631750 – AVC denials from httpd on F12

Bug 631750 - AVC denials from httpd on F12

Summary: AVC denials from httpd on F12

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Spacewalk
Classification:	Community
Component:	Server
Sub Component:
Version:	1.2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jan Pazdziora
QA Contact:	Red Hat Satellite QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	space13
TreeView+	depends on / blocked

Reported:	2010-09-08 10:22 UTC by Garik Khachikyan
Modified:	2015-01-04 21:57 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-11-26 14:05:21 UTC
Embargoed:

Attachments	(Terms of Use)

Description Garik Khachikyan 2010-09-08 10:22:24 UTC

Description of problem:
The recent tests show lots of ACV denials from user httpd on the F12 i386 system during work of SW nightly.

Version-Release number of selected component (if applicable):
SW nightly (the date: 07.Sep.2010)

How reproducible:
through RHTS test

Steps to Reproduce:
1. install SW nightly on F12 i386
2. make some actions (like rhnpush a package and try to remove it through API)
3. look for AVC denials for the user httpd (/usr/bin/env LC_ALL=en_US.UTF-8 /sbin/ausearch -sv no -m AVC -m USER_AVC -m SELINUX_ERR)
  
Actual results:
time->Tue Sep  7 15:27:09 2010
type=SYSCALL msg=audit(1283887629.218:33982): arch=40000003 syscall=5 success=no exit=-13 a0=bfcc3010 a1=98800 a2=660ff4 a3=0 items=0 ppid=8932 pid=8946 auid=4294967295 uid=48 gid=492 euid=48 suid=48 fsuid=48 egid=492 sgid=492 fsgid=492 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1283887629.218:33982): avc:  denied  { search } for  pid=8946 comm="httpd" name="rpm" dev=dm-0 ino=32769 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=dir
----
time->Tue Sep  7 15:27:09 2010
type=SYSCALL msg=audit(1283887629.218:33983): arch=40000003 syscall=195 success=no exit=-13 a0=b1b31790 a1=bfcc2fcc a2=660ff4 a3=b1b3179c items=0 ppid=8932 pid=8946 auid=4294967295 uid=48 gid=492 euid=48 suid=48 fsuid=48 egid=492 sgid=492 fsgid=492 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1283887629.218:33983): avc:  denied  { getattr } for  pid=8946 comm="httpd" path="/var/lib/rpm" dev=dm-0 ino=32769 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=dir

Expected results:
no avc denials

Additional info:

Comment 2 Šimon Lukašík 2010-09-20 14:01:12 UTC

This bug is not present on Fedora-13.

But on Fedora-13 we have very similar issue with cobblerd. See bug 635681.

Comment 3 Jan Pazdziora 2010-11-19 16:05:12 UTC

Mass-moving to space13.

Comment 4 Jan Pazdziora 2010-11-26 14:05:04 UTC

(In reply to comment #2)
> This bug is not present on Fedora-13.

If the problem is not present on Fedora 13, closing as WONTFIX as Fedora 12 will be EOL'd within a week.

Note You need to log in before you can comment on or make changes to this bug.