Bug 1418378
Summary: | watchquagga runs as initrc_t instead of zebra_t | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Tomas Dolezal <todoleza> |
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
Status: | CLOSED WONTFIX | QA Contact: | Milos Malik <mmalik> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.9 | CC: | dwalsh, lvrabec, mgrepl, mmalik, plautrba, pvrabec, ssekidde |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-10-02 13:20:44 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1208617 | ||
Bug Blocks: |
Description
Tomas Dolezal
2017-02-01 16:50:26 UTC
# service watchquagga status watchquagga is stopped # service watchquagga start Starting watchquagga: [ OK ] # service watchquagga status watchquagga (pid 1734) is running... # ps -efZ | grep quagga unconfined_u:system_r:initrc_t:s0 root 1734 1 0 14:16 ? 00:00:00 watchquagga -d zebra bgpd ospfd ospf6d ripd ripngd unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 1752 1649 0 14:16 pts/0 00:00:00 grep quagga # matchpathcon `which watchquagga` /usr/sbin/watchquagga system_u:object_r:bin_t:s0 # The watchquagga service is not confined now. I guess it's too late for fixing it in RHEL-6.9. Red Hat Enterprise Linux 6 transitioned to the Production 3 Phase on May 10, 2017. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available. The official life cycle policy can be reviewed here: http://redhat.com/rhel/lifecycle This issue does not appear to meet the inclusion criteria for the Production Phase 3 and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL: https://access.redhat.com |