Bug 460635 - audisp_t signals prelude_audisp_t
audisp_t signals prelude_audisp_t
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-08-29 07:11 EDT by Dominick Grift
Modified: 2008-08-29 16:24 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-08-29 16:24:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dominick Grift 2008-08-29 07:11:06 EDT
Description of problem:
avc:  denied  { signal } for  pid=2075 comm="audispd" scontext=system_u:system_r
:audisp_t:s0 tcontext=system_u:system_r:prelude_audisp_t:s0 tclass=process

Version-Release number of selected component (if applicable):
selinux-policy-3.5.5-1.fc10.noarch

solution:

logging.te

optional_policy(` 
	prelude_signal_audisp(audisp_t)
')
Comment 1 Daniel Walsh 2008-08-29 14:24:21 EDT
`logging_audisp_system_domain' 

Has 

	allow $1 audisp_t:process signal;

But I think this should be

	allow audisp_t $1:process signal;

I am not sure if a subprocess should be sending signals to audisp other then sigchld?
Comment 2 Steve Grubb 2008-08-29 15:17:57 EDT
Wrt to audispd and its children, child to parent is only SIGCHLD, parent to child is SIGHUP, SIGTERM, and SIGKILL if they don't listen very well.
Comment 3 Daniel Walsh 2008-08-29 16:24:24 EDT
Thanks Steve, I will fix the policy.

selinux-policy-3.5.5-3.fc10

Note You need to log in before you can comment on or make changes to this bug.