name="files" dev=sda3 ino=155796 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:file_context_t:s0 tclass=dir >type=AVC msg=audit(1334844065.684:21930): avc: denied { search } for pid=2088 comm="semanage" name="contexts" dev=sda3 ino=155795 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:default_context_t:s0 tclass=dir >---- >time->Thu Apr 19 16:01:05 2012 >type=SYSCALL msg=audit(1334844065.685:21931): arch=40000003 syscall=5 success=yes exit=4 a0=89a9800 a1=0 a2=87f7050 a3=8a8acb8 items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844065.685:21931): avc: denied { open } for pid=2088 comm="semanage" name="semanage.read.LOCK" dev=sda3 ino=144275 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:semanage_read_lock_t:s0 tclass=file >---- >time->Thu Apr 19 16:01:05 2012 >type=SYSCALL msg=audit(1334844065.685:21932): arch=40000003 syscall=143 success=yes exit=0 a0=4 a1=6 a2=d03284 a3=5 items=0 ppid=2087 pid=2088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="semanage" exe="/usr/bin/python" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844065.685:21932): avc: denied { lock } for pid=2088 comm="semanage" path="/etc/selinux/targeted/modules/semanage.read.LOCK" dev=sda3 ino=144275 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:semanage_read_lock_t:s0 tclass=file >---- >time->Thu Apr 19 16:01:09 2012 >type=SYSCALL msg=audit(1334844069.782:21934): arch=40000003 syscall=197 success=yes exit=0 a0=3 a1=bfc7172c a2=3e6ff4 a3=bfc7172c items=0 ppid=2136 pid=2137 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="cat" exe="/bin/cat" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844069.782:21934): avc: denied { getattr } for pid=2137 comm="cat" path="/proc/2137/net/ip_tables_names" dev=proc ino=4026532125 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file >---- >time->Thu Apr 19 16:01:09 2012 >type=SYSCALL msg=audit(1334844069.787:21935): arch=40000003 syscall=195 success=yes exit=0 a0=a053af8 a1=bfa19378 a2=3e6ff4 a3=1 items=0 ppid=2123 pid=2128 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="iptables" exe="/bin/bash" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844069.787:21935): avc: denied { getattr } for pid=2128 comm="iptables" path="/var/lock/subsys/iptables" dev=sda3 ino=110 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:var_lock_t:s0 tclass=file >type=AVC msg=audit(1334844069.787:21935): avc: denied { search } for pid=2128 comm="iptables" name="lock" dev=sda3 ino=974 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:var_lock_t:s0 tclass=dir >---- >time->Thu Apr 19 16:01:09 2012 >type=SYSCALL msg=audit(1334844069.793:21936): arch=40000003 syscall=102 success=yes exit=3 a0=1 a1=bff44b10 a2=43090c a3=0 items=0 ppid=2128 pid=2138 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="iptables" exe="/sbin/iptables-multi" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844069.793:21936): avc: denied { net_raw } for pid=2138 comm="iptables" capability=13 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:system_r:cobblerd_t:s0 tclass=capability >type=AVC msg=audit(1334844069.793:21936): avc: denied { create } for pid=2138 comm="iptables" scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:system_r:cobblerd_t:s0 tclass=rawip_socket >---- >time->Thu Apr 19 16:01:09 2012 >type=SYSCALL msg=audit(1334844069.794:21937): arch=40000003 syscall=102 success=yes exit=0 a0=f a1=bff44b10 a2=43090c a3=0 items=0 ppid=2128 pid=2138 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="iptables" exe="/sbin/iptables-multi" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844069.794:21937): avc: denied { net_admin } for pid=2138 comm="iptables" capability=12 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:system_r:cobblerd_t:s0 tclass=capability >type=AVC msg=audit(1334844069.794:21937): avc: denied { getopt } for pid=2138 comm="iptables" lport=255 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=unconfined_u:system_r:cobblerd_t:s0 tclass=rawip_socket >---- >time->Thu Apr 19 16:01:09 2012 >type=SYSCALL msg=audit(1334844069.777:21933): arch=40000003 syscall=5 success=yes exit=3 a0=bfc71f81 a1=8000 a2=0 a3=1 items=0 ppid=2136 pid=2137 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="cat" exe="/bin/cat" subj=unconfined_u:system_r:cobblerd_t:s0 key=(null) >type=AVC msg=audit(1334844069.777:21933): avc: denied { open } for pid=2137 comm="cat" name="ip_tables_names" dev=proc ino=4026532125 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file >type=AVC msg=audit(1334844069.777:21933): avc: denied { read } for pid=2137 comm="cat" name="ip_tables_names" dev=proc ino=4026532125 scontext=unconfined_u:system_r:cobblerd_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=578657">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 814254
: 578657