Bug 160829 - iiim don't start
Summary: iiim don't start
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: rawhide
Hardware: noarch
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-06-17 18:05 UTC by sangu
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version: selinux-policy-targeted-1.23.18-13
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-06-19 12:03:08 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description sangu 2005-06-17 18:05:23 UTC 
Description of problem:
$service iiim start
failed
in /var/log/audit/audit.log
[...]
type=AVC msg=audit(1119031247.432:15772667): avc:  denied  { read } for 
pid=5320 comm="iiimd" name=mtab dev=hda8 ino=211477
scontext=root:system_r:i18n_input_t tcontext=system_u:object_r:etc_runtime_t
tclass=file
type=SYSCALL msg=audit(1119031247.432:15772667): arch=40000003 syscall=5
success=no exit=-13 a0=616fba a1=0 a2=1b6 a3=9bf4a80 items=1 pid=5320
auid=4294967295 uid=103 gid=104 euid=103 suid=103 fsuid=103 egid=104 sgid=104
fsgid=104 comm="iiimd" exe="/bin/bash"
type=PATH msg=audit(1119031247.432:15772667): item=0 name="/etc/mtab"
inode=211477 dev=03:08 mode=0100644 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1119031247.433:15772692): avc:  denied  { read } for 
pid=5320 comm="iiimd" name=meminfo dev=proc ino=-268435454
scontext=root:system_r:i18n_input_t tcontext=system_u:object_r:proc_t tclass=file
type=SYSCALL msg=audit(1119031247.433:15772692): arch=40000003 syscall=5
success=no exit=-13 a0=bfcfc1d0 a1=0 a2=1b6 a3=9bf4a90 items=1 pid=5320
auid=4294967295 uid=103 gid=104 euid=103 suid=103 fsuid=103 egid=104 sgid=104
fsgid=104 comm="iiimd" exe="/bin/bash"
type=PATH msg=audit(1119031247.433:15772692): item=0 name="/proc/meminfo"
inode=4026531842 dev=00:03 mode=0100444 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1119031247.434:15772768): avc:  denied  { execute } for 
pid=5342 comm="iiimd" name=iiimd.bin dev=hda8 ino=327519
scontext=root:system_r:i18n_input_t tcontext=system_u:object_r:bin_t tclass=file
type=SYSCALL msg=audit(1119031247.434:15772768): arch=40000003 syscall=11
success=no exit=-13 a0=9bf8e40 a1=9bf8288 a2=9bf9128 a3=0 items=1 pid=5342
auid=4294967295 uid=103 gid=104 euid=103 suid=103 fsuid=103 egid=104 sgid=104
fsgid=104 comm="iiimd" exe="/bin/bash"
type=PATH msg=audit(1119031247.434:15772768): item=0 name="/usr/bin/iiimd.bin"
inode=327519 dev=03:08 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1119031247.435:15772787): avc:  denied  { getattr } for 
pid=5342 comm="iiimd" name=iiimd.bin dev=hda8 ino=327519
scontext=root:system_r:i18n_input_t tcontext=system_u:object_r:bin_t tclass=file
type=SYSCALL msg=audit(1119031247.435:15772787): arch=40000003 syscall=195
success=no exit=-13 a0=9bf8e40 a1=bfcfdc18 a2=622ff4 a3=0 items=1 pid=5342
auid=4294967295 uid=103 gid=104 euid=103 suid=103 fsuid=103 egid=104 sgid=104
fsgid=104 comm="iiimd" exe="/bin/bash"
type=AVC_PATH msg=audit(1119031247.435:15772787):  path="/usr/bin/iiimd.bin"
type=PATH msg=audit(1119031247.435:15772787): item=0 name="/usr/bin/iiimd.bin"
inode=327519 dev=03:08 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1119031247.435:15772811): avc:  denied  { getattr } for 
pid=5342 comm="iiimd" name=iiimd.bin dev=hda8 ino=327519
scontext=root:system_r:i18n_input_t tcontext=system_u:object_r:bin_t tclass=file
type=SYSCALL msg=audit(1119031247.435:15772811): arch=40000003 syscall=195
success=no exit=-13 a0=9bf8e40 a1=bfcfdb54 a2=622ff4 a3=0 items=1 pid=5342
auid=4294967295 uid=103 gid=104 euid=103 suid=103 fsuid=103 egid=104 sgid=104
fsgid=104 comm="iiimd" exe="/bin/bash"
type=AVC_PATH msg=audit(1119031247.435:15772811):  path="/usr/bin/iiimd.bin"
type=PATH msg=audit(1119031247.435:15772811): item=0 name="/usr/bin/iiimd.bin"
inode=327519 dev=03:08 mode=0100755 ouid=0 ogid=0 rdev=00:00

$ls -alZ /usr/bin/iiimd.bin
-rwxr-xr-x  root     root     system_u:object_r:bin_t          /usr/bin/iiimd.bin

Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.23.18-11

How reproducible:
always

Steps to Reproduce:
1. $service iiim start
2.
3.
  
Actual results:


Expected results:


Additional info:
iiimf version is 12.2-5.
Comment 1 Daniel Walsh 2005-06-18 02:05:55 UTC 
Fixed in  policy 1.23.18-12
Note You need to log in before you can comment on or make changes to this bug.