Bug 508866 - SELinux failure with ifconfig
SELinux failure with ifconfig
Status: CLOSED DUPLICATE of bug 508099
Product: Fedora
Classification: Fedora
Component: net-tools (Show other bugs)
11
x86_64 Linux
low Severity medium
: ---
: ---
Assigned To: Jiri Popelka
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-06-30 06:31 EDT by Andrew John Hughes
Modified: 2009-07-01 08:20 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-07-01 08:20:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Andrew John Hughes 2009-06-30 06:31:00 EDT
Description of problem:

SELinux is preventing ifconfig (ifconfig_t) "read" security_t.

Detailed Description:

SELinux denied access requested by ifconfig. It is not expected that this access
is required by ifconfig and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.

node=shelob.middle-earth.co.uk type=AVC msg=audit(1246351393.544:19): avc:  denied  { read } for  pid=2512 comm="ifconfig" name="mls" dev=selinuxfs ino=12 scontext=unconfined_u:unconfined_r:ifconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file

node=shelob.middle-earth.co.uk type=SYSCALL msg=audit(1246351393.544:19): arch=c000003e syscall=2 success=no exit=-13 a0=7fff0bff9c30 a1=0 a2=7fff0bff9c3c a3=fffffff8 items=0 ppid=2496 pid=2512 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="ifconfig" exe="/sbin/ifconfig" subj=unconfined_u:unconfined_r:ifconfig_t:s0-s0:c0.c1023 key=(null)

Version-Release number of selected component (if applicable):

1.60-92.fc11

How reproducible:

Running vpnc

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Radek Vokal 2009-06-30 07:06:15 EDT
Can you give me more specific steps how to reproduce this issue? What was the ifconfig command you've issued?
Comment 2 Andrew John Hughes 2009-06-30 09:09:29 EDT
I didn't, as mentioned above I received this when invoking vpnc (to connect to the Red Hat VPN)
Comment 3 Jiri Popelka 2009-07-01 08:20:44 EDT
Fixed in selinux-policy-3.6.12-57.fc11

*** This bug has been marked as a duplicate of bug 508099 ***

Note You need to log in before you can comment on or make changes to this bug.