Bug 562303 - (beiscsi_module_init():3941):In beiscsi_module_init, tt=ffffffff88591100
(beiscsi_module_init():3941):In beiscsi_module_init, tt=ffffffff88591100
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
All Linux
high Severity high
: rc
: ---
Assigned To: Daniel Walsh
BaseOS QE Security Team
Depends On:
  Show dependency treegraph
Reported: 2010-02-05 16:05 EST by Martin Jenner
Modified: 2012-10-15 10:39 EDT (History)
2 users (show)

See Also:
Fixed In Version: selinux-policy-2.4.6-272.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-03-30 03:49:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Martin Jenner 2010-02-05 16:05:17 EST
Description of problem: 

Seeing avc errors on multiple systems booting 2.6.18-186.el5 kernel

iscsi: registered transport (bnx2i)
iscsi: registered transport (tcp)
iscsi: registered transport (iser)
iscsi: registered transport (be2iscsi)
(beiscsi_module_init():3941):In beiscsi_module_init, tt=ffffffff88591100 
type=1400 audit(1265326006.153:4): avc:  denied  { write } for  pid=1911 comm="brcm_iscsiuio" name="log" dev=dm-0 ino=2785307 scontext=system_u:system_r:iscsid_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=dir
ADDRCONF(NETDEV_UP): eth1: link is not ready

Version-Release number of selected component (if applicable):

- RHEL5.5-Server-20100201.0 - beta candidate

# rpm -qa | grep -i selinux-

How reproducible:

very, this has been seen on multiple test multiple systems running both kernel and kernel-xen

Steps to Reproduce:
1. install RHEL5.5-Server-20100201.0 which has kernel 2.6.18-186.el5
2. review dmesg or /var/log/messages

I had not seen these errors in tree RHEL5.5-Server-20100117.0 kernel 2.6.18-185.el5
Comment 1 Martin Jenner 2010-02-05 16:07:31 EST
logs from an RHTS job

/sbin/ausearch -sv no -m AVC -m USER_AVC -m SELINUX_ERR -ts 2/4/2010 18:46:46
<no matches>
No AVC messages found with /sbin/ausearch -sv no -m AVC -m USER_AVC -m SELINUX_ERR -ts 2/4/2010 18:46:46
/bin/grep avc: /tmp/dmesg.log | /bin/grep --invert-match granted
Following messages were found in dmesg:
type=1400 audit(1265345126.188:4): avc:  denied  { write } for  pid=1995 comm="brcm_iscsiuio" name="log" dev=dm-0 ino=4259867 scontext=system_u:system_r:iscsid_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=dir
Warning: Unable to parse timestamp

Comment 3 Daniel Walsh 2010-02-05 16:27:54 EST
* Wed Feb 3 2010 Miroslav Grepl <mgrepl@redhat.com> 2.4.6-272
- Allow iscsid to create log file
Resolves: #548599

Fixed in selinux-policy-2.4.6-272.el5.src.rpm
Comment 7 errata-xmlrpc 2010-03-30 03:49:21 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.