Summary: SELinux is preventing /usr/sbin/ntpd "unix_read unix_write" access . Detailed Description: SELinux denied access requested by ntpd. It is not expected that this access is required by ntpd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:ntpd_t:s0 Target Context system_u:system_r:initrc_t:s0 Target Objects None [ shm ] Source ntpd Source Path /usr/sbin/ntpd Port <Unknown> Host (removed) Source RPM Packages ntp-4.2.6p1-2.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-44.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.33.6-147.2.4.fc13.x86_64 #1 SMP Fri Jul 23 17:14:44 UTC 2010 x86_64 x86_64 Alert Count 2 First Seen Sun 15 Aug 2010 11:40:26 AM EDT Last Seen Sun 15 Aug 2010 09:05:16 PM EDT Local ID d0275c5b-a81f-4a90-8059-6946b8944d2a Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1281920716.861:14): avc: denied { unix_read unix_write } for pid=1560 comm="ntpd" key=1314148400 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=shm node=(removed) type=SYSCALL msg=audit(1281920716.861:14): arch=c000003e syscall=29 success=no exit=-13 a0=4e545030 a1=60 a2=380 a3=7fff71d1caa0 items=0 ppid=1 pid=1560 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null) Hash String generated from catchall,ntpd,ntpd_t,initrc_t,shm,unix_read,unix_write audit2allow suggests: #============= ntpd_t ============== allow ntpd_t initrc_t:shm { unix_read unix_write };
Which process is running as initrc_t? # ps -ez | grep initrc
ps -eZ |grep initrc system_u:system_r:initrc_t:s0 1566 ttyS1 00:00:00 shm_splc2
Rich, could you try to execute chcon -t ntpd_exec_t /usr/sbin/shm_splc2 Then restart the shmpps service and test it. Thanks.
executed chcon -t ntpd_exec_t /usr/sbin/shm_splc2 restarted the shmpps service the same SELinux error occurred ls -Z /usr/sbin/shm_splc2 -rwxr-xr-x. root root system_u:object_r:ntpd_exec_t:s0 /usr/sbin/shm_splc2
Ok and what is now output of # ps -eZ | grep shm_splc2
ps -eZ | grep shm_splc2 unconfined_u:system_r:initrc_t:s0 3122 pts/0 00:00:00 shm_splc2 Note: At this time shm_splc2 needs to be started with debug "-D" turned on or shm_splc2 dies shortly after starting it.
Strange, shm_splc2 should be running in the ntpd_t domain after chcon. Could you try to execute these commands # chcon -t ntpd_exec_t /usr/sbin/shm_splc2 # service shmpps restart # ps -eZ | grep shm_splc2 Also what is your output of # id -Z Thanks.
Any update?
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.