Bug 194474 - selinux blocks signals from ifdown to pppd
selinux blocks signals from ifdown to pppd
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-06-08 09:09 EDT by Mike
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 2.2.47-3
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-07-11 05:02:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mike 2006-06-08 09:09:10 EDT
Description of problem:

Jun  8 15:09:45 xxx kernel: audit(1149772185.419:6): avc:  denied  { signal }
for  pid=2974 comm="pppd" scontext=system_u:system_r:pppd_t:s0
tcontext=system_u:system_r:pppd_t:s0 tclass=process
Jun  8 15:09:45 xxx kernel: audit(1149772185.419:7): avc:  denied  { signal }
for  pid=2974 comm="pppd" scontext=system_u:system_r:pppd_t:s0
tcontext=system_u:system_r:pppd_t:s0 tclass=process

Version-Release number of selected component (if applicable):

clean/fresh/minimal/yesterday install with all updates

How reproducible:

`ifdown ppp0`

or 'kill.pppd' file in '/etc/cron.daily/' directory:

<--
#! /bin/bash

PID_FILE="/var/run/pppoe-adsl.pid.pppd"

if [ -f $PID_FILE ] ; then
  PID=`head -1 $PID_FILE`
  kill -TERM ${PID}
#  echo ${PID}
fi
-->
  
Additional info:

My '/etc/sysconfig/network-scripts/ifcfg-ppp0' file:

<--
USERCTL=no
BOOTPROTO=dialup
NAME=DSLppp0
DEVICE=ppp0
TYPE=xDSL
ONBOOT=yes
PIDFILE=/var/run/pppoe-adsl.pid
FIREWALL=NONE
PING=.
PPPOE_TIMEOUT=80
LCP_FAILURE=3
LCP_INTERVAL=20
CLAMPMSS=1412
CONNECT_POLL=6
CONNECT_TIMEOUT=0
DEFROUTE=yes
SYNCHRONOUS=no
ETH=eth1
PROVIDER=DSLppp0
USER=adsl@adsl.adsl
PEERDNS=no
-->
Comment 1 Daniel Walsh 2006-06-15 21:49:09 EDT
Fixed in selinux-policy-2.2.47-3

Note You need to log in before you can comment on or make changes to this bug.