I don't understand the consequence for this AVC denial, things seem to
be working correctly but maybe I'm not using some feature that is
affected by the denial. Anyway, whenever I start samba, I see an AVC
denial in the log. Should I file a bug and if so against what
component?
Dec 17 18:08:37 f27s.localdomain systemd[1]: Mounting /srv/scratch...
Dec 17 18:08:37 f27s.localdomain systemd[1]: Mounted /srv/scratch.
Dec 17 18:08:43 f27s.localdomain sudo[1543]: chris : TTY=pts/0 ;
PWD=/home/chris ; USER=root ; COMMAND=/bin/systemctl start smb
Dec 17 18:08:43 f27s.localdomain audit[1543]: USER_CMD pid=1543
uid=1000 auid=1000 ses=1
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
msg='cwd="/home/chris" cm
d=73797374656D63746C20737461727420736D62 terminal=pts/0 res=success'
Dec 17 18:08:43 f27s.localdomain audit[1543]: CRED_REFR pid=1543 uid=0
auid=1000 ses=1
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
msg='op=PAM:setcred grantor
s=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=?
terminal=/dev/pts/0 res=success'
Dec 17 18:08:43 f27s.localdomain sudo[1543]:
pam_systemd(sudo:session): Cannot create session: Already running in a
session
Dec 17 18:08:43 f27s.localdomain audit[1543]: USER_START pid=1543
uid=0 auid=1000 ses=1
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
msg='op=PAM:session_open g
rantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix
acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0
res=success'
Dec 17 18:08:43 f27s.localdomain sudo[1543]: pam_unix(sudo:session):
session opened for user root by chris(uid=0)
Dec 17 18:08:43 f27s.localdomain systemd[1]: Starting Samba SMB Daemon...
Dec 17 18:08:43 f27s.localdomain systemd[1]: smb.service: Supervising
process 1548 which is not our child. We'll most likely not notice when
it exits.
Dec 17 18:08:43 f27s.localdomain smbd[1548]: [2017/12/17
18:08:43.907938, 0] ../lib/util/become_daemon.c:124(daemon_ready)
Dec 17 18:08:43 f27s.localdomain audit[1]: SERVICE_START pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0
msg='unit=smb comm="systemd" exe="/usr/l
ib/systemd/systemd" hostname=? addr=? terminal=? res=success'
Dec 17 18:08:43 f27s.localdomain smbd[1548]: STATUS=daemon 'smbd'
finished starting up and ready to serve connections
Dec 17 18:08:43 f27s.localdomain audit[1543]: USER_END pid=1543 uid=0
auid=1000 ses=1
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
msg='op=PAM:session_close gr
antors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix
acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0
res=success'
Dec 17 18:08:43 f27s.localdomain audit[1543]: CRED_DISP pid=1543 uid=0
auid=1000 ses=1
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
msg='op=PAM:setcred grantor
s=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=?
terminal=/dev/pts/0 res=success'
Dec 17 18:08:43 f27s.localdomain systemd[1]: Started Samba SMB Daemon.
Dec 17 18:08:43 f27s.localdomain sudo[1543]: pam_unix(sudo:session):
session closed for user root
Dec 17 18:08:43 f27s.localdomain audit[665]: USER_AVC pid=665 uid=81
auid=4294967295 ses=4294967295
subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: denied
{
send_msg } for msgtype=method_call
interface=org.freedesktop.DBus.Peer member=Ping
dest=org.freedesktop.Avahi spid=1548 tpid=646
scontext=system_u:system_r:smbd_t:s0 tconte
xt=system_u:system_r:avahi_t:s0 tclass=dbus permissive=0
exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
Dec 17 18:08:51 f27s.localdomain sudo[1553]: chris : TTY=pts/0 ;
PWD=/home/chris ; USER=root ; COMMAND=/bin/smbstatus
--
Chris Murphy
_______________________________________________
security mailing list -- security@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to security-leave@xxxxxxxxxxxxxxxxxxxxxxx
