From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
On 04/23/2013 04:37 PM, m.roth@xxxxxxxxx wrote:
> m.roth@xxxxxxxxx wrote:
>>
> This is very frustrating. My manager rebooted this morning, so now I'm not
> sure about which avc I wrote about yesterday. However, I see various
> things:
<snip>
> 3. This one makes *zero* sense to me: SELinux is preventing
> /lib64/security/pam_krb5/pam_krb5_storetmp from execute access on the
> file /lib64/security/pam_krb5/pam_krb5_storetmp. ll -Z
> -rwxr-xr-x. root root system_u:object_r:bin_t:s0
> /lib64/security/pam_krb5/pam_krb5_storetmp*
<snip>
>And last one would need
>corecmd_exec_bin() for a source type from AVC msg which we don't have.
Not sure how to use that, but I'm at work for a few more minutes, and it's
telling me, from sealert,
SELinux is preventing /lib64/security/pam_krb5/pam_krb5_storetmp from
execute access on the file /lib64/security/pam_krb5/pam_krb5_storetmp.
And one of the raw avcs is:
type=AVC msg=audit(1367010914.610:143690): avc: denied {
execute_no_trans } for pid=1310 comm="auth"
path="/lib64/security/pam_krb5/pam_krb5_storetmp" dev=sda3 ino=15343658
scontext=system_u:system_r:dovecot_auth_t:s0
tcontext=system_u:object_r:bin_t:s0 tclass=file
Thanks.
mark
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
