Bug 756811 - mcelog generates AVCs on mcelog.pid
mcelog generates AVCs on mcelog.pid
Product: Fedora
Classification: Fedora
Component: mcelog (Show other bugs)
Unspecified Unspecified
medium Severity medium
: ---
: ---
Assigned To: Prarit Bhargava
Fedora Extras Quality Assurance
: Reopened, SELinux
Depends On: 756812
  Show dependency treegraph
Reported: 2011-11-24 11:57 EST by David Jaša
Modified: 2013-08-14 10:52 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-08-14 10:52:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description David Jaša 2011-11-24 11:57:29 EST
Description of problem:
on freshly installed fedora rawhide, mcelog generates these three kinds of AVCs:

1. if file /var/run/mcelog.pid is not present:
type=AVC msg=audit(1322149270.300:18): avc:  denied  { create } for  pid=650 comm="mcelog" name="mcelog.pid" scontext=system_u:system_r:mcelog_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file

2. if create is allowed then this one pops up:
type=AVC msg=audit(1322146088.957:78): avc:  denied  { write open } for  pid=1163 comm="mcelog" name="mcelog.pid" dev=tmpfs ino=19164 scontext=system_u:system_r:mcelog_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file

3. if file is created manually (IIRC)
type=AVC msg=audit(1322146909.437:126): avc:  denied  { unlink } for  pid=1163 comm="mcelog" name="mcelog.pid" dev=tmpfs ino=19164 scontext=system_u:system_r:mcelog_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 David Jaša 2011-11-24 12:44:39 EST
After further investigation, it seems that the only problem is wrong context on /var/run/mcelog.pid, once it is fixed, AVCs disappear. Closing as not a bug.
Comment 2 Daniel Walsh 2011-11-28 21:27:35 EST
Fixed in rawhide.
Comment 3 Carl G. 2011-12-04 06:46:07 EST
What about F16?


^ "type=AVC msg=audit(1322130010.286:5664): avc:  denied  { getattr } for  pid=14989 comm="mcelog" path="/run/mcelog.pid" dev=tmpfs ino=27703564 scontext=system_u:system_r:mcelog_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file"
Comment 4 Daniel Walsh 2011-12-05 09:55:30 EST
Fixed there also, yum update
Comment 5 Charlie Brady 2012-01-17 11:10:07 EST
(In reply to comment #3)
> What about F16?

Seen also in F15.

> Closing as not a bug.

Comment 6 Daniel Walsh 2012-01-17 11:33:23 EST
You are seeing this bug in F16 and F15?
Comment 7 Daniel Walsh 2012-01-17 11:35:35 EST
On my F16 box I see them labeled correctly.

Comment 8 Fedora End Of Life 2013-04-03 15:57:10 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
Comment 9 Prarit Bhargava 2013-08-14 08:26:00 EDT
Should this be open or closed at this point?


Note You need to log in before you can comment on or make changes to this bug.