Steve G wrote:
Hi,
When yum updates my rawhide policy, I get these avcs:
type=PATH msg=audit(12/29/2005 08:26:52.659:120) : item=0 name=/etc/mtab
inode=11403372 dev=03:07 mode=file,644 ouid=root ogid=root rdev=00:00
obj=system_u:object_r:etc_runtime_t:s0
type=CWD msg=audit(12/29/2005 08:26:52.659:120) : cwd=/
type=SYSCALL msg=audit(12/29/2005 08:26:52.659:120) : arch=x86_64 syscall=open
success=no exit=-13(Permission denied) a0=3446313756 a1=0 a2=1b6 a3=0 items=1
pid=2472 auid=root uid=root gid=root euid=root suid=root fsuid=root egid=root
sgid=root fsgid=root tty=tty1 comm=load_policy exe=/usr/sbin/load_policy
subj=root:system_r:load_policy_t:s0-s0:c0.c255
type=AVC msg=audit(12/29/2005 08:26:52.659:120) : avc: denied { read } for
pid=2472 comm=load_policy name=mtab dev=hda7 ino=11403372
scontext=root:system_r:load_policy_t:s0-s0:c0.c255
tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file
-Steve
This looks like a bug of a file descriptor being left open. Somthing in
the kernel/init/initrd must be opening /etc/mtab and not setting
closeonexec. Need to bugzilla the kernel I guess.
__________________________________________
Yahoo! DSL – Something to write home about.
Just $16.99/mo. or less.
dsl.yahoo.com
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
