This is not strictly an SELinux question, but I figure that someone may
have run across this before and have some idea what's going on.
type=AVC msg=audit(1548870149.222:8945): avc: denied { ioctl } for
pid=20752 comm="bash" path="/etc/pki/radiusd/certmonger-post.sh"
dev="dm-0" ino=8415894 ioctlcmd=5401
scontext=system_u:system_r:certmonger_t:s0
tcontext=unconfined_u:object_r:radiusd_cert_t:s0 tclass=file permissive=0
This occurs when certmonger runs:
'/usr/bin/bash /etc/pki/radiusd/certmonger-post.sh'
Try as a might, I can't think of any reason why bash would be calling
ioctl on a script file, so I'm not sure whether to dontaudit or allow
this (as it seems to be a non-fatal error).
Anyone have any ideas?
Thanks!
--
========================================================================
Ian Pilcher arequipeno@xxxxxxxxx
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
