Hi Mark,
>>> time->Wed Nov 21 11:08:55 2018 type=PROCTITLE
>>> msg=audit(1542816535.125:26908):
>>> proctitle=2F7573722F7362696E2F73656E646D61696C002D4643726F6E4461656D6F6E
>>> 002D69002D6F6469002D6F656D002D6F69002D74002D6600726F6F74
>>> type=SYSCALL msg=audit(1542816535.125:26908): arch=c000003e syscall=2
>>> success=yes exit=3 a0=7f52d568d0b8 a1=80000 a2=1b6 a3=24 items=0
>>> ppid=54786 pid=55276 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=51
>>> sgid=51 fsgid=51 tty=(none) ses=935 comm="sendmail"
>>> exe="/usr/sbin/sendmail.sendmail"
>>> subj=system_u:system_r:system_mail_t:s0-s0:c0.c1023 key=(null)
>>> type=AVC msg=audit(1542816535.125:26908): avc: denied { open } for
>>> pid=55276 comm="sendmail"
>>> path="/proc/sys/net/ipv6/conf/all/disable_ipv6" dev="proc" ino=25607
>>> scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
>>> tcontext=system_u:object_r:sysctl_net_t:s0 tclass=file
>>> type=AVC msg=audit(1542816535.125:26908): avc: denied { read } for
>>> pid=55276 comm="sendmail" name="disable_ipv6" dev="proc" ino=25607
>>> scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023
>>> tcontext=system_u:object_r:sysctl_net_t:s0 tclass=file
I think this is caused by a leaking file descriptor to
/proc/sys/net/ipv6/conf/all/disable_ipv6 from whatever cronjob you are
running, which calls sendmail.
Best regards,
Michael
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
