Bug 906968
| Summary: | Probable kernel issue creating net_admin avc issues | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | David Highley <david.m.highley> | ||||
| Component: | kernel | Assignee: | Eric Paris <eparis> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 18 | CC: | gansalmon, hushan.jia, itamar, jonathan, kernel-maint, madhu.chinakonda, michel | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2013-05-17 13:37:48 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Reported this issue against a system we had done a fedup upgrade from Fedora 17. We have now done a fresh install and do not see this issue on the Fedora 18 system at least with kernel version 3.7.6-201.fc18.x86_64. We first noticed the issue with Fedora 17 and then with Fedora 16 as noted above after a kernel upgrade. |
Created attachment 691869 [details] Capture of associated avc audit log entries. Description of problem: Selinux is reporting net_admin avc issues for several things. Version-Release number of selected component (if applicable): 3.7.4-204.fc18.x86_64 and now with the latest kernel update to Fedora 16 3.6.11-4.fc16.x86_64 How reproducible: Lots of them occur during logwatch, email, and automount login processes. Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: We have had to create local policy files for; abrt, automount, mount, logrotate, procmail, rsync, sendmail, system_mail, and setroubleshootd. Looks like in reviewing the log that rpm is also involved but we did not end up needing to create any local policy to elminate the avc reports.