Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 593393 - perl-Razor-Agent-2.84-1.el5.src.rpm SElinux denials on log file
Summary: perl-Razor-Agent-2.84-1.el5.src.rpm SElinux denials on log file
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy-targeted
Version: 5.5
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
: ---
Assignee: Daniel Walsh
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-18 17:38 UTC by R P Herrold
Modified: 2012-10-03 14:57 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-05-19 12:02:13 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description R P Herrold 2010-05-18 17:38:08 UTC
Description of problem:

SElinux denials on log file

Version-Release number of selected component (if applicable):

perl-Razor-Agent-2.84-1.el5

How reproducible:

build, install run

Steps to Reproduce:

type=1107 audit(1273870143.957:3): user pid=1935 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc:  received policyload notice (seqno=2)
: exe="?" (sauid=81, hostname=?, addr=?, terminal=?)'
type=1403 audit(1273870143.961:4): policy loaded auid=4294967295 ses=4294967295
type=1400 audit(1274203962.780:5): avc:  denied  { ioctl } for  pid=9820 comm="spamd" path="/razor-agent.log" dev=sda2 ino=14 scontext=user_u:system_r:spamd_t:s0 tcontext=user_u:object_r:root_t:s0 tclass=file
type=1400 audit(1274203962.781:6): avc:  denied  { append } for  pid=9820 comm="spamd" path="/razor-agent.log" dev=sda2 ino=14 scontext=user_u:system_r:spamd_t:s0 tcontext=user_u:object_r:root_t:s0 tclass=file

Comment 1 Robert Scheck 2010-05-18 19:33:57 UTC
Re-assigning to selinux-policy-targeted. Daniel, can you take care, please?

Comment 2 Daniel Walsh 2010-05-19 12:02:13 UTC
Why is razor writing its log file in /?

If you move the log file to /var/log/ and run restorecon on it, this AVC will go away.

If you must have the log file in /, then you need to setup the correct labeling.

# semanage fcontext -a -t razor_log_t /razor-agent.log
# restorecon -v /razor-agent.log


Note You need to log in before you can comment on or make changes to this bug.