Bug 1004172

Summary: in.authd runs as init_t when auth.socket is active
Product: Red Hat Enterprise Linux 7 Reporter: Milos Malik <mmalik>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED CURRENTRELEASE QA Contact: Milos Malik <mmalik>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0CC: dwalsh, mgrepl
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: selinux-policy-3.12.1-76.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-13 09:53:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1004161    

Description Milos Malik 2013-09-04 06:57:29 UTC 
Description of problem:

Version-Release number of selected component (if applicable):
selinux-policy-3.12.1-73.el7.noarch
selinux-policy-devel-3.12.1-73.el7.noarch
selinux-policy-doc-3.12.1-73.el7.noarch
selinux-policy-minimum-3.12.1-73.el7.noarch
selinux-policy-mls-3.12.1-73.el7.noarch
selinux-policy-targeted-3.12.1-73.el7.noarch
authd-1.4.3-38.el7.x86_64

How reproducible:
always

Steps to Reproduce:
# systemctl enable auth.socket
ln -s '/usr/lib/systemd/system/auth.socket' '/etc/systemd/system/sockets.target.wants/auth.socket'
# systemctl start auth.socket
# systemctl status auth.socket
auth.socket - Authd Activation Socket
   Loaded: loaded (/usr/lib/systemd/system/auth.socket; enabled)
   Active: active (listening) since Wed 2013-09-04 08:52:35 CEST; 5s ago
   Listen: [::]:113 (Stream)
 Accepted: 0; Connected: 0

Sep 04 08:52:35 rhel70 systemd[1]: Listening on Authd Activation Socket.
# nc -v 127.0.0.1 113
Ncat: Version 6.40 ( http://nmap.org/ncat )
Ncat: Connected to 127.0.0.1:113.
^Z
[1]+  Stopped                 nc -v 127.0.0.1 113
# ps -efZ | grep authd
system_u:system_r:init_t:s0     ident    24220     1  0 08:53 ?        00:00:00 /usr/sbin/in.authd -t60 --xerror --os -E
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 24222 24126  0 08:53 pts/0 00:00:00 grep --color=auto authd
# fg
nc -v 127.0.0.1 113
^C
# 

Actual results:
 * in.authd process is not labelled correctly

Expected results:
 * in.authd process is labelled correctly
Comment 2 Ludek Smid 2014-06-13 09:53:07 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.