Bug 239759 - AVC errors for hwclock when executed by init process.
Summary: AVC errors for hwclock when executed by init process.
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy   
(Show other bugs)
Version: 5.0
Hardware: All Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-05-11 02:38 UTC by Gurhan Ozen
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-14 18:06:19 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Gurhan Ozen 2007-05-11 02:38:56 UTC
Description of problem:

When executing the following commands:
hwclock --set --date "1/1/2000 00:00:00"
hwclock --utc --systohc

as init process, the following AVC errors are obtained:
type=SYSCALL msg=audit(1178819431.189:1845): arch=40000003 syscall=5 success=no
exit=-13 a0=90e2c48 a1=0 a2=40171ff4 a3=90e1a68 items=0 ppid=13457 pid=13460
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="hwclock" exe="/sbin/hwclock"
subj=system_u:system_r:hwclock_t:s0 key=(null)
type=AVC msg=audit(1178819431.189:1845): avc:  denied  { search } for  pid=13460
comm="hwclock" name="mnt" dev=dm-0 ino=16613377
scontext=system_u:system_r:hwclock_t:s0 tcontext=system_u:object_r:mnt_t:s0
tclass=dir


If those commands are run as root though, no errors are given. 


Version-Release number of selected component (if applicable):
RHEL5-GA

How reproducible:
Everytime

Steps to Reproduce:
1. Put those commands in a script, and place it in the /etc/rc3.d dir as a start
script.
2. reboot the machine
3.
  
Actual results:
AVC errors are thrown

Expected results:
No errors should be given.

Additional info:
You can run these in the rhts system... The test is
/kernel/security/audit/audit-test-1212

Comment 1 Gurhan Ozen 2007-05-11 18:19:02 UTC
Note that this does happen with the latest selinux-policy package
(selinux-policy-2.4.6-67.el5) package as well.

Comment 2 Daniel Walsh 2007-05-14 17:51:11 UTC
Why would hwclock be searching the mnt_t directory?

Comment 3 Jeff Burke 2007-05-14 18:06:19 UTC
This error is due to a failure in the loading of RHTS test policy.


Note You need to log in before you can comment on or make changes to this bug.