Bug 842818

Following AVCs were seen in permissive mode:
----
time->Tue Jul 24 18:32:01 2012
type=SYSCALL msg=audit(1343147521.798:21101): arch=40000003 syscall=156 success=yes exit=0 a0=46e7 a1=0 a2=bff305f4 a3=b7762740 items=0 ppid=1 pid=18151 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="saslauthd" exe="/usr/sbin/saslauthd" subj=unconfined_u:system_r:saslauthd_t:s0 key=(null)
type=AVC msg=audit(1343147521.798:21101): avc:  denied  { setsched } for  pid=18151 comm="saslauthd" scontext=unconfined_u:system_r:saslauthd_t:s0 tcontext=unconfined_u:system_r:saslauthd_t:s0 tclass=process
type=AVC msg=audit(1343147521.798:21101): avc:  denied  { sys_nice } for  pid=18151 comm="saslauthd" capability=23  scontext=unconfined_u:system_r:saslauthd_t:s0 tcontext=unconfined_u:system_r:saslauthd_t:s0 tclass=capability
----
time->Tue Jul 24 18:32:01 2012
type=SYSCALL msg=audit(1343147521.794:21100): arch=40000003 syscall=5 success=yes exit=8 a0=1e2f19 a1=80000 a2=1b6 a3=1e2eb5 items=0 ppid=1 pid=18151 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="saslauthd" exe="/usr/sbin/saslauthd" subj=unconfined_u:system_r:saslauthd_t:s0 key=(null)
type=AVC msg=audit(1343147521.794:21100): avc:  denied  { dac_override } for  pid=18151 comm="saslauthd" capability=1  scontext=unconfined_u:system_r:saslauthd_t:s0 tcontext=unconfined_u:system_r:saslauthd_t:s0 tclass=capability
----

Can you turn on full auditing so that we can see what path dac_override is complaining about?

----
time->Wed Jul 25 09:00:25 2012
type=SYSCALL msg=audit(1343199625.891:21839): arch=40000003 syscall=156 success=yes exit=0 a0=c2f a1=0 a2=bf980cd4 a3=b75df740 items=0 ppid=1 pid=3119 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="saslauthd" exe="/usr/sbin/saslauthd" subj=unconfined_u:system_r:saslauthd_t:s0 key=(null)
type=AVC msg=audit(1343199625.891:21839): avc:  denied  { setsched } for  pid=3119 comm="saslauthd" scontext=unconfined_u:system_r:saslauthd_t:s0 tcontext=unconfined_u:system_r:saslauthd_t:s0 tclass=process
type=AVC msg=audit(1343199625.891:21839): avc:  denied  { sys_nice } for  pid=3119 comm="saslauthd" capability=23  scontext=unconfined_u:system_r:saslauthd_t:s0 tcontext=unconfined_u:system_r:saslauthd_t:s0 tclass=capability
----
time->Wed Jul 25 09:00:25 2012
type=PATH msg=audit(1343199625.882:21838): item=0 name="/etc/shadow" inode=187619 dev=08:03 mode=0100000 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:shadow_t:s0
type=CWD msg=audit(1343199625.882:21838):  cwd="/var/run/saslauthd"
type=SYSCALL msg=audit(1343199625.882:21838): arch=40000003 syscall=5 success=yes exit=8 a0=4fcf19 a1=80000 a2=1b6 a3=4fceb5 items=1 ppid=1 pid=3119 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="saslauthd" exe="/usr/sbin/saslauthd" subj=unconfined_u:system_r:saslauthd_t:s0 key=(null)
type=AVC msg=audit(1343199625.882:21838): avc:  denied  { dac_override } for  pid=3119 comm="saslauthd" capability=1  scontext=unconfined_u:system_r:saslauthd_t:s0 tcontext=unconfined_u:system_r:saslauthd_t:s0 tclass=capability
----

Fixed in selinux-policy-3.7.19-159.el6

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0314.html