Bug 1128271
| Summary: | AVCs seen when running TPS for xmlsec1 | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Namita Soman <nsoman> |
| Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
| Status: | CLOSED DUPLICATE | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.6 | CC: | dwalsh |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-08-08 20:16:36 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 1103674 *** |
Description of problem: tps-rpmtest shows the AVC below : InstallTest-selinux Test Running: /sbin/ausearch -sv no -m AVC -ts 08/08/2014 14:05:58 SELinux Check: FAIL SELinux AVC messages found: ---- time->Fri Aug 8 14:06:01 2014 type=SYSCALL msg=audit(1407521161.769:308635): arch=40000003 syscall=207 success=no exit=-13 a0=1 a1=0 a2=0 a3=1 items=0 ppid=19220 pid=19223 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19922 comm="prelink" exe="/usr/sbin/prelink" subj=system_u:system_r:prelink_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1407521161.769:308635): avc: denied { setattr } for pid=19223 comm="prelink" name="" dev=pipefs ino=11812097 scontext=system_u:system_r:prelink_t:s0-s0:c0.c1023 tcontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 tclass=fifo_file ---- time->Fri Aug 8 14:06:01 2014 type=SYSCALL msg=audit(1407521161.872:308636): arch=40000003 syscall=207 success=no exit=-13 a0=1 a1=0 a2=0 a3=1 items=0 ppid=19220 pid=19228 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19922 comm="prelink" exe="/usr/sbin/prelink" subj=system_u:system_r:prelink_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1407521161.872:308636): avc: denied { setattr } for pid=19228 comm="prelink" name="" dev=pipefs ino=11812117 scontext=system_u:system_r:prelink_t:s0-s0:c0.c1023 tcontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 tclass=fifo_file TPSHINT: It is possible that other stable systems activity has caused this issue. If you are sure that this is the case, you may waive this failure. If you have any doubts, RE-RUN tps-rpmtest to be sure. TPSRESULT: InstallTest-selinux Returning: FAIL tps-srpmtest also shows the AVCs below: − FAIL REBUILD: lasso-2.4.0-5.el6.src.rpm for i686-selinux Test Running: /sbin/ausearch -sv no -m AVC -ts 08/08/2014 14:05:22 SELinux Check: FAIL SELinux AVC messages found: ---- time->Fri Aug 8 14:05:23 2014 type=SYSCALL msg=audit(1407521123.119:287469): arch=40000003 syscall=207 success=no exit=-13 a0=1 a1=0 a2=0 a3=1 items=0 ppid=2734 pid=2735 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="prelink" exe="/usr/sbin/prelink" subj=system_u:system_r:prelink_t:s0 key=(null) type=AVC msg=audit(1407521123.119:287469): avc: denied { setattr } for pid=2735 comm="prelink" name="" dev=pipefs ino=12702937 scontext=system_u:system_r:prelink_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=fifo_file ---- time->Fri Aug 8 14:05:23 2014 type=SYSCALL msg=audit(1407521123.188:287470): arch=40000003 syscall=207 success=no exit=-13 a0=1 a1=0 a2=0 a3=1 items=0 ppid=2734 pid=2738 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="prelink" exe="/usr/sbin/prelink" subj=system_u:system_r:prelink_t:s0 key=(null) type=AVC msg=audit(1407521123.188:287470): avc: denied { setattr } for pid=2738 comm="prelink" name="" dev=pipefs ino=12702950 scontext=system_u:system_r:prelink_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=fifo_file ---- more at http://nest.test.redhat.com/mnt/qa/scratch/i386-6s-m1/2014:17900/tps/tps-srpmtest.html Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: