Bug 239759 - AVC errors for hwclock when executed by init process.
AVC errors for hwclock when executed by init process.
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
5.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-05-10 22:38 EDT by Gurhan Ozen
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-14 14:06:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gurhan Ozen 2007-05-10 22:38:56 EDT
Description of problem:

When executing the following commands:
hwclock --set --date "1/1/2000 00:00:00"
hwclock --utc --systohc

as init process, the following AVC errors are obtained:
type=SYSCALL msg=audit(1178819431.189:1845): arch=40000003 syscall=5 success=no
exit=-13 a0=90e2c48 a1=0 a2=40171ff4 a3=90e1a68 items=0 ppid=13457 pid=13460
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="hwclock" exe="/sbin/hwclock"
subj=system_u:system_r:hwclock_t:s0 key=(null)
type=AVC msg=audit(1178819431.189:1845): avc:  denied  { search } for  pid=13460
comm="hwclock" name="mnt" dev=dm-0 ino=16613377
scontext=system_u:system_r:hwclock_t:s0 tcontext=system_u:object_r:mnt_t:s0
tclass=dir


If those commands are run as root though, no errors are given. 


Version-Release number of selected component (if applicable):
RHEL5-GA

How reproducible:
Everytime

Steps to Reproduce:
1. Put those commands in a script, and place it in the /etc/rc3.d dir as a start
script.
2. reboot the machine
3.
  
Actual results:
AVC errors are thrown

Expected results:
No errors should be given.

Additional info:
You can run these in the rhts system... The test is
/kernel/security/audit/audit-test-1212
Comment 1 Gurhan Ozen 2007-05-11 14:19:02 EDT
Note that this does happen with the latest selinux-policy package
(selinux-policy-2.4.6-67.el5) package as well.
Comment 2 Daniel Walsh 2007-05-14 13:51:11 EDT
Why would hwclock be searching the mnt_t directory?
Comment 3 Jeff Burke 2007-05-14 14:06:19 EDT
This error is due to a failure in the loading of RHTS test policy.

Note You need to log in before you can comment on or make changes to this bug.