> -----Original Message----- > From: Daniel J Walsh [mailto:dwalsh@xxxxxxxxxx] > Sent: Monday, February 02, 2009 11:56 AM > To: Clarkson, Mike R (US SSA) > Cc: selinux@xxxxxxxxxxxxx > Subject: Re: filesystem mount AVC denial > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Clarkson, Mike R (US SSA) wrote: > > I got the following AVC denial in the audit logs and I'm wondering what > > would cause this: > > > > type=AVC msg=audit(1232734163.528:997720):avc: denied { mount } for > > pid=28016 comm="find" name="/" dev=0:1c ino=0 > > scontext=root:staff_r:libstart_t:s0-s4:c0.c255 > > tcontext=system_u:object_r:nfs_t:s0 tclass=filesystem > > > > The program running in the libstart_t domain is using the "find" cmd, > > and find is requiring the "mount" permission. Could this be caused by > > "find" traversing into an automounted (NFS) directory? But in that case > > I would expect the automount daemon, which is running in the automount_t > > domain, to do the mounting. > > > > Thanks > > > > > > > > -- > > This message was distributed to subscribers of the selinux mailing list. > > If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx > with > > the words "unsubscribe selinux" without quotes as the message. > > The autofs maintainers have asked me to ask you to file a bug on autofs > and include the data requested on OK. Will do > > http://people.redhat.com/jmoyer/ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org > > iEYEARECAAYFAkmHT7wACgkQrlYvE4MpobNqzACdHuAdi31QNzlp8bASxiQaLp0/ > VtwAn0kAZG1Zm0kYSxqTJleKEubo/GpV > =BZQV > -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
