|
Hi all, Environment: CentOS 7, with either stock 3.10 kernel, or custom 3.19 kernel. I’m getting a AVC denial message in the audit logs that corresponds to the opening of a TIPC socket (AF_TIPC). The denial is seems valid, and is triggered by a custom C++ application that hasn’t yet been assigned an appropriate security
context. The problem I’m having is that the AVC message is garbled (non-ASCII data in the denied and tclass fields), which makes it difficult to assemble a new policy: ---- type=AVC msg=audit(1434126658.487:34500): avc: denied {
garbage_characters } for pid=292 comm="kworker/u16:5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=garbage_characters permissive=0 ---- This corresponds to a kernel error that shows up in the debuglog: SELinux: Invalid class 0 setroubleshootd also has, er, trouble: ---- /var/lib/setroubleshoot/setroubleshoot_database.xml:51: parser error : PCDATA invalid Char value 15 <tclass>D</tclass> ^ /var/lib/setroubleshoot/setroubleshoot_database.xml:51: parser error : PCDATA invalid Char value 31 <tclass>D</tclass> etc. ---- I’m new to SELinux, and this seems a little more obscure than your typical newbie problem. Any guidance would be appreciated!
Many thanks in advance, Tim This email and attachments may contain privileged or confidential information intended only for the addressee(s) indicated. The sender does not waive any of its rights, privileges or protections respecting this information. If you are not the named addressee, an employee, or agent responsible for sending this message to the named addressee (or this message was received by mistake), you are not authorized to read, print, retain, copy or disseminate this message or any part of it. If received in error, please notify us immediately by e-mail, discard any paper copies and delete all electronic files of the email. Computer viruses can be transmitted via email. The recipient should check this email and any attachments for viruses. Email transmission cannot be guaranteed to be secured or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender accepts no liability for any damage caused by any transmitted viruses or errors or omissions in the contents of this message. Overture Networks, Inc. 637 Davis Drive, Morrisville, NC USA 27560 www.overturenetworks.com |
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
