Bug 493760 - setroubleshoot avc's
Summary: setroubleshoot avc's
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: rawhide
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-04-03 00:31 UTC by Dave Jones
Modified: 2015-01-04 22:30 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-04-06 12:47:53 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Dave Jones 2009-04-03 00:31:39 UTC 
This fail is almost comedic..

type=AVC msg=audit(1238718282.630:12255): avc:  denied  { execmem } for  pid=8305 comm="setroubleshootd" scontext=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 tclass=process

This AVC triggers setroubleshoot to then start up, and oops.. Another AVC, which causes...
Comment 1 Dave Jones 2009-04-03 00:55:21 UTC 
there's a gazillion msgs in dmesg like ..

setroubleshootd[8604] general protection ip:7f024265790d sp:7fff4ab85c00 error:0 in libpython2.6.so.1.0[7f02425be000+169000]

which is likely related.
Comment 2 Dave Jones 2009-04-04 21:05:17 UTC 
haven't seen this happen since I did a complete relabel.

red herring?
Comment 3 Daniel Walsh 2009-04-06 12:47:53 UTC 
There were other problems causing the libpython crash (libselinux) and the execmem (nss).

So both should be fixed in rawhide.
Note You need to log in before you can comment on or make changes to this bug.