145028 – init denials (strict policy)

Bug 145028 - init denials (strict policy)

Summary: init denials (strict policy)

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-strict
Sub Component:
Version:	rawhide
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-01-13 21:01 UTC by Ivan Gyurdiev
Modified:	2007-11-30 22:10 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-01-20 18:30:17 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ivan Gyurdiev 2005-01-13 21:01:39 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041228 Firefox/1.0 Fedora/1.0-8

Description of problem:
I get denials for the entire init sequence that look like thos:

audit(1105622931.647:0): avc:  denied  { read } for  pid=509
exe=/bin/mount path=/init dev=rootfs ino=7
scontext=system_u:system_r:mount_t tcontext=system_u:object_r:root_t
tclass=file

I get about 100 of those for pretty much every program started by init.
The operations denied are { read use }





Version-Release number of selected component (if applicable):
selinux-policy-strict-1.21.1-1

How reproducible:
Always

Steps to Reproduce:
1. Boot with strict policy

Additional info:

Comment 1 Ivan Gyurdiev 2005-01-20 18:30:17 UTC

I don't get these in enforcing mode.

Note You need to log in before you can comment on or make changes to this bug.