513402 – SELinux is preventing perl (logwatch_t) "write" to ./services (etc_t).

Bug 513402 - SELinux is preventing perl (logwatch_t) "write" to ./services (etc_t).

Summary: SELinux is preventing perl (logwatch_t) "write" to ./services (etc_t).

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	dmraid
Sub Component:
Version:	5.4
Hardware:	All
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Heinz Mauelshagen
QA Contact:	Cluster QE
Docs Contact:
URL:
Whiteboard:
Duplicates (2):	508745 509962 (view as bug list)
Depends On:	475562
Blocks:	554754
TreeView+	depends on / blocked

Reported:	2009-07-23 14:20 UTC by Tom Coughlan
Modified:	2010-03-31 22:29 UTC (History)
CC List:	20 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	475562
Clones:	554700 554754 (view as bug list)
Environment:
Last Closed:	2010-03-30 08:52:49 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2010:0286	0	normal	SHIPPED_LIVE	dmraid bug fix update	2010-03-29 14:05:00 UTC

Comment 1 Tom Coughlan 2009-07-23 14:25:35 UTC

The selinux dontaudit change that was done in 5.4 was a temporary workaround. This BZ is for the proper fix in dmraid. This will require some further investigation, since the root cause was never uncovered.

Comment 5 Alasdair Kergon 2009-07-23 21:12:54 UTC

Anyone see any problems if we moved the file to /var/cache/logwatch/dmeventd/syslogpattern.txt ?

Comment 6 Heinz Mauelshagen 2009-08-03 11:38:52 UTC

For the time being, we don't activate monitoring in initrd so it should work.
Once we decide to change this, /var ain't mounted yet and we'll get a problem.

Comment 7 Heinz Mauelshagen 2009-11-25 12:25:13 UTC

Change as of comment #5 added to repository.

Comment 12 Mike Snitzer 2009-12-21 21:33:21 UTC

*** Bug 508745 has been marked as a duplicate of this bug. ***

Comment 14 michal novacek 2010-01-27 13:30:31 UTC

dmeventd_syslogpattern.txt is the file that has beeing created in 
/etc/logwatch/scripts/services and caused SELinux denials. This file is in the new version 60.el5 being created in /var/cache/logwatch/dmeventd/

$ rpm -q dmraid-events-logwatch
dmraid-events-logwatch-1.0.0.rc13-60.el5

$ diff /tmp/dmeventd.33.el5 /etc/logwatch/scripts/services/dmeventd
40c40
<         "/etc/logwatch/scripts/services/dmeventd_syslogpattern.txt";
---
>         "/var/cache/logwatch/dmeventd/syslogpattern.txt";

Comment 16 errata-xmlrpc 2010-03-30 08:52:49 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2010-0286.html

Comment 17 Linda Wang 2010-03-31 22:29:02 UTC

*** Bug 509962 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.

agk
bmarson
coughlan
dwalsh
dwysocha
ebenes
emcnabb
gozen
heinzm
jburke
jturner
mbroz
mgrepl
mmalik
mnovacek
prockai
syeghiay
tburke
varekova
Winfrid.Tschiedel