Bug 1026410
| Summary: | [PATCH] munin_services_plugin_t: Allow use of shm | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Lubomir Rintel <lkundrak> | ||||
| Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 6.4 | CC: | dwalsh, lvrabec, mmalik | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2014-06-16 09:37:24 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux. Rule is included in current selinux-policy package. Lubomir thank you for patch! |
Created attachment 819199 [details] Suggested fix MySQL plugin which is labeled as Munin service requires this and it's probably a better idea to allow it than to create a new domain for it. The policy already allows another sysv IPC mechanism (semaphores). Denial: type=AVC msg=audit(1381741923.672:2583101): avc: denied { unix_read unix_write } for pid=9074 comm="mysql_files_tab" key=1667461225 scontext=system_u:system_r:munin_services_plugin_t:s0 tcontext=system_u:system_r:munin_services_plugin_t:s0 tclass=shm