Bug 447816 - avc: denied { getattr } for comm="logrotate" path="/var/log/rpmpkgs"
avc: denied { getattr } for comm="logrotate" path="/var/log/rpmpkgs"
Status: CLOSED WORKSFORME
Product: Fedora
Classification: Fedora
Component: rpm (Show other bugs)
10
All Linux
low Severity medium
: ---
: ---
Assigned To: Panu Matilainen
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-21 18:11 EDT by Robert Scheck
Modified: 2008-12-18 14:06 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-12-18 14:06:10 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Robert Scheck 2008-05-21 18:11:56 EDT
Description of problem:
Interestingly, I'm seeing the following since selinux-policy-targeted-3.3.1-51, 
as far as I can remember.

type=AVC msg=audit(1211166611.444:2946): avc:  denied  { getattr } for  
pid=15432 comm="logrotate" path="/var/log/rpmpkgs" dev=cciss/c0d0p2 ino=16 
scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:root_t:s0 tclass=file
type=SYSCALL msg=audit(1211166611.444:2946): arch=40000003 syscall=196 
success=yes exit=0 a0=82bed98 a1=bfc4b15c a2=2b8ff4 a3=82bf2e0 items=0 
ppid=15430 pid=15432 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=(none) ses=496 comm="logrotate" exe="/usr/sbin/logrotate" 
subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1211166611.446:2947): avc:  denied  { getattr } for  
pid=15432 comm="logrotate" path="/var/log/rpmpkgs" dev=cciss/c0d0p2 ino=16 
scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:root_t:s0 tclass=file
type=SYSCALL msg=audit(1211166611.446:2947): arch=40000003 syscall=195 
success=yes exit=0 a0=82bedb0 a1=bfc4bb40 a2=2b8ff4 a3=bfc4bb40 items=0 
ppid=15430 pid=15432 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 tty=(none) ses=496 comm="logrotate" exe="/usr/sbin/logrotate" 
subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)

Version-Release number of selected component (if applicable):
selinux-policy-targeted-3.3.1-51

How reproducible:
Just execute /etc/cron.daily/rpm or wait until it is executed. Problem is IMHO 
the "/bin/mv "$tmpfile" /var/log/rpmpkgs". Either cat'ing the temporary file to 
there or conditional use of restorecon in the script, I would say.

Actual results:
AVC denied.

Expected results:
No AVC denied.
Comment 1 John Poelstra 2008-10-15 18:44:47 EDT
This bug has been triaged

I can't reproduce this with selinux-policy-targeted-3.5.10-3.fc10.noarch

Are you still seeing it?
Comment 2 Bug Zapper 2008-11-25 21:19:09 EST
This bug appears to have been reported against 'rawhide' during the Fedora 10 development cycle.
Changing version to '10'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 3 Panu Matilainen 2008-12-18 14:06:10 EST
There *was* a problem with the temp file being generated to /tmp and then moved to place. The temporary output file has been generated directly into /var/log to ensure correct context since late 2007 however...

Note You need to log in before you can comment on or make changes to this bug.