654581 – selinux denial on /opt/apps/oracle/web/product/10.2.0/db_1/network/log

Bug 654581 - selinux denial on /opt/apps/oracle/web/product/10.2.0/db_1/network/log

Summary: selinux denial on /opt/apps/oracle/web/product/10.2.0/db_1/network/log

Keywords:
Status:	CLOSED DUPLICATE of bug 565417
Alias:	None
Product:	Red Hat Satellite 5
Classification:	Red Hat
Component:	Server
Sub Component:
Version:	540
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Jan Pazdziora
QA Contact:	Red Hat Satellite QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	462714 space14
TreeView+	depends on / blocked

Reported:	2010-11-18 10:15 UTC by Petr Sklenar
Modified:	2011-04-06 07:42 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-04-06 07:42:12 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Petr Sklenar 2010-11-18 10:15:15 UTC

Description of problem:
there is selinux denial on file /opt/apps/oracle/web/product/10.2.0/db_1/network/log

Version-Release number of selected component (if applicable):
sat540

How reproducible:
non deterministic 
very rarely

Steps to Reproduce:
1. rhn-satellite restart
  
Actual results:

time->Wed Nov 17 15:34:57 2010
type=SYSCALL msg=audit(1290026097.705:243): arch=c000003e syscall=2 per=400000 success=no exit=-13 a0=7fff536076b0 a1=441 a2=1b6 a3=441 items=0 ppid=1 pid=13844 auid=4294967295 uid=101 gid=158 euid=101 suid=101 fsuid=101 egid=157 sgid=157 fsgid=157 tty=(none) ses=4294967295 comm="oracle" exe="/opt/apps/oracle/web/product/10.2.0/db_1/bin/oracle" subj=root:system_r:oracle_db_t:s0 key=(null)
type=AVC msg=audit(1290026097.705:243): avc:  denied  { search } for  pid=13844 comm="oracle" name="log" dev=dm-0 ino=23298088 scontext=root:system_r:oracle_db_t:s0 tcontext=user_u:object_r:oracle_tnslsnr_log_t:s0 tclass=dir

----

time->Wed Nov 17 15:34:57 2010
type=SYSCALL msg=audit(1290026097.706:244): arch=c000003e syscall=2 per=400000 success=no exit=-13 a0=7fff536076b0 a1=441 a2=1b6 a3=441 items=0 ppid=1 pid=13844 auid=4294967295 uid=101 gid=158 euid=101 suid=101 fsuid=101 egid=157 sgid=157 fsgid=157 tty=(none) ses=4294967295 comm="oracle" exe="/opt/apps/oracle/web/product/10.2.0/db_1/bin/oracle" subj=root:system_r:oracle_db_t:s0 key=(null)
type=AVC msg=audit(1290026097.706:244): avc:  denied  { search } for  pid=13844 comm="oracle" name="log" dev=dm-0 ino=23298088 scontext=root:system_r:oracle_db_t:s0 tcontext=user_u:object_r:oracle_tnslsnr_log_t:s0 tclass=dir
----

# find / -mount -inum 23298088
/opt/apps/oracle/web/product/10.2.0/db_1/network/log


Expected results:
no denial

Additional info:

Comment 5 Jan Pazdziora 2011-04-06 07:42:12 UTC

We track this issue in bug 565417.

*** This bug has been marked as a duplicate of bug 565417 ***

Note You need to log in before you can comment on or make changes to this bug.