First Last Prev Next    This bug is not in your last search results.
Bug 429624 - SELinux is preventing the /sbin/rpc.statd from using potentially mislabeled files (<Unknown>).
SELinux is preventing the /sbin/rpc.statd from using potentially mislabeled f...
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
8
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
: 310601 (view as bug list)
Depends On:
Blocks: 310601
  Show dependency treegraph
 
Reported: 2008-01-21 18:50 EST by Michael Ploujnikov
Modified: 2008-01-24 16:18 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-22 09:32:56 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Michael Ploujnikov 2008-01-21 18:50:19 EST 
Description of problem:
avc: denied { read } for comm=rpc.statd dev=dm-0 egid=0 euid=0
exe=/sbin/rpc.statd exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=services
pid=6828 scontext=unconfined_u:system_r:rpcd_t:s0 sgid=0
subj=unconfined_u:system_r:rpcd_t:s0 suid=0 tclass=file
tcontext=system_u:object_r:rpm_script_tmp_t:s0 tty=(none) uid=0


Version-Release number of selected component (if applicable):
selinux-policy 3.0.8 74.fc8
setroubleshoot-server 1.10.7 1.fc8
nfs-utils 1.1.0 6.fc8 x86_64

How reproducible:
Very much so.

Steps to Reproduce:
1. # /etc/init.d/nfslock start
2. "watch the output"
  
Actual results:
Starting NFS statd:                                        [FAILED]

Expected results:
Starting NFS statd:                                        [OK]

Additional info:
Source Context                unconfined_u:system_r:rpcd_t
Target Context                system_u:object_r:rpm_script_tmp_t
Target Objects                None [ file ]
Affected RPM Packages         nfs-utils-1.1.0-6.fc8 [application]
Policy RPM                    selinux-policy-3.0.8-74.fc8
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.home_tmp_bad_labels
Host Name                     grayf
Platform                      Linux grayf 2.6.23.9-85.fc8 #1 SMP Fri Dec 7
                              15:49:36 EST 2007 x86_64 x86_64
Alert Count                   10
First Seen                    Mon Jan 21 18:36:17 2008
Last Seen                     Mon Jan 21 18:39:21 2008
Local ID                      0669cea2-c098-4d1b-ac24-b07a9cd337f4
Line Numbers
Comment 1 Michael Ploujnikov 2008-01-21 19:47:56 EST 
I can reproduce this on my other F8 machine (i686 athlon arch) that has the same
versions of packages.
Comment 2 Daniel Walsh 2008-01-22 09:32:56 EST 
restorecon /etc/services

Some rpm in it post install script is editing the /etc/services file in /tmp and
then mv'ing it to /etc.  THis is causing the labels to be wrong.  Running
restorecon on the file will fix.  If you know which rpm is causing the problem,
open an bugzilla on it to tell them to run restorecon when they are done.

restorecond could be used to watch this file, in the future.

Marking this as notabug since this is not a bug with policy but a bug with some
other package.
Comment 3 Steve Dickson 2008-01-24 16:18:39 EST 
*** Bug 310601 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.