Bug 149032 - avc: denied net_admin messages
Summary: avc: denied net_admin messages
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-02-18 00:33 UTC by Orion Poplawski
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2005-03-09 22:37:15 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Orion Poplawski 2005-02-18 00:33:36 UTC
Description of problem:

Getting the following messages in permissive mode.  Not sure what the impact
would be under enforcing.

audit(1108686194.845:0): avc:  denied  { net_admin } for  pid=2656
exe=/sbin/ypbind capability=12 scontext=user_u:system_r:ypbind_t
tcontext=user_u:system_r:ypbind_t tclass=capability
audit(1108686198.020:0): avc:  denied  { net_admin } for  pid=3010
exe=/usr/sbin/rpc.rquotad capability=12 scontext=user_u:system_r:rpcd_t
tcontext=user_u:system_r:rpcd_t tclass=capability
audit(1108686198.422:0): avc:  denied  { net_admin } for  pid=3088
exe=/usr/sbin/rpc.mountd capability=12 scontext=user_u:system_r:nfsd_t
tcontext=user_u:system_r:nfsd_t tclass=capability
audit(1108686202.044:0): avc:  denied  { net_admin } for  pid=3239
exe=/usr/sbin/httpd capability=12 scontext=user_u:system_r:httpd_t
tcontext=user_u:system_r:httpd_t tclass=capability


Version-Release number of selected component (if applicable):

selinux-policy-targeted-1.21.14-1

Comment 1 Daniel Walsh 2005-03-08 19:27:42 UTC
Do you see them in enforcing mode?  If not they are probably being 
prevented by some other access denial.

Dan

Comment 2 Orion Poplawski 2005-03-09 00:09:36 UTC
I'm seeing the following in enforcing mode:

type=KERNEL msg=audit(1110325425.073:11245429): avc:  denied  {
net_admin } for  pid=6797exe=/usr/sbin/httpd capability=12
scontext=root:system_r:httpd_t tcontext=root:system_r:httpd_t
tclass=capability
type=KERNEL msg=audit(1110325433.245:11248486): avc:  denied  {
net_admin } for  pid=2680exe=/sbin/ypbind capability=12
scontext=user_u:system_r:ypbind_t tcontext=user_u:system_r:ypbind_t
tclass=capability

It hasn't caused any problems that I can see - everything seems to
work.  Not sure what triggers the messages.

This is with selinux-policy-targeted-1.21.15-6 now.


Comment 3 Daniel Walsh 2005-03-09 19:19:34 UTC
Added dontaudits to 
selinux-policy-*-1.21.16-3

Comment 4 Orion Poplawski 2005-03-09 22:37:15 UTC
No longer seeing the net_admin messages in the audit log.


Note You need to log in before you can comment on or make changes to this bug.