Bug 132574 - mdadm and ntp policy problems
mdadm and ntp policy problems
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Depends On:
Blocks: FC3Blocker
  Show dependency treegraph
Reported: 2004-09-14 15:34 EDT by Daniel Reed
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-09-16 08:03:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Daniel Reed 2004-09-14 15:34:22 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2)
Gecko/20040809 Epiphany/1.3.8

Description of problem:
Starting mdmonitor: audit(1095188105.721:0): avc:  denied  { read }
for  pid=2789 exe=/sbin/mdadm name=mdstat dev=proc ino=-268435080
tcontext=system_u:object_r:proc_mdstat_t tclass=file

Starting ntpd:                                             [  OK  ]
audit(1095188122.323:0): avc:  denied  { name_bind } for  pid=3050
exe=/usr/sbin/ntpd src=682 scontext=user_u:system_r:ntpd_t
tcontext=system_u:object_r:reserved_port_t tclass=udp_socket
audit(1095188122.331:0): avc:  denied  { name_bind } for  pid=3050
exe=/usr/sbin/ntpd src=683 scontext=user_u:system_r:ntpd_t
tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket
audit(1095188122.341:0): avc:  denied  { name_bind } for  pid=3050
exe=/usr/sbin/ntpd src=684 scontext=user_u:system_r:ntpd_t
tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket

The mdadm error repeats periodically and interferes with my use of the

Version-Release number of selected component (if applicable):

How reproducible:
Comment 1 Alexandre Oliva 2004-09-14 18:14:06 EDT
Yuck.  This problem causes a messed-up initrd.img to be created if
your root device happens to be on raid.
Comment 2 Colin Walters 2004-09-14 18:52:04 EDT
The mdadm bug is fixed by a patch I sent to selinux@tycho.  Not sure
about the ntpd one.
Comment 6 Daniel Walsh 2004-09-15 11:08:13 EDT
selinux-policy-targeted-1.17.16-2 should fix this problem.
Comment 7 Daniel Reed 2004-09-15 11:22:55 EDT
I upgraded to selinux-policy-targeted-1.17.16-2 and no longer receive
the ntpd error. (I have not received the mdadm error since Colin
patched my sources yesterday afternoon, and upgrading to 16-2 did not
cause the mdadm error to resurface.)

I found 16-2 in dist/fc3-HEAD and not dist/fc3, and I'm not sure if
that means this can be closed "RAWHIDE" or not.
Comment 8 Alexandre Oliva 2004-09-15 23:37:29 EDT
It made it to FC3-re0915.0, so it's certainly going to be in FC3test2
and probably tomorrow's rawhide.  Feel free to close it.

Note You need to log in before you can comment on or make changes to this bug.