Bug 204161 - NetworkManager isn't allowed to ptrace itself
NetworkManager isn't allowed to ptrace itself
Product: Fedora
Classification: Fedora
Component: NetworkManager (Show other bugs)
All Linux
medium Severity low
: ---
: ---
Assigned To: Christopher Aillon
Depends On:
  Show dependency treegraph
Reported: 2006-08-26 03:38 EDT by David Juran
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-03-28 16:04:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description David Juran 2006-08-26 03:38:07 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv: Gecko/20060808 Fedora/ Firefox/ pango-text

Description of problem:
When NetworkManager (for some reason) catches an unexpected signal it is setup to generate a backtrace in the syslog but selinux prevents this. So intead of a backtrace, the following avc messages go into syslog.

Aug 26 10:27:39 localhost kernel: audit(1156577259.823:130): avc:  denied  { ptrace } for  pid=4179 comm="gdb" scontext=user_u:system_r:NetworkManager_t:s0 tcontext=user_u:system_r:NetworkManager_t:s0 tclass=process
Aug 26 10:27:39 localhost kernel: audit(1156577259.823:130): arch=c000003e syscall=101 success=no exit=-13 a0=10 a1=ca1 a2=0 a3=0 items=0 pid=4179 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="gdb" exe="/usr/bin/gdb" subj=user_u:system_r:NetworkManager_t:s0

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. killall -s 6 NetworkManager

Actual Results:

Expected Results:

Additional info:
Comment 1 Daniel Walsh 2006-09-18 15:04:23 EDT
Fixed in selinux-policy-2.3.14-3

Why is it trying to sys_ptrace though?  I have seen this failure.  I am
currently dontauditing?
Comment 2 Daniel Walsh 2007-03-28 16:04:29 EDT
Closing bugs

Note You need to log in before you can comment on or make changes to this bug.