Bug 1583082
Summary: | SELinux is preventing /usr/bin/pkla-check-authorization from map access on the file /usr/bin/pkla-check-authorization | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Lukas Slebodnik <lslebodn> |
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
Status: | CLOSED ERRATA | QA Contact: | Milos Malik <mmalik> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.6 | CC: | lvrabec, mgrepl, mmalik, plautrba, ssekidde, tpelka |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | selinux-policy-3.13.1-203.el7 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-10-30 10:04:11 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Lukas Slebodnik
2018-05-28 08:11:48 UTC
*** Bug 1574389 has been marked as a duplicate of this bug. *** ---- type=PROCTITLE msg=audit(06/07/2018 17:05:17.385:337) : proctitle=(null) type=PATH msg=audit(06/07/2018 17:05:17.385:337) : item=1 name=/lib64/ld-linux-x86-64.so.2 inode=418713 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:ld_so_t:s0 objtype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 type=PATH msg=audit(06/07/2018 17:05:17.385:337) : item=0 name=/usr/bin/pkla-check-authorization inode=12909515 dev=fd:00 mode=file,755 ouid=root ogid=root rdev=00:00 obj=system_u:object_r:policykit_auth_exec_t:s0 objtype=NORMAL cap_fp=none cap_fi=none cap_fe=0 cap_fver=0 type=CWD msg=audit(06/07/2018 17:05:17.385:337) : cwd=/ type=SYSCALL msg=audit(06/07/2018 17:05:17.385:337) : arch=x86_64 syscall=execve success=no exit=EACCES(Permission denied) a0=0x55ee9f7266d0 a1=0x55ee9f7268c0 a2=0x7ffe0e1972e0 a3=0x7ffe0e195ae0 items=2 ppid=671 pid=11562 auid=unset uid=polkitd gid=polkitd euid=polkitd suid=polkitd fsuid=polkitd egid=polkitd sgid=polkitd fsgid=polkitd tty=(none) ses=unset comm=pkla-check-auth exe=/usr/bin/pkla-check-authorization subj=system_u:system_r:policykit_t:s0 key=(null) type=AVC msg=audit(06/07/2018 17:05:17.385:337) : avc: denied { map } for pid=11562 comm=pkla-check-auth path=/usr/bin/pkla-check-authorization dev="dm-0" ino=12909515 scontext=system_u:system_r:policykit_t:s0 tcontext=system_u:object_r:policykit_auth_exec_t:s0 tclass=file permissive=0 ---- Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3111 |