SELinux is preventing /bin/ps from using the 'sys_ptrace' capabilities. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that ps should have the sys_ptrace capability by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep /bin/ps /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c 0.c1023 Target Context unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c 0.c1023 Target Objects Unknown [ capability ] Source ps Source Path /bin/ps Port <Neznámé> Host (removed) Source RPM Packages procps-3.2.8-14.fc15 Target RPM Packages Policy RPM selinux-policy-3.9.10-9.fc15 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 2.6.36.1-11.fc15.x86_64 #1 SMP Fri Dec 3 12:29:43 UTC 2010 x86_64 x86_64 Alert Count 1 First Seen Pá 10. prosinec 2010, 10:23:27 CET Last Seen Pá 10. prosinec 2010, 10:23:27 CET Local ID 7ad08e2e-1186-40dd-b449-70f6ea2d4012 Raw Audit Messages type=AVC msg=audit(1291973007.254:2439): avc: denied { sys_ptrace } for pid=21851 comm="ps" capability=19 scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tclass=capability ps,mozilla_plugin_t,mozilla_plugin_t,capability,sys_ptrace type=SYSCALL msg=audit(1291973007.254:2439): arch=x86_64 syscall=read success=yes exit=156 a0=8 a1=3124c22620 a2=3ff a3=1ae23c6 items=0 ppid=21837 pid=21851 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm=ps exe=/bin/ps subj=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 key=(null) ps,mozilla_plugin_t,mozilla_plugin_t,capability,sys_ptrace #============= mozilla_plugin_t ============== allow mozilla_plugin_t self:capability sys_ptrace;
Will fix in selinux-policy-3.9.10-11.fc15.