729175 – [RHEL6.2] avc: denied { read } for pid=5541 comm="abrt-dump-oops"

Bug 729175 - [RHEL6.2] avc: denied { read } for pid=5541 comm="abrt-dump-oops"

Summary: [RHEL6.2] avc: denied { read } for pid=5541 comm="abrt-dump-oops"

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	selinux-policy
Sub Component:
Version:	6.2
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Miroslav Grepl
QA Contact:	Milos Malik
Docs Contact:
URL:	https://beaker.engineering.redhat.com...
Whiteboard:
Duplicates (1):	728866 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-08-08 22:43 UTC by Jeff Burke
Modified:	2012-10-15 15:02 UTC (History)
CC List:	8 users (show)
Fixed In Version:	selinux-policy-3.7.19-108.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-12-06 10:12:52 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2011:1511	0	normal	SHIPPED_LIVE	selinux-policy bug fix and enhancement update	2011-12-06 00:39:17 UTC

Description Jeff Burke 2011-08-08 22:43:59 UTC

Description of problem:
 While running kernel tests with the latest 6.2 nightly many of the tests are 
failing because of the AVC check

Version-Release number of selected component (if applicable):
RHEL6.2-20110808.n.0

How reproducible:
Always
  
Actual results:
type=1400 audit(1312831610.109:469190): avc:  denied  { read } for  pid=5541 comm="abrt-dump-oops" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir

Expected results:
No AVC denied messages should be generated under normal circumstances

Additional info:

Comment 3 Miroslav Grepl 2011-08-09 06:41:06 UTC

*** Bug 728866 has been marked as a duplicate of this bug. ***

Comment 4 Miroslav Grepl 2011-08-10 06:58:22 UTC

Fixed in selinux-policy-3.7.19-107.el6

Comment 6 Nate Straz 2011-08-25 20:12:35 UTC

I'm still seeing thsi with selinux-policy-3.7.19-107.el6

type=AVC msg=audit(1314302944.232:3365): avc:  denied  { read } for  pid=4680 comm="abrt-dump-oops" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir

Comment 7 Miroslav Grepl 2011-08-26 06:25:10 UTC

I thought "Fixed in selinux-policy-3.7.19-108.el6"

Comment 9 errata-xmlrpc 2011-12-06 10:12:52 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1511.html

Note You need to log in before you can comment on or make changes to this bug.