Bug 467185 - Unconfined daemons running under root
Unconfined daemons running under root
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
11
All Linux
medium Severity medium
: ---
: ---
Assigned To: Miroslav Grepl
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-10-16 05:23 EDT by Peter Vrabec
Modified: 2009-09-04 11:46 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-04 11:46:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Peter Vrabec 2008-10-16 05:23:49 EDT
Description of problem:
By using our security audit tool, we discovered some unconfined daemons on full F10 installation. This was considered as security problem. Would be possible to fix these issues? 


Steps to Reproduce:
1. full F10 installation
2. enable all services 
3. sectool -r netserv || netstat -taupZ
  
Actual results:
netserv ->          
    Warning: File "/bin/plymouthd (deleted)" doesn't belong to any package.
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon rc with pid 7891 running user root detected
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon ifplugd with pid 9754 running user root detected
    Error: Unconfined () daemon  with pid 9967 running user  detected                                        
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon cfenvd with pid 10398 running user root detected
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon corosync with pid 11507 running user root detected
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon glusterfsd with pid 11536 running user root detected
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon qdiskd with pid 11808 running user root detected    
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon autodir with pid 12555 running user root detected   
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon autodir with pid 12583 running user root detected   
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon lircd with pid 12613 running user root detected     
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon isnsd with pid 16141 running user root detected     
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon tgtd with pid 16155 running user root detected      
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon bluetoothd with pid 17210 running user root detected
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon argus with pid 17418 running user root detected     
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon dropbear with pid 17493 running user root detected  
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon cwdaemon with pid 18296 running user root detected  
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon rpc.rquotad with pid 18335 running user root detected
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon rpc.rstatd with pid 18402 running user root detected 
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon amd with pid 19920 running user root detected        
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon xl2tpd with pid 22538 running user root detected     
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon ulogd with pid 22772 running user root detected      
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon rarpd with pid 22799 running user root detected      
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon varnishd with pid 25407 running user root detected   
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon varnishlog with pid 25594 running user root detected 
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon zvbid with pid 25694 running user root detected      
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon psad with pid 27074 running user root detected       
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon psadwatchd with pid 27077 running user root detected 
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon cfservd with pid 28147 running user root detected    
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon incrond with pid 28254 running user root detected    
    Error: Unconfined (system_u:system_r:initrc_t:s0) daemon evtchnd with pid 29275 running user root detected    
    Warning: Unconfined (system_u:system_r:initrc_t:s0) process named-sdb with pid 10195 listening on port(s) tcp/53 tcp/953 udp/53 running user named detected                                                                               
    Warning: Unconfined (system_u:system_r:initrc_t:s0) process slpd with pid 10256 listening on port(s) tcp/427 tcp/427 udp/427 udp/427 udp/427 running user daemon detected                                                                 
    Warning: Unconfined (system_u:system_r:initrc_t:s0) process oidentd with pid 16076 listening on port(s) tcp/113 running user nobody detected                                                                                              
    Error: Unconfined (system_u:system_r:initrc_t:s0) process ipa_kpasswd with pid 16110 listening on port(s) tcp/464 tcp/464 udp/464 udp/464 running user root detected                                                                      
    Error: Unconfined (system_u:system_r:initrc_t:s0) process argus with pid 17418 listening on port(s) tcp/561 running user root detected                                                                                                    
    Error: Unconfined (system_u:system_r:initrc_t:s0) process dropbear with pid 17493 listening on port(s) tcp/22 running user root detected                                                                                                  
    Error: Unconfined (system_u:system_r:initrc_t:s0) process rpc.rquotad with pid 18335 listening on port(s) tcp/706 udp/703 running user root detected                                                                                      
    Error: Unconfined (system_u:system_r:initrc_t:s0) process rpc.rstatd with pid 18402 listening on port(s) udp/773 running user root detected                                                                                               
    Warning: Unconfined (system_u:system_r:initrc_t:s0) process rpc.rusersd with pid 18412 listening on port(s) udp/782 running user nobody detected                                                                                          
    Error: Unconfined (system_u:system_r:initrc_t:s0) process pingd with pid 19906 listening on port(s) raw/1 running user root detected                                                                                                      
    Error: Unconfined (system_u:system_r:initrc_t:s0) process amd with pid 19920 listening on port(s) tcp/1023 udp/600 udp/1022 udp/1023 running user root detected                                                                           
    Error: Unconfined (system_u:system_r:initrc_t:s0) process dbmail-lmtpd with pid 22630 listening on port(s) tcp/24 running user root detected                                                                                              
    Warning: Unconfined (system_u:system_r:initrc_t:s0) process boa with pid 22869 listening on port(s) tcp/80 running user boa detected                                                                                                      
    Error: Unconfined (system_u:system_r:initrc_t:s0) process odccm with pid 30978 listening on port(s) tcp/990 running user root detected                                                                                                    
    netserv: ERROR
Comment 1 Daniel Walsh 2008-10-29 14:08:39 EDT
Sure as soon as I get an army of policy writers.


I think this would be much better if each package had a bugzilla opened on missing policy.

bluetoothd is already fixed.
Comment 2 Daniel Walsh 2008-10-29 14:09:50 EDT
rpc.statd should be running with policy and rpc.userd should also.
Comment 3 Bug Zapper 2008-11-25 22:54:56 EST
This bug appears to have been reported against 'rawhide' during the Fedora 10 development cycle.
Changing version to '10'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 4 Bug Zapper 2009-06-09 05:47:22 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Note You need to log in before you can comment on or make changes to this bug.