Bug 803146 - AVC:denied { sys_nice } for pid=18103 comm="python" capability=23
AVC:denied { sys_nice } for pid=18103 comm="python" capability=23
Status: CLOSED DUPLICATE of bug 795668
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: selinux-policy (Show other bugs)
7.0
All Linux
high Severity high
: alpha
: ---
Assigned To: Daniel Walsh
Milos Malik
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-13 23:16 EDT by Dong Zhu
Modified: 2014-03-16 21:47 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-03-14 08:48:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dong Zhu 2012-03-13 23:16:50 EDT
Description of problem:
when run the testcase on RHEL-7,jobs are always failed because of the AVC


log:
time->Fri Mar  9 09:50:35 2012
type=SYSCALL msg=audit(1331304635.395:253): arch=c000003e syscall=144 success=yes exit=0 a0=46b7 a1=0 a2=7fff164c2790 a3=1 items=0 ppid=1135 pid=18103 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="python" exe="/usr/bin/python" subj=system_u:system_r:rhsmcertd_t:s0 key=(null)
type=AVC msg=audit(1331304635.395:253): avc:  denied  { setsched } for  pid=18103 comm="python" scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:system_r:rhsmcertd_t:s0 tclass=process
type=AVC msg=audit(1331304635.395:253): avc:  denied  { sys_nice } for  pid=18103 comm="python" capability=23  scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:system_r:rhsmcertd_t:s0 tclass=capability
----
time->Fri Mar  9 09:50:35 2012
type=SYSCALL msg=audit(1331304635.581:254): arch=c000003e syscall=2 success=yes exit=6 a0=4013b6 a1=241 a2=1b6 a3=238 items=0 ppid=1 pid=1135 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="rhsmcertd" exe=2F7573722F62696E2F7268736D6365727464202864656C6574656429 subj=system_u:system_r:rhsmcertd_t:s0 key=(null)
type=AVC msg=audit(1331304635.581:254): avc:  denied  { open } for  pid=1135 comm="rhsmcertd" name="update" dev=tmpfs ino=15875 scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file
type=AVC msg=audit(1331304635.581:254): avc:  denied  { write } for  pid=1135 comm="rhsmcertd" name="update" dev=tmpfs ino=15875 scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file
----
time->Fri Mar  9 09:50:35 2012
type=SYSCALL msg=audit(1331304635.582:255): arch=c000003e syscall=5 success=yes exit=0 a0=6 a1=7fffb576de20 a2=7fffb576de20 a3=238 items=0 ppid=1 pid=1135 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="rhsmcertd" exe=2F7573722F62696E2F7268736D6365727464202864656C6574656429 subj=system_u:system_r:rhsmcertd_t:s0 key=(null)
type=AVC msg=audit(1331304635.582:255): avc:  denied  { getattr } for  pid=1135 comm="rhsmcertd" path="/run/rhsm/update" dev=tmpfs ino=15875 scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file
----
time->Fri Mar  9 13:50:35 2012
type=SYSCALL msg=audit(1331319035.467:454): arch=c000003e syscall=144 success=yes exit=0 a0=6500 a1=0 a2=7fff8a7437d0 a3=1 items=0 ppid=1135 pid=25856 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="python" exe="/usr/bin/python" subj=system_u:system_r:rhsmcertd_t:s0 key=(null)
type=AVC msg=audit(1331319035.467:454): avc:  denied  { setsched } for  pid=25856 comm="python" scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:system_r:rhsmcertd_t:s0 tclass=process
Fail: AVC messages found.


Additional info:
job link : https://beaker.engineering.redhat.com/jobs/201954
Comment 1 Milos Malik 2012-03-14 03:27:34 EDT
Yet another duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=795668.
Comment 2 Daniel Walsh 2012-03-14 08:48:35 EDT

*** This bug has been marked as a duplicate of bug 795668 ***

Note You need to log in before you can comment on or make changes to this bug.