512859 – programs run from cron generate selinux avc's

Bug 512859 - programs run from cron generate selinux avc's

Summary: programs run from cron generate selinux avc's

Keywords:
Status:	CLOSED DUPLICATE of bug 512856
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-targeted
Sub Component:
Version:	11
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:	Ben Levenson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2009-07-21 01:14 UTC by S.A. Hartsuiker
Modified:	2009-07-21 07:31 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-07-21 01:43:02 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description S.A. Hartsuiker 2009-07-21 01:14:19 UTC

Description of problem:
Any program run from cron seems to generate the same kinds of avc's

Version-Release number of selected component (if applicable):
selinux-policy-3.6.12-62.fc11.noarch

How reproducible:
run programs from cron

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

A few examples:

mrtg avc's:
node=server type=AVC msg=audit(1248138601.328:306): avc: denied { read write } for pid=7934 comm="mrtg" path="socket:[85250]" dev=sockfs ino=85250 scontext=system_u:system_r:mrtg_t:s0-s0:c0.c1023 tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=tcp_socket 

node=server type=SYSCALL msg=audit(1248138601.328:306): arch=c000003e syscall=59 success=yes exit=0 a0=20ba890 a1=20bab30 a2=20bafd0 a3=38 items=0 ppid=7931 pid=7934 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=42 comm="mrtg" exe="/usr/bin/perl" subj=system_u:system_r:mrtg_t:s0-s0:c0.c1023 key=(null) 

updatedb avc's:
node=server type=AVC msg=audit(1248138500.224:296): avc: denied { read write } for pid=6521 comm="updatedb" path="socket:[79024]" dev=sockfs ino=79024 scontext=system_u:system_r:locate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=tcp_socket 

node=server type=SYSCALL msg=audit(1248138500.224:296): arch=c000003e syscall=59 success=yes exit=0 a0=2467c60 a1=2467470 a2=2467a90 a3=20 items=0 ppid=6515 pid=6521 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=40 comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0-s0:c0.c1023 key=(null) 

certwatch avc's:
node=server type=AVC msg=audit(1248138491.384:294): avc: denied { read write } for pid=5732 comm="certwatch" path="socket:[79024]" dev=sockfs ino=79024 scontext=system_u:system_r:certwatch_t:s0-s0:c0.c1023 tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=tcp_socket 

node=server type=SYSCALL msg=audit(1248138491.384:294): arch=c000003e syscall=59 success=yes exit=0 a0=10c3710 a1=10bbd60 a2=10c39b0 a3=20 items=0 ppid=5725 pid=5732 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=40 comm="certwatch" exe="/usr/bin/certwatch" subj=system_u:system_r:certwatch_t:s0-s0:c0.c1023 key=(null) 

The same goes for 0logwatch, httpd, logrotate, sendmail, readahead

Comment 1 S.A. Hartsuiker 2009-07-21 01:15:59 UTC

The 'Security Sensitive Bug' selection box was a mouseclick error, but I don't have enough rights to remove it again.

Comment 2 Daniel Walsh 2009-07-21 01:43:02 UTC


*** This bug has been marked as a duplicate of bug 512856 ***

Note You need to log in before you can comment on or make changes to this bug.