Bug 436895
Summary: | SELinux is preventing rsyslogd (syslogd_t) "read" to ./System.map-2.6.25-0.95.rc4.fc9 (system_map_t). | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Antonio A. Olivares <olivares14031> | ||||||
Component: | rsyslog | Assignee: | Peter Vrabec <pvrabec> | ||||||
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | rawhide | CC: | dwalsh, mcepl, mcepl, selinux | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2008-03-13 12:55:01 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Antonio A. Olivares
2008-03-10 23:49:19 UTC
Could you check, if the problem exists even with rsyslog-3.12.1. It was built in rawhide on Feb 1st. thnx. *** Bug 436989 has been marked as a duplicate of this bug. *** I can't find rsyslog-3.12.1 in koji. If you provide a link, I will test. cached packages in /var/cache/yum are: -rw-r--r-- 1 root root 209273 2008-01-18 05:20 rsyslog-2.0.0-1.fc9.i386.rpm -rw-r--r-- 1 root root 209432 2008-01-22 06:42 rsyslog-2.0.0-2.fc9.i386.rpm -rw-r--r-- 1 root root 206448 2008-02-13 09:02 rsyslog-2.0.2-1.fc9.i386.rpm -rw-r--r-- 1 root root 301513 2008-03-07 03:25 rsyslog-3.12.1-1.fc9.i386.rpm No 3.12.1 :-( Well, I got this AVC installing it: type=AVC msg=audit(1205362698.730:35): avc: denied { read } for pid=7842 comm="rsyslogd" name="System.map-2.6.25-0.113.rc5.git2.fc9" dev=sda3 ino=6056 scontext=unconfined_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:system_map_t:s0 tclass=file type=SYSCALL msg=audit(1205362698.730:35): arch=40000003 syscall=5 success=no exit=-13 a0=11a7c0 a1=0 a2=1b6 a3=0 items=0 ppid=7841 pid=7842 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="rsyslogd" exe="/sbin/rsyslogd" subj=unconfined_u:system_r:syslogd_t:s0 key=(null) No joy on reboot. In fact, the first reboot after the update to the new rsyslog caused lots of issues. A successive reboot seemed to work better. I attach complete outputs from dmesg for the "next 2 reboots" below. The "failure" in the first reboot seemed to be avahi and hal not starting. In any case, in the "working second reboot", I still see this AVC: type=1400 audit(1205363081.774:4): avc: denied { read } for pid=2232 comm="rsyslogd" name="System.map-2.6.25-0.113.rc5.git2.fc9" dev=sda3 ino=6056 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:system_map_t:s0 tclass=file Created attachment 297865 [details]
dmesg from failing reboot
On this reboot, avahi and hal did not start properly, nor did gdm. System was
left in "text console" mode.
Created attachment 297866 [details]
dmesg output from "working" reboot.
This reboot booted up to gdm, and appears functioning, but has same AVC as
prior version.
Fixed in selinux-policy-3.3.1-17.fc9 Tom the first bug is NetworkManager blowing up and trying to run gdb to get a stack trace. We are trying to figure out a better way to handle this. |