Bug 1128271 - AVCs seen when running TPS for xmlsec1
Summary: AVCs seen when running TPS for xmlsec1
Keywords:
Status: CLOSED DUPLICATE of bug 1103674
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: selinux-policy
Version: 6.6
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Miroslav Grepl
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-08-08 18:37 UTC by Namita Soman
Modified: 2014-08-08 20:16 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-08-08 20:16:36 UTC


Attachments (Terms of Use)

Description Namita Soman 2014-08-08 18:37:53 UTC
Description of problem:
tps-rpmtest shows the AVC below :

InstallTest-selinux Test
Running: /sbin/ausearch -sv no -m AVC -ts 08/08/2014 14:05:58
SELinux Check: FAIL
SELinux AVC messages found:
----
time->Fri Aug 8 14:06:01 2014
type=SYSCALL msg=audit(1407521161.769:308635): arch=40000003 syscall=207 success=no exit=-13 a0=1 a1=0 a2=0 a3=1 items=0 ppid=19220 pid=19223 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19922 comm="prelink" exe="/usr/sbin/prelink" subj=system_u:system_r:prelink_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1407521161.769:308635): avc: denied { setattr } for pid=19223 comm="prelink" name="" dev=pipefs ino=11812097 scontext=system_u:system_r:prelink_t:s0-s0:c0.c1023 tcontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 tclass=fifo_file
----
time->Fri Aug 8 14:06:01 2014
type=SYSCALL msg=audit(1407521161.872:308636): arch=40000003 syscall=207 success=no exit=-13 a0=1 a1=0 a2=0 a3=1 items=0 ppid=19220 pid=19228 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19922 comm="prelink" exe="/usr/sbin/prelink" subj=system_u:system_r:prelink_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1407521161.872:308636): avc: denied { setattr } for pid=19228 comm="prelink" name="" dev=pipefs ino=11812117 scontext=system_u:system_r:prelink_t:s0-s0:c0.c1023 tcontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 tclass=fifo_file
TPSHINT: It is possible that other stable systems activity has caused this issue.
If you are sure that this is the case, you may waive this failure.
If you have any doubts, RE-RUN tps-rpmtest to be sure.
TPSRESULT: InstallTest-selinux Returning: FAIL

tps-srpmtest also shows the AVCs below:

− FAIL REBUILD: lasso-2.4.0-5.el6.src.rpm for i686-selinux Test
Running: /sbin/ausearch -sv no -m AVC -ts 08/08/2014 14:05:22
SELinux Check: FAIL
SELinux AVC messages found:
----
time->Fri Aug 8 14:05:23 2014
type=SYSCALL msg=audit(1407521123.119:287469): arch=40000003 syscall=207 success=no exit=-13 a0=1 a1=0 a2=0 a3=1 items=0 ppid=2734 pid=2735 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="prelink" exe="/usr/sbin/prelink" subj=system_u:system_r:prelink_t:s0 key=(null)
type=AVC msg=audit(1407521123.119:287469): avc: denied { setattr } for pid=2735 comm="prelink" name="" dev=pipefs ino=12702937 scontext=system_u:system_r:prelink_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=fifo_file
----
time->Fri Aug 8 14:05:23 2014
type=SYSCALL msg=audit(1407521123.188:287470): arch=40000003 syscall=207 success=no exit=-13 a0=1 a1=0 a2=0 a3=1 items=0 ppid=2734 pid=2738 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="prelink" exe="/usr/sbin/prelink" subj=system_u:system_r:prelink_t:s0 key=(null)
type=AVC msg=audit(1407521123.188:287470): avc: denied { setattr } for pid=2738 comm="prelink" name="" dev=pipefs ino=12702950 scontext=system_u:system_r:prelink_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=fifo_file
----

more at http://nest.test.redhat.com/mnt/qa/scratch/i386-6s-m1/2014:17900/tps/tps-srpmtest.html

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 2 Miroslav Grepl 2014-08-08 20:16:36 UTC

*** This bug has been marked as a duplicate of bug 1103674 ***


Note You need to log in before you can comment on or make changes to this bug.