[policy-1.8-19] Reading the hostname AVCs

Aleksey Nogin <aleksey@xxxxxxxxx> · Fri, 19 Mar 2004 00:57:04 -0800

When running hostname (or hostname -s) to _get_ (not set) the hostname 
as a "staff" user - under sysadm_r:

audit(1079685457.360:0): avc:  denied  { read } for  pid=9499 
exe=/bin/hostname name=resolv.conf dev=hda2 ino=229950 
scontext=aleksey:sysadm_r:hostname_t 
tcontext=system_u:object_r:net_conf_t tclass=file

audit(1079685457.361:0): avc:  denied  { getattr } for  pid=9499 
exe=/bin/hostname path=/etc/resolv.conf dev=hda2 ino=229950 
scontext=aleksey:sysadm_r:hostname_t 
tcontext=system_u:object_r:net_conf_t tclass=file

audit(1079685457.361:0): avc:  denied  { create } for  pid=9499 
exe=/bin/hostname scontext=aleksey:sysadm_r:hostname_t 
tcontext=aleksey:sysadm_r:hostname_t tclass=unix_stream_socket

audit(1079685457.361:0): avc:  denied  { connect } for  pid=9499 
exe=/bin/hostname scontext=aleksey:sysadm_r:hostname_t 
tcontext=aleksey:sysadm_r:hostname_t tclass=unix_stream_socket

The socket ones are coming from, I believe, trying to access 
/var/run/nscd/socket that does not exist (nscd was never used on this 
machine).

--
Aleksey Nogin

Home Page: http://nogin.org/
E-Mail: nogin@xxxxxxxxxxxxxx (office), aleksey@xxxxxxxxx (personal)
Office: Jorgensen 70, tel: (626) 395-2907