Russell Coker <russell@xxxxxxxxxxxx> writes:
> type=AVC msg=audit(1552226284.038:2422): avc: denied { mac_admin } for
> pid=8289 comm="rsync" capability=33
> scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=capability2
> permissive=0
Its for setting invalid labels. Something you generally want to avoid.
>
> The above is from running rsync with the -X option.
>
> $ grep -R mac_admin .
> ./policy/flask/access_vectors: mac_admin # unused by SELinux
> ./policy/modules/apps/livecd.te:dontaudit livecd_t self:capability2 mac_admin;
>
> Grepping the git policy shows that there's a comment saying it's unused as
> well as a dontaudit rule indicating that it has been used for some time.
--
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02
Dominick Grift
