Bug 205600 - avc: denied { rename } for pid=5838 comm="smbd" name="heliopsis.log" dev=dm-2 ino=95461 scontext=system_u:system_r:smbd_t:s0 tcontext=system_u:object_r:samba_log_t:s0 tclass=file
avc: denied { rename } for pid=5838 comm="smbd" name="heliopsis.log" dev=d...
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-09-07 11:19 EDT by Orion Poplawski
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-09-18 14:29:36 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Orion Poplawski 2006-09-07 11:19:38 EDT
Description of problem:

Got this in the logs:

Sep  6 12:34:42 saga kernel: audit(1157567682.363:129): avc:  denied  { rename }
for  pid=5024 comm="smbd" name="heliopsis.log" dev=dm-2 ino=95641
scontext=system_u:system_r:smbd_t:s0 tcontext=system_u:object_r:samba_log_t:s0
tclass=file
Sep  6 12:34:42 saga kernel: audit(1157567682.363:130): avc:  denied  { unlink }
for  pid=5024 comm="smbd" name="heliopsis.log.old" dev=dm-2 ino=95636
scontext=system_u:system_r:smbd_t:s0 tcontext=system_u:object_r:samba_log_t:s0
tclass=file
Sep  6 12:41:51 saga kernel: audit(1157568111.382:131): avc:  denied  { rename }
for  pid=5838 comm="smbd" name="heliopsis.log" dev=dm-2 ino=95461
scontext=system_u:system_r:smbd_t:s0 tcontext=system_u:object_r:samba_log_t:s0
tclass=file
Sep  6 12:41:51 saga kernel: audit(1157568111.382:132): avc:  denied  { unlink }
for  pid=5838 comm="smbd" name="heliopsis.log.old" dev=dm-2 ino=95424
scontext=system_u:system_r:smbd_t:s0 tcontext=system_u:object_r:samba_log_t:s0
tclass=file

Running in permissive mode.
Version-Release number of selected component (if applicable):
selinux-policy-2.3.7-2.fc5
Comment 1 Daniel Walsh 2006-09-18 14:29:36 EDT
Policy for samba says the following

allow smbd_t samba_log_t:dir { create ra_dir_perms setattr };
dontaudit smbd_t samba_log_t:dir remove_name;
allow smbd_t samba_log_t:file { create ra_file_perms };

I believe the remove_name dontaudit would have prevented the AVC messages that
you see.  So I would say this is the expected behaviour.


Note You need to log in before you can comment on or make changes to this bug.