plenty of unix_chkpwd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

hi guys.

I get lots of:
Jun 10 16:34:03 dzien.private.lot setroubleshoot[489537]: SELinux is preventing /usr/sbin/unix_chkpwd from getattr access on the filesystem /proc. For complete SELinux messages run: sealert -l 0e04b2ea-b63d-481f-9633-e0bf0530e7ba
and I yet do not know from what and before I start investigation I wanted to ask if that is indeed a "valid" denial? 
...
Additional Information:
Source Context                system_u:system_r:chkpwd_t:s0
Target Context                system_u:object_r:proc_t:s0
Target Objects                /proc [ filesystem ]
Source                        unix_chkpwd
Source Path                   /usr/sbin/unix_chkpwd
Port                          <Unknown>
Host                          dzien.private.lot
Source RPM Packages           pam-1.3.1-15.el8.x86_64
Target RPM Packages           filesystem-3.8-4.el8.0.1.x86_64
SELinux Policy RPM selinux-policy-targeted-3.14.3-68.el8.noarch
Local Policy RPM selinux-policy-targeted-3.14.3-68.el8.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     dzien.private.lot
Platform                      Linux dzien.private.lot
                              4.18.0-305.3.1.el8.x86_64 #1 SMP Tue Jun 1 
                              16:14:33 UTC 2021 x86_64 x86_64
Alert Count                   1988
First Seen                    2021-06-09 09:50:01 BST
Last Seen                     2021-06-10 16:32:01 BST
Local ID 87f481c4-e4dd-4b77-80c5-52a898760061

Raw Audit Messages
type=AVC msg=audit(1623339121.659:34011): avc:  denied  { getattr } for  pid=487286 comm="unix_chkpwd" name="/" dev="proc" ino=1 scontext=system_u:system_r:chkpwd_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=filesystem permissive=0
type=SYSCALL msg=audit(1623339121.659:34011): arch=x86_64 syscall=fstatfs success=no exit=EACCES a0=3 a1=7ffe61eee320 a2=0 a3=0 items=0 ppid=487285 pid=487286 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=unix_chkpwd exe=/usr/sbin/unix_chkpwd subj=system_u:system_r:chkpwd_t:s0 key=(null) 

Hash: unix_chkpwd,chkpwd_t,proc_t,filesystem,getattr
...

many thanks, L.
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux