Bug 338411 - SELinux denies /usr/sbin/load_policy (load_policy_t) "write" to pipe (rpm_t).
SELinux denies /usr/sbin/load_policy (load_policy_t) "write" to pipe (rpm_t).
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-10-18 13:18 EDT by Julian Sikorski
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-10-21 08:40:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Julian Sikorski 2007-10-18 13:18:07 EDT
Description of problem:
This happens every selinux-policy update. Today I updated it again (3.0.8-22 to
3.0.8-24) and the alert was still present

avc: denied { write } for comm=load_policy dev=pipefs egid=0 euid=0
exe=/usr/sbin/load_policy exit=0 fsgid=0 fsuid=0 gid=0 items=0 path=pipe:[59649]
pid=6681 scontext=system_u:system_r:load_policy_t:s0 sgid=0
subj=system_u:system_r:load_policy_t:s0 suid=0 tclass=fifo_file
tcontext=system_u:system_r:rpm_t:s0 tty=pts0 uid=0 

Version-Release number of selected component (if applicable):
selinux-policy-3.0.8-22.fc8

How reproducible:
every policy update

Steps to Reproduce:
1. yum update selinux-policy-targeted
  
Actual results:
SELinux denial occurs

Expected results:
No denial
Comment 1 Daniel Walsh 2007-10-18 15:30:46 EDT
Fixed in selinux-policy-targeted-3.0.8-25

Note You need to log in before you can comment on or make changes to this bug.