Once upon a time, Chris Adams <linux@xxxxxxxxxxx> said: > Once upon a time, Łukasz Posadowski <mail@xxxxxxxxxxxxxxxxxxx> said: > > From 11.06 journal is logging a lot of denied access to /proc for > > unix_chkpwd by selinux. They are so frequent, that I see them in > > htop. :) Right now I have 2122 logges denials. > > > > Is it OK for unix_chkpwd to poke in /proc? It has to know who is > > logged in, do probably yes, bit I'm not sure. > > I haven't dug into it, but I'm thinking there was some policy or library > change that isn't quite right... sssd_be also has the same denial on > startup (so every boot). Went ahead and poked at it - the issue is the new version of libcap-ng. Opened https://bugzilla.redhat.com/show_bug.cgi?id=1971688 -- Chris Adams <linux@xxxxxxxxxxx> _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
Re: [C8 stream] unix_chkpwd wants access to /proc
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: [C8 stream] unix_chkpwd wants access to /proc
- From: Chris Adams <linux@xxxxxxxxxxx>
- Date: Mon, 14 Jun 2021 10:01:27 -0500
- In-reply-to: <20210614141407.GA5908@cmadams.net>
- Mail-followup-to: centos@xxxxxxxxxx
- References: <88f0b9daff947d84931d66ece16ff303081fab3c.camel@lukaszposadowski.pl> <20210614141407.GA5908@cmadams.net>
- User-agent: Mutt/1.5.21 (2010-09-15)
- References:
- [C8 stream] unix_chkpwd wants access to /proc
- From: Łukasz Posadowski
- Re: [C8 stream] unix_chkpwd wants access to /proc
- From: Chris Adams
- [C8 stream] unix_chkpwd wants access to /proc
- Prev by Date: Re: CentOS Board welcomes new directors
- Next by Date: CentOS-announce Digest, Vol 195, Issue 2
- Previous by thread: Re: [C8 stream] unix_chkpwd wants access to /proc
- Next by thread: CentOS-announce Digest, Vol 195, Issue 2
- Index(es):
 |