Bug 1354347 - [Selinux] avc: denied for logrotate
Summary: [Selinux] avc: denied for logrotate
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Storage Console
Classification: Red Hat Storage
Component: build
Version: 2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3
Assignee: Timothy Asir
QA Contact: sds-qe-bugs
URL:
Whiteboard:
Depends On:
Blocks: 1326788
TreeView+ depends on / blocked
 
Reported: 2016-07-11 07:38 UTC by Timothy Asir
Modified: 2018-11-19 05:42 UTC (History)
6 users (show)

Fixed In Version: rhscon-core-0.0.36-1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-11-19 05:42:20 UTC
Embargoed:

Attachments (Terms of Use)

Description Timothy Asir 2016-07-11 07:38:27 UTC 
Description of problem:
avc: denied for log rotate

time->Sun Jul 10 03:36:04 2016
type=USER_AVC msg=audit(1468101964.319:3367): pid=4523 uid=0 auid=0 ses=304 subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 msg='avc:  denied  { passwd } for  scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=passwd  exe="/usr/bin/su" sauid=0 hostname=? addr=? terminal=?'
----
time->Sun Jul 10 03:36:04 2016
type=USER_AVC msg=audit(1468101964.600:3371): pid=644 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.login1.Manager member=CreateSession dest=org.freedesktop.login1 spid=4523 tpid=650 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:systemd_logind_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Sun Jul 10 03:36:04 2016
type=USER_AVC msg=audit(1468101964.604:3372): pid=644 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_return dest=:1.687 spid=650 tpid=4523 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Sun Jul 10 03:36:02 2016
type=SYSCALL msg=audit(1468101962.201:3363): arch=c000003e syscall=42 success=no exit=-115 a0=11 a1=7fa79488b7c0 a2=1c a3=75 items=0 ppid=1 pid=26638 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1468101962.201:3363): avc:  denied  { name_connect } for  pid=26638 comm="httpd" dest=10080 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:amanda_port_t:s0 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.674:3376): arch=c000003e syscall=4 success=yes exit=0 a0=7fa858880d38 a1=7fa858232d90 a2=7fa858232d90 a3=0 items=0 ppid=4523 pid=4565 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.674:3376): avc:  denied  { getattr } for  pid=4565 comm="beam" path="/var/lib/rabbitmq/.erlang.cookie" dev="dm-0" ino=35829760 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=file
----
time->Sun Jul 10 03:36:04 2016
type=SYSCALL msg=audit(1468101964.273:3364): arch=c000003e syscall=41 success=yes exit=3 a0=10 a1=80003 a2=7 a3=0 items=0 ppid=4512 pid=4523 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=304 comm="su" exe="/usr/bin/su" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101964.273:3364): avc:  denied  { create } for  pid=4523 comm="su" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=netlink_selinux_socket
----
time->Sun Jul 10 03:36:04 2016
type=SYSCALL msg=audit(1468101964.274:3365): arch=c000003e syscall=49 success=yes exit=0 a0=3 a1=7ffc71e78ec0 a2=c a3=0 items=0 ppid=4512 pid=4523 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=304 comm="su" exe="/usr/bin/su" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101964.274:3365): avc:  denied  { bind } for  pid=4523 comm="su" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=netlink_selinux_socket
----
time->Sun Jul 10 03:36:04 2016
type=SYSCALL msg=audit(1468101964.318:3366): arch=c000003e syscall=1 success=yes exit=94 a0=4 a1=7f61c3581010 a2=5e a3=0 items=0 ppid=4512 pid=4523 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=304 comm="su" exe="/usr/bin/su" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101964.318:3366): avc:  denied  { compute_av } for  pid=4523 comm="su" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
----
time->Sun Jul 10 03:36:04 2016
type=SYSCALL msg=audit(1468101964.906:3374): arch=c000003e syscall=21 success=yes exit=0 a0=7fbf4c0825a0 a1=4 a2=7fbf7413bfa8 a3=0 items=0 ppid=29690 pid=29750 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bigfin" exe="/var/lib/skyring/providers/bigfin" subj=system_u:system_r:skyring_t:s0 key=(null)
type=AVC msg=audit(1468101964.906:3374): avc:  denied  { read } for  pid=29750 comm="bigfin" name="var" dev="dm-0" ino=133 scontext=system_u:system_r:skyring_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.266:3375): arch=c000003e syscall=49 success=no exit=-98 a0=3 a1=7ffc04bff580 a2=10 a3=7ffc04bff020 items=0 ppid=1 pid=4558 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="epmd" exe="/usr/lib64/erlang/erts-5.10.4/bin/epmd" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.266:3375): avc:  denied  { name_bind } for  pid=4558 comm="epmd" src=4369 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:epmd_port_t:s0 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.675:3377): arch=c000003e syscall=21 success=yes exit=0 a0=7fa858880d38 a1=4 a2=0 a3=0 items=0 ppid=4523 pid=4565 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.675:3377): avc:  denied  { read } for  pid=4565 comm="beam" name=".erlang.cookie" dev="dm-0" ino=35829760 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=file
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.675:3378): arch=c000003e syscall=2 success=yes exit=5 a0=7fa858880d78 a1=0 a2=1b6 a3=0 items=0 ppid=4523 pid=4566 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.675:3378): avc:  denied  { open } for  pid=4566 comm="beam" path="/var/lib/rabbitmq/.erlang.cookie" dev="dm-0" ino=35829760 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=file
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.682:3379): arch=c000003e syscall=50 success=yes exit=0 a0=5 a1=80 a2=7fa85b1c0028 a3=7ffdca528d00 items=0 ppid=4523 pid=4531 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.682:3379): avc:  denied  { listen } for  pid=4531 comm="beam" lport=58901 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.684:3380): arch=c000003e syscall=42 success=no exit=-115 a0=6 a1=7fa858881020 a2=10 a3=7ffdca528d00 items=0 ppid=4523 pid=4531 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.684:3380): avc:  denied  { name_connect } for  pid=4531 comm="beam" dest=4369 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:epmd_port_t:s0 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.689:3381): arch=c000003e syscall=43 success=no exit=-11 a0=5 a1=7ffdca528fc0 a2=7ffdca528fb0 a3=7ffdca528d00 items=0 ppid=4523 pid=4531 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.689:3381): avc:  denied  { accept } for  pid=4531 comm="beam" lport=58901 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.715:3382): arch=c000003e syscall=21 success=yes exit=0 a0=7fa858881ae0 a1=4 a2=0 a3=0 items=0 ppid=4523 pid=4563 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.715:3382): avc:  denied  { read } for  pid=4563 comm="beam" name="rabbitmq" dev="dm-0" ino=35564875 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=dir
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.715:3383): arch=c000003e syscall=21 success=yes exit=0 a0=7fa858881ae0 a1=2 a2=0 a3=0 items=0 ppid=4523 pid=4563 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.715:3383): avc:  denied  { write } for  pid=4563 comm="beam" name="rabbitmq" dev="dm-0" ino=35564875 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=dir
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.803:3384): arch=c000003e syscall=42 success=no exit=-115 a0=8 a1=7fa858882018 a2=10 a3=1 items=0 ppid=4523 pid=4531 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.803:3384): avc:  denied  { name_connect } for  pid=4531 comm="beam" dest=25672 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_port_t:s0 tclass=tcp_socket


Version-Release number of selected component (if applicable):
skyring-0.0.32.tar.gz
Comment 2 Boris Ranto 2016-07-21 15:05:28 UTC 
Hi Timothy,

is this still an issue? Could you retest with the latest packages? From what I understand at least some of these denials should already be fixed.
Comment 3 Timothy Asir 2016-07-26 04:56:29 UTC 
Yes its fixed now in the latest version. I could not able to see this denial now.
Comment 6 Shubhendu Tripathi 2018-11-19 05:42:20 UTC 
This product is EOL now
Note You need to log in before you can comment on or make changes to this bug.