2015-05-21 15:03 GMT+02:00 Stephen Smalley <sds@xxxxxxxxxxxxx>:
avc: denied message?
Reproducible if you setenforce 0?
In permissive mode it works, and the transition occurs.
/var/log/audit/audit.log:
type=AVC msg=audit(1432215103.845:327): avc: denied { execute_no_trans } for pid=6209 comm="syslogd_exec_t_" path="/root/aaa/syslogd_exec_t_runner.sh" dev=dm-0 ino=1441833 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:syslogd_exec_t:s0 tclass=file
type=AVC msg=audit(1432215103.845:327): avc: denied { execute_no_trans } for pid=6209 comm="syslogd_exec_t_" path="/root/aaa/syslogd_exec_t_runner.sh" dev=dm-0 ino=1441833 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:syslogd_exec_t:s0 tclass=file
/var/log/messages:
May 21 15:31:48 centos-test setroubleshoot: SELinux is preventing /bin/bash from execute_no_trans access on the file /root/aaa/syslogd_exec_t_runner.sh. For complete SELinux messages. run sealert -l b7a35e75-7b54-47c8-95df-534a261de98d
May 21 15:31:48 centos-test setroubleshoot: SELinux is preventing /bin/bash from execute_no_trans access on the file /root/aaa/syslogd_exec_t_runner.sh. For complete SELinux messages. run sealert -l b7a35e75-7b54-47c8-95df-534a261de98d
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
