Summary: SELinux is preventing /lib/ld-2.12.90.so "execstack" access on <Unknown>. Detailed Description: SELinux denied access requested by ld-linux.so.2. The current boolean settings do not allow this access. If you have not setup ld-linux.so.2 to require this access this may signal an intrusion attempt. If you do intend this access you need to change the booleans on this system to allow the access. Allowing Access: Confined processes can be configured to run requiring different access, SELinux provides booleans to allow you to turn on/off access as needed. The boolean allow_execstack is set incorrectly. Boolean Description: Allow unconfined executables to make their stack executable. This should never, ever be necessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla Fix Command: # setsebool -P allow_execstack 1 Additional Information: Source Context system_u:system_r:initrc_t:s0 Target Context system_u:system_r:initrc_t:s0 Target Objects None [ process ] Source ld-linux.so.2 Source Path /lib/ld-2.12.90.so Port <Unknown> Host SAMBA.localdomain Source RPM Packages glibc-2.12.90-19 Target RPM Packages Policy RPM selinux-policy-3.9.7-14.fc14 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall_boolean Host Name SAMBA.localdomain Platform Linux SAMBA.localdomain 2.6.35.9-64.fc14.i686 #1 SMP Fri Dec 3 12:35:42 UTC 2010 i686 i686 Alert Count 1 First Seen Wed 08 Dec 2010 19:36:38 GMT Last Seen Wed 08 Dec 2010 19:36:38 GMT Local ID d8700908-c2fa-40cb-99f4-f6a8c479abcb Line Numbers Raw Audit Messages node=SAMBA.localdomain type=AVC msg=audit(1291836998.268:7): avc: denied { execstack } for pid=1622 comm="ld-linux.so.2" scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=process node=SAMBA.localdomain type=SYSCALL msg=audit(1291836998.268:7): arch=40000003 syscall=125 success=no exit=-13 a0=bf9bd000 a1=1000 a2=1000007 a3=bf9bd014 items=0 ppid=1620 pid=1622 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ld-linux.so.2" exe="/lib/ld-2.12.90.so" subj=system_u:system_r:initrc_t:s0 key=(null)
What does # execstack -q /lib/ld-* show? And also # ps -eZ | grep initrc
(In reply to comment #1) > What does > > # execstack -q /lib/ld-* > show? [root@SAMBA Samba]# execstack -q /lib/ld-* - /lib/ld-2.12.90.so - /lib/ld-linux.so.2 - /lib/ld-lsb.so.3 > > And also > > # ps -eZ | grep initrc [root@SAMBA Samba]# ps -eZ | grep initrc system_u:system_r:initrc_t:s0 831 ? 00:00:00 system-setup-ke system_u:system_r:initrc_t:s0 1626 ? 00:00:03 I2subAgent
*** This bug has been marked as a duplicate of bug 652297 ***
Follow commands in other bugreport to find bogus libraries on your system