Re: execstack AVCs in Rawhide...?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Tom London wrote:
We are guessing there is some screwed up library on your machine that is causing this. Could you attempt to strace one of these apps to see which library is causing the problem. 

Thanks,

Dan

Running latest Rawhide, targeted/enforcing.

I seem to be getting execstack AVCs from setroubleshootd, sealert,
gaim, mixer_applet2, and firefox-bin.
Firefox has flash and Sun java plugins; guessing that may be part of the issue. 

tom

type=DAEMON_START msg=audit(1166807740.587:4053) auditd start,
ver=1.3.1, format=raw, auid=4294967295 pid=2084 res=success, auditd
pid=2084
type=CONFIG_CHANGE msg=audit(1166807740.687:5): audit_enabled=1 old=0
by auid=4294967295 subj=system_u:system_r:auditd_t:s0
type=CONFIG_CHANGE msg=audit(1166807740.893:6):
audit_backlog_limit=256 old=64 by auid=4294967295
subj=system_u:system_r:auditctl_t:s0
type=AVC msg=audit(1166807745.923:7): avc:  denied  { execstack } for
pid=2187 comm="setroubleshootd"
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=system_u:system_r:setroubleshootd_t:s0 tclass=process
type=SYSCALL msg=audit(1166807745.923:7): arch=40000003 syscall=125
success=no exit=-13 a0=bfce1000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=1 pid=2187 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd"
exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0
key=(null)
type=LABEL_LEVEL_CHANGE msg=audit(1166807750.278:8): user pid=2517
uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023
msg='printer=HP5MP uri=hp:/par/HP_LaserJet_5MP?device=/dev/parport0
banners=none,none range=unknown: exe="/usr/sbin/cupsd"
(hostname=localhost.localdomain, addr=127.0.0.1, terminal=?
res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1166807750.429:9): user pid=2517
uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023
msg='printer=hp_LaserJet_1300
uri=hal:///org/freedesktop/Hal/devices/usb_device_3f0_1017_00CNCB954325_if0_printer_noserial 
banners=none,none range=unknown: exe="/usr/sbin/cupsd"
(hostname=localhost.localdomain, addr=127.0.0.1, terminal=?
res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1166807750.494:10): user pid=2517
uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023
msg='printer=Innopath uri=file:/dev/null banners=none,none
range=unknown: exe="/usr/sbin/cupsd" (hostname=localhost.localdomain,
addr=127.0.0.1, terminal=? res=success)'
type=LABEL_LEVEL_CHANGE msg=audit(1166807750.496:11): user pid=2517
uid=0 auid=4294967295 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023
msg='printer=Local uri=file:/dev/null banners=none,none range=unknown:
exe="/usr/sbin/cupsd" (hostname=localhost.localdomain, addr=127.0.0.1,
terminal=? res=success)'
type=USER_ERR msg=audit(1166807765.078:12): user pid=2960 uid=0
auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM:
bad_ident acct=? : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?,
terminal=? res=failed)'
type=USER_AUTH msg=audit(1166807777.433:13): user pid=3037 uid=0
auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM:
authentication acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?,
addr=?, terminal=:0 res=success)'
type=USER_ACCT msg=audit(1166807777.435:14): user pid=3037 uid=0
auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM:
accounting acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?,
terminal=:0 res=success)'
type=CRED_ACQ msg=audit(1166807777.436:15): user pid=3037 uid=0
auid=4294967295 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM:
setcred acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?,
terminal=:0 res=success)'
type=LOGIN msg=audit(1166807777.440:16): login pid=3037 uid=0 old
auid=4294967295 new auid=500
type=USER_START msg=audit(1166807777.583:17): user pid=3037 uid=0
auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='PAM: session
open acct=tbl : exe="/usr/sbin/gdm-binary" (hostname=?, addr=?,
terminal=:0 res=success)'
type=USER_LOGIN msg=audit(1166807777.585:18): user pid=3037 uid=0
auid=500 subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 msg='uid=500:
exe="/usr/sbin/gdm-binary" (hostname=localhost.localdomain,
addr=127.0.0.1, terminal=:0 res=success)'
type=AVC msg=audit(1166807804.117:19): avc:  denied  { execstack } for
pid=3229 comm="sealert" scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1166807804.117:19): arch=40000003 syscall=125
success=no exit=-13 a0=bf882000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=1 pid=3229 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500
egid=500 sgid=500 fsgid=500 tty=(none) comm="sealert"
exe="/usr/bin/python" subj=user_u:system_r:unconfined_t:s0 key=(null)
type=AVC msg=audit(1166807804.624:20): avc:  denied  { execstack } for
pid=3240 comm="sealert" scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1166807804.624:20): arch=40000003 syscall=125
success=no exit=-13 a0=bff2f000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=3239 pid=3240 auid=500 uid=500 gid=500 euid=500 suid=500
fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="sealert"
exe="/usr/bin/python" subj=user_u:system_r:unconfined_t:s0 key=(null)
type=AVC msg=audit(1166807809.849:21): avc:  denied  { execstack } for
pid=3283 comm="gaim" scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1166807809.849:21): arch=40000003 syscall=125
success=no exit=-13 a0=bffd9000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=3193 pid=3283 auid=500 uid=500 gid=500 euid=500 suid=500
fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="gaim"
exe="/usr/bin/gaim" subj=user_u:system_r:unconfined_t:s0 key=(null)
type=AVC msg=audit(1166807821.317:22): avc:  denied  { execstack } for
pid=3419 comm="mixer_applet2"
scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1166807821.317:22): arch=40000003 syscall=125
success=no exit=-13 a0=bfa39000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=3408 pid=3419 auid=500 uid=500 gid=500 euid=500 suid=500
fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) comm="mixer_applet2"
exe="/usr/libexec/mixer_applet2" subj=user_u:system_r:unconfined_t:s0
key=(null)
type=USER_AUTH msg=audit(1166807845.960:23): user pid=3460 uid=500
auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: authentication
acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0
res=success)'
type=USER_ACCT msg=audit(1166807845.961:24): user pid=3460 uid=500
auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: accounting
acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0
res=success)'
type=USER_START msg=audit(1166807847.381:25): user pid=3460 uid=500
auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: session open
acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0
res=success)'
type=CRED_ACQ msg=audit(1166807847.382:26): user pid=3460 uid=500
auid=500 subj=user_u:system_r:unconfined_t:s0 msg='PAM: setcred
acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0
res=success)'
type=AVC msg=audit(1166807900.148:27): avc:  denied  { execstack } for
pid=3441 comm="firefox-bin" scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1166807900.148:27): arch=40000003 syscall=125
success=no exit=-13 a0=bf89b000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=1 pid=3441 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500
egid=500 sgid=500 fsgid=500 tty=(none) comm="firefox-bin"
exe="/usr/lib/firefox-2.0/firefox-bin"
subj=user_u:system_r:unconfined_t:s0 key=(null)
type=AVC msg=audit(1166807900.158:28): avc:  denied  { execstack } for
pid=3441 comm="firefox-bin" scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1166807900.158:28): arch=40000003 syscall=125
success=no exit=-13 a0=bf89b000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=1 pid=3441 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500
egid=500 sgid=500 fsgid=500 tty=(none) comm="firefox-bin"
exe="/usr/lib/firefox-2.0/firefox-bin"
subj=user_u:system_r:unconfined_t:s0 key=(null)
type=AVC msg=audit(1166807900.162:29): avc:  denied  { execstack } for
pid=3441 comm="firefox-bin" scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1166807900.162:29): arch=40000003 syscall=125
success=no exit=-13 a0=bf89b000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=1 pid=3441 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500
egid=500 sgid=500 fsgid=500 tty=(none) comm="firefox-bin"
exe="/usr/lib/firefox-2.0/firefox-bin"
subj=user_u:system_r:unconfined_t:s0 key=(null)
type=AVC msg=audit(1166807900.163:30): avc:  denied  { execstack } for
pid=3441 comm="firefox-bin" scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1166807900.163:30): arch=40000003 syscall=125
success=no exit=-13 a0=bf89b000 a1=1000 a2=1000007 a3=fffff000 items=0
ppid=1 pid=3441 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500
egid=500 sgid=500 fsgid=500 tty=(none) comm="firefox-bin"
exe="/usr/lib/firefox-2.0/firefox-bin"
subj=user_u:system_r:unconfined_t:s0 key=(null)



--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux