Re: permission denied without an (obvious) reason when changing directory permissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Lukas,

ausearch shows only irrelevant logs from other processes but, apart from me playing around with runcon, nothing regarding smokeping:
--%snip%--
----
time->Wed Apr 24 11:43:39 2019
type=PROCTITLE msg=audit(1556099019.516:249260): proctitle=72756E636F6E002D7400736D6F6B6570696E675F74002D720073797374656D5F72006964
type=PATH msg=audit(1556099019.516:249260): item=0 name="/usr/bin/id" inode=7818 dev=fd:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:bin_t:s0 objtype=NORMAL cap_fp=
0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1556099019.516:249260):  cwd="/root"
type=SYSCALL msg=audit(1556099019.516:249260): arch=c000003e syscall=59 success=no exit=-13 a0=7ffd17daa993 a1=7ffd17daabd0 a2=7ffd17daabe0 a3=7ffd17daa4a0 items=1 ppid=26931 pid=132
01 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=5004 comm="runcon" exe="/usr/bin/runcon" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key
=(null)
type=AVC msg=audit(1556099019.516:249260): avc:  denied  { entrypoint } for  pid=13201 comm="runcon" path="/usr/bin/id" dev="dm-1" ino=7818 scontext=unconfined_u:system_r:smokeping_t
:s0-s0:c0.c1023 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=0
----
time->Wed Apr 24 11:45:25 2019
type=PROCTITLE msg=audit(1556099125.154:249313): proctitle=72756E636F6E002D7400736D6F6B6570696E675F74002D720073797374656D5F72006C73002F7661722F6C69622F736D6F6B6570696E672F7272642F666
F6F
type=PATH msg=audit(1556099125.154:249313): item=0 name="/usr/bin/ls" inode=7824 dev=fd:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:bin_t:s0 objtype=NORMAL cap_fp=
0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0
type=CWD msg=audit(1556099125.154:249313):  cwd="/root"
type=SYSCALL msg=audit(1556099125.154:249313): arch=c000003e syscall=59 success=no exit=-13 a0=7ffc3f10e103 a1=7ffc3f10e340 a2=7ffc3f10e358 a3=7ffc3f10dc20 items=1 ppid=26931 pid=141
85 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=5004 comm="runcon" exe="/usr/bin/runcon" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key
=(null)
type=AVC msg=audit(1556099125.154:249313): avc:  denied  { entrypoint } for  pid=14185 comm="runcon" path="/usr/bin/ls" dev="dm-1" ino=7824 scontext=unconfined_u:system_r:smokeping_t:s0-s0:c0.c1023 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=0
--%snip%--

Also I do not have any dontaudit rules for smokeping_t that would hide the log events in question.

- Philippe
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux