Bug 981862
Summary: | SELinux is preventing /usr/libexec/clock-applet from 'mmap_zero' accesses on the memprotect . | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jeff MacDonald <jam> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 18 | CC: | brendan.hoffmann, dominick.grift, dwalsh, eparis, jam, lvrabec, mgrepl |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:9c1d767c937e67637eb977f92081502eeab1183b202fcf518c048845d561b7a7 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-04-13 16:45:03 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jeff MacDonald
2013-07-06 13:08:44 UTC
Where did /usr/libexec/clock-applet come from? It should not be requesting this access. Without auditd running and collecting the syscall record in question it's impossible to tell if this is an application bug or if this should be a dup of the general kernel bug. Can you reproduce? If so, please let us know how. If not, we should consider duping this bug... It came from: % rpm -q --whatprovides /usr/libexec/clock-applet gnome-panel-3.6.2-2.fc18.i686 This is a fully patched fc18 install. according to the output of: /bin/systemctl status auditd.service auditd is running and has been doing so for more than a week. is there a grep or a processor you need me to run and add to the ticket? Get the output of Can you get it to happen after execute auditctl -w /etc/shadow THen collect the avc info with ausearch -m avc -ts recent The fact this has only every been reported once makes me feel quite sure this is a dup of https://bugzilla.redhat.com/show_bug.cgi?id=490753 *** This bug has been marked as a duplicate of bug 490753 *** |