Bug 578655
Summary: | SELinux is preventing oracle (oracle_db_t) "read" to ./passwd (etc_runtime_t). | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | macheater |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED CANTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 5.3 | ||
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-08-19 11:12:27 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
macheater
2010-03-31 23:23:27 UTC
Sadly the tool/kernel could not figure out that the avc referred to /etc/passwd restorecon -v /etc/passwd Should probably fix the problem. We have a better solution for the troubleshooter in RHEL6 or you could turn on full auditing, and the AVC would have contained the full path, but there is performance overhead for this. My guess is that some init script edited the /etc/passwd file and left it with a bad label. |