Bug 507476 - SELinux is preventing find (sysstat_t) "read" security_t.
Summary: SELinux is preventing find (sysstat_t) "read" security_t.
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 11
Hardware: i686
OS: Linux
low
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 508201 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-06-22 22:10 UTC by Peter H.S.
Modified: 2009-09-08 11:40 UTC (History)
6 users (show)

Fixed In Version: selinux-policy-3.6.12-57.fc11
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-09-08 11:38:24 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
selinux logfile (2.38 KB, text/plain)
2009-06-22 22:10 UTC, Peter H.S. 		no flags Details
View All

Description Peter H.S. 2009-06-22 22:10:29 UTC 
Created attachment 349014 [details]
selinux logfile

Description of problem:

SELinux is preventing find (sysstat_t) "read" security_t. 
Kildekontekst:  system_u:system_r:sysstat_t:s0-s0:c0.c1023

See attached logfile


Målkontekst:  system_u:object_r:security_t:s0
Målobjekt:  mls [ file ]
Kilde:  find
Kildesti:  /bin/find



Version-Release number of selected component (if applicable):

findutils-4.4.0-2.fc11


How reproducible:

No idea. Have had 6 incidents in a very short while.

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Daniel Walsh 2009-06-24 21:21:53 UTC 
You can add these rules now using

# grep avc /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Fixed in selinux-policy-3.6.12-57.fc11
Comment 2 Kamil Dudka 2009-09-08 11:40:53 UTC 
*** Bug 508201 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.