Bug 149032 - avc: denied net_admin messages
avc: denied net_admin messages
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-02-17 19:33 EST by Orion Poplawski
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-09 17:37:15 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Orion Poplawski 2005-02-17 19:33:36 EST
Description of problem:

Getting the following messages in permissive mode.  Not sure what the impact
would be under enforcing.

audit(1108686194.845:0): avc:  denied  { net_admin } for  pid=2656
exe=/sbin/ypbind capability=12 scontext=user_u:system_r:ypbind_t
tcontext=user_u:system_r:ypbind_t tclass=capability
audit(1108686198.020:0): avc:  denied  { net_admin } for  pid=3010
exe=/usr/sbin/rpc.rquotad capability=12 scontext=user_u:system_r:rpcd_t
tcontext=user_u:system_r:rpcd_t tclass=capability
audit(1108686198.422:0): avc:  denied  { net_admin } for  pid=3088
exe=/usr/sbin/rpc.mountd capability=12 scontext=user_u:system_r:nfsd_t
tcontext=user_u:system_r:nfsd_t tclass=capability
audit(1108686202.044:0): avc:  denied  { net_admin } for  pid=3239
exe=/usr/sbin/httpd capability=12 scontext=user_u:system_r:httpd_t
tcontext=user_u:system_r:httpd_t tclass=capability


Version-Release number of selected component (if applicable):

selinux-policy-targeted-1.21.14-1
Comment 1 Daniel Walsh 2005-03-08 14:27:42 EST
Do you see them in enforcing mode?  If not they are probably being 
prevented by some other access denial.

Dan
Comment 2 Orion Poplawski 2005-03-08 19:09:36 EST
I'm seeing the following in enforcing mode:

type=KERNEL msg=audit(1110325425.073:11245429): avc:  denied  {
net_admin } for  pid=6797exe=/usr/sbin/httpd capability=12
scontext=root:system_r:httpd_t tcontext=root:system_r:httpd_t
tclass=capability
type=KERNEL msg=audit(1110325433.245:11248486): avc:  denied  {
net_admin } for  pid=2680exe=/sbin/ypbind capability=12
scontext=user_u:system_r:ypbind_t tcontext=user_u:system_r:ypbind_t
tclass=capability

It hasn't caused any problems that I can see - everything seems to
work.  Not sure what triggers the messages.

This is with selinux-policy-targeted-1.21.15-6 now.
Comment 3 Daniel Walsh 2005-03-09 14:19:34 EST
Added dontaudits to 
selinux-policy-*-1.21.16-3
Comment 4 Orion Poplawski 2005-03-09 17:37:15 EST
No longer seeing the net_admin messages in the audit log.

Note You need to log in before you can comment on or make changes to this bug.