Bug 550425

Summary: SELinux is preventing ps (mysqld_safe_t) "sys_ptrace" mysqld_safe_t.
Product: [Fedora] Fedora Reporter: Juan Hauva <jhauva>
Component: selinux-policyAssignee: Daniel Walsh <dwalsh>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 12CC: dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard: setroubleshoot_trace_hash:547f8cbf9900fd1d6176265c8c001bb3ffdf7e6db77cf80c8d5c5ae98ccad646
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-12-27 13:16:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Juan Hauva 2009-12-25 06:02:11 UTC 
Resúmen:

SELinux is preventing ps (mysqld_safe_t) "sys_ptrace" mysqld_safe_t.

Descripción Detallada:

[ps es un tipo permisivo (mysqld_safe_t). Este acceso no fue denegado.]

SELinux denied access requested by ps. It is not expected that this access is
required by ps and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Permitiendo Acceso:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Información Adicional:

Contexto Fuente               system_u:system_r:mysqld_safe_t:s0
Contexto Destino              system_u:system_r:mysqld_safe_t:s0
Objetos Destino               None [ capability ]
Fuente                        ps
Dirección de Fuente          /bin/ps
Puerto                        <Desconocido>
Nombre de Equipo              (removed)
Paquetes RPM Fuentes          procps-3.2.7-27.fc11
Paquetes RPM Destinos         
RPM de Políticas             selinux-policy-3.6.12-88.fc11
SELinux Activado              True
Tipo de Política             targeted
Modo Obediente                Enforcing
Nombre de Plugin              catchall
Nombre de Equipo              (removed)
Plataforma                    Linux (removed) 2.6.30.9-96.fc11.i686.PAE #1 SMP Tue
                              Nov 3 23:41:33 EST 2009 i686 athlon
Cantidad de Alertas           1
Visto por Primera Vez         jue 03 dic 2009 01:20:42 CLST
Visto por Última Vez         jue 03 dic 2009 01:20:42 CLST
ID Local                      df5cd7e1-028c-48b7-b047-a6f70a1a3694
Números de Línea            

Mensajes de Auditoría Crudos 

node=(removed) type=AVC msg=audit(1259814042.882:571): avc:  denied  { sys_ptrace } for  pid=2619 comm="ps" capability=19 scontext=system_u:system_r:mysqld_safe_t:s0 tcontext=system_u:system_r:mysqld_safe_t:s0 tclass=capability

node=(removed) type=SYSCALL msg=audit(1259814042.882:571): arch=40000003 syscall=3 success=yes exit=136 a0=5 a1=c2ba20 a2=3ff a3=c2b9c0 items=0 ppid=2530 pid=2619 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ps" exe="/bin/ps" subj=system_u:system_r:mysqld_safe_t:s0 key=(null)



Hash String generated from  selinux-policy-3.6.12-88.fc11,catchall,ps,mysqld_safe_t,mysqld_safe_t,capability,sys_ptrace
audit2allow suggests:

#============= mysqld_safe_t ==============
allow mysqld_safe_t self:capability sys_ptrace;
Comment 1 Daniel Walsh 2009-12-27 13:16:25 UTC 

*** This bug has been marked as a duplicate of bug 538428 ***