Description of problem: With kernel-2.6.28-0.114.rc7.git5.fc11.x86_64, running grep against (some?) sockets produce spew like the following: Dec 8 07:23:08 tlondon kernel: SELinux: WARNING: inside open_file_to_av with unknown mode:140640 Dec 8 07:23:08 tlondon kernel: SELinux: WARNING: inside open_file_to_av with unknown mode:140666 Dec 8 07:23:08 tlondon kernel: SELinux: WARNING: inside open_file_to_av with unknown mode:140666 The above was produced by "cd /etc/httpd/run; grep dnsmasq *"; grep reports: [root@tlondon run]# grep dnsmasq * grep: audispd_events: No such device or address grep: rpcbind.sock: No such device or address grep: sdp: No such device or address [root@tlondon run]# Version-Release number of selected component (if applicable): kernel-2.6.28-0.114.rc7.git5.fc11.x86_64 selinux-policy-targeted-3.6.1-6.fc11.noarch selinux-policy-3.6.1-6.fc11.noarch How reproducible: Every time Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
this message should be completely harmless (outside of performance/serial spam/overhead/blah/blah/blah. Do you have avc denials? davej checked in the fix already: * Fri Dec 05 2008 Dave Jones <davej> - SELinux: check open perms in dentry_open not inode_permission so it should be fixed on any F11 2.6.28-rc7-git5 or later kernel....
ugggh, you have the patch, I might see what's going on, but still, those messages are "harmless"....
S_IFSOCK == 0140000 for anyone who is playing along at home /me did not realize it was possible to "open" a socket in this manor.
Yeah, harmless. Just spew. No AVCs.....
http://marc.info/?l=selinux&m=122886575426345&w=2
commit 8b6a5a37f87a414ef8636e36ec75accb27bb7508 upstream
I'm slack and still haven't fixed it.... [root@localhost ~]# grep hello /var/run/acpid.socket grep: /var/run/acpid.socket: No such device or address [root@localhost ~]# dmesg -c SELinux: WARNING: inside open_file_to_av with unknown mode:140666 I'll do it tomorrow, I don't remember why my patch wasn't accepted...
patch sent to selinux list