Bug 155580 - selinux targetted policy prevents ntpd from operating
selinux targetted policy prevents ntpd from operating
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: selinux-policy-targeted (Show other bugs)
4.0
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-04-21 12:00 EDT by Gordon Farquharson
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-21 12:57:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gordon Farquharson 2005-04-21 12:00:15 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050322 Firefox/1.0.2 Red Hat/1.0.2-1.4.1

Description of problem:
When ntpd is started (e.g. as root /etc/init.d/ntpd start), /var/log/messages reports

Apr 21 09:57:59 streamer kernel: audit(1114099079.319:0): avc:  denied  { read } for  pid=17680 exe=/usr/sbin/ntpd name=group dev=dm-0 ino=8405041 scontext=root:system_r:ntpd_t tcontext=root:object_r:tmp_t tclass=file


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.17.30-2.52.1

How reproducible:
Always

Steps to Reproduce:
1. /etc/init.d/ntpd start (as root or sudo)
2. look at /var/log/messages
3.
  

Actual Results:  In /var/log/messages:

Apr 21 09:57:59 streamer kernel: audit(1114099079.319:0): avc:  denied  { read } for  pid=17680 exe=/usr/sbin/ntpd name=group dev=dm-0 ino=8405041 scontext=root:system_r:ntpd_t tcontext=root:object_r:tmp_t tclass=file

and the ntpd daemon is killed.

Expected Results:  ntpd should be running.

Additional info:
Comment 1 Daniel Walsh 2005-04-21 12:15:43 EDT
Did you create a file in /tmp named group and then move it somewhere. 

tmp_t is the default context for files in /tmp if you use the mv command it will
retain the context.  

So say you created an /etc/group file in /tmp and then
moved it to /etc
mv /tmp/group /etc/group

You would have the wrong context on the file.  You can fix the context using
restorecon /etc/group

If you want to look at the context of a file you can use ls

ls -Z /etc/group

Dan
Comment 2 Gordon Farquharson 2005-04-21 12:48:39 EDT
Hi Dan

Yes, this was done by our site configuration script. I restored /etc/group
context  using restorecon as you suggested, and now ntpd runs.

Thanks very much for the help. selinux is going to take a while to learn.

Gordon

Note You need to log in before you can comment on or make changes to this bug.