Bug 270041 - SELinux is preventing /sbin/killall5 (dhcpc_t) "ptrace" to (dhcpc_t)
SELinux is preventing /sbin/killall5 (dhcpc_t) "ptrace" to (dhcpc_t)
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
: Reopened
Depends On:
  Show dependency treegraph
Reported: 2007-08-30 22:57 EDT by Robert Staaf
Modified: 2008-01-30 14:19 EST (History)
0 users

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-01-30 14:19:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Robert Staaf 2007-08-30 22:57:26 EDT
Description of problem:SELinux denied access requested by /sbin/killall5. It is
not expected that this access is required by /sbin/killall5 and this access may
signal an intrusion attempt. It is also possible that the specific version or
configuration of the application is causing it to require additional access.

Version-Release number of selected component (if applicable):

How reproducible:
Just turn on the machine, 696 alerts since the policy was updated 2 days ago.

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 Daniel Walsh 2007-08-31 06:02:09 EDT
Looks like this is fixed.  Please yum update selinux-policy
Comment 2 Robert Staaf 2007-08-31 06:19:46 EDT
I am running selinux-policy-2.6.4-38.fc7 with was released 8/23 and from 
looking in updates on the mirrors there does not appear to be a newer 
Comment 3 Daniel Walsh 2007-09-01 07:16:24 EDT
I released 40 this week, but the Release engineers might not have pushed it yet.
 It might still be in fedora-testing.  
Comment 4 Robert Staaf 2007-09-02 07:54:45 EDT
I went ahead and updated from testing to get 40 and have to say I am still 
getting the same messages.

SELinux is preventing /sbin/killall5 (dhcpc_t) "ptrace" to (dhcpc_t)
SELinux is preventing ntpd (dhcpc_t) "getattr" to /var/run/ntpd.pid
Comment 5 Robert Staaf 2007-09-04 06:41:21 EDT
Last night I did a completely fresh Network Install of F7 completely wiping out
the previous installation.  After all the updates to my dismay these two
sealerts are back.  

SELinux is preventing /sbin/killall5 (dhcpc_t) "ptrace" to (dhcpc_t)
SELinux is preventing ntpd (dhcpc_t) "getattr" to /var/run/ntpd.pid

Maybe there are gremlins in my machine but neither a fresh install or updating
to 40 from testing gets ride of these alerts for me...
Comment 6 Daniel Walsh 2007-09-04 11:16:48 EDT
Please attach your /var/log/audit/audit.log
Comment 7 Daniel Walsh 2007-09-04 11:21:54 EDT
That is because I lied.

I will put a fix in 41.

Comment 8 Daniel Walsh 2007-09-04 11:45:52 EDT
I looked at dhcpd_t policy instead of dhcpc_t policy.

Fixed in selinux-policy-2.6.4-41
Comment 9 Robert Staaf 2007-09-17 11:38:51 EDT
Any idea on a release for this fix?  I notice 41 was not released and 42 is in
Comment 10 Daniel Walsh 2007-09-17 14:50:29 EDT
Requiest has been made to push it to stable, so it should get out soon.
Comment 11 Daniel Walsh 2008-01-30 14:19:47 EST
Bulk closing all bugs in Fedora updates in the modified state.  If you bug is
not fixed, please reopen.

Note You need to log in before you can comment on or make changes to this bug.