Bug 507476 - SELinux is preventing find (sysstat_t) "read" security_t.
SELinux is preventing find (sysstat_t) "read" security_t.
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
11
i686 Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
: 508201 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-06-22 18:10 EDT by Peter H.S.
Modified: 2009-09-08 07:40 EDT (History)
6 users (show)

See Also:
Fixed In Version: selinux-policy-3.6.12-57.fc11
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-08 07:38:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
selinux logfile (2.38 KB, text/plain)
2009-06-22 18:10 EDT, Peter H.S.
no flags Details

  None (edit)
Description Peter H.S. 2009-06-22 18:10:29 EDT
Created attachment 349014 [details]
selinux logfile

Description of problem:

SELinux is preventing find (sysstat_t) "read" security_t. 
Kildekontekst:  system_u:system_r:sysstat_t:s0-s0:c0.c1023

See attached logfile


Målkontekst:  system_u:object_r:security_t:s0
Målobjekt:  mls [ file ]
Kilde:  find
Kildesti:  /bin/find



Version-Release number of selected component (if applicable):

findutils-4.4.0-2.fc11


How reproducible:

No idea. Have had 6 incidents in a very short while.

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Daniel Walsh 2009-06-24 17:21:53 EDT
You can add these rules now using

# grep avc /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Fixed in selinux-policy-3.6.12-57.fc11
Comment 2 Kamil Dudka 2009-09-08 07:40:53 EDT
*** Bug 508201 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.