>>> Ian Pilcher <arequipeno@xxxxxxxxx> schrieb am 29.06.2020 um 19:19 in
Nachricht
<4792_1593451210_5EFA22CA_4792_148_1_rdd7rq$3aje$1@xxxxxxxxxxxxx>:
> I originally posted a variation of the question on the SELinux mailing
> list, but the more I look at this the more I realize that it really
> isn't a SELinux questions. I'm not really sure that it's a systemd
> question either, but it definitely falls into the area of Linux process
> management, so I'm hopeful that someone here at least has an idea what
> is going on ...
>
> I'm in the (hopefully) final stages of creating the policy module for a
> daemon that I've written to monitor my home NAS.
>
> The daemon is started by systemd (init_t) and runs as its own type
> (freecusd_t). In order to read the SMART attributes of the NAS drives,
> the daemon runs a helper application, which has its own type
> (freecusd_smart_t). So:
>
> systemd (init_t) ‑‑> freecusd (freecusd_t)
> ‑‑> freecusd_smart_helper (freecusd_smart_t)
>
> I've got my policy basically working, but I'm getting this SELinux
> denial, which I just don't understand:
>
> type=AVC msg=audit(1593392372.230:9215): avc: denied { sigchld } for
> pid=1 comm="systemd" scontext=system_u:system_r:freecusd_smart_t:s0
> tcontext=system_u:system_r:init_t:s0 tclass=process permissive=0
>
> This seems to be saying that the helper is trying to send SIGCHLD to
> systemd. I'm seeing this message repeated 4 times when the freecusd
> daemon starts and then sporadically afterwards. (freecusd repeatedly
> spawns the helper to read the drive states.)
>
> Is there a circumstance in which the grandchild (freecusd_smart_helper)
> would send SIGCHLD to systemd while its parent is still running?
Have you tried running your command unter "strace -f ..." to record what's
going on? You can restrict the syscalls to record if it's too many.
>
> ‑‑
> ========================================================================
> In Soviet Russia, Google searches you!
> ========================================================================
>
> _______________________________________________
> systemd‑devel mailing list
> systemd‑devel@xxxxxxxxxxxxxxxxxxxxx
> https://lists.freedesktop.org/mailman/listinfo/systemd‑devel
_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Antw: [EXT] Child of daemon sending SIGCHLD to systemd
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Antw: [EXT] Child of daemon sending SIGCHLD to systemd
- From: "Ulrich Windl" <Ulrich.Windl@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 30 Jun 2020 08:16:14 +0200
- In-reply-to: <4792_1593451210_5EFA22CA_4792_148_1_rdd7rq$3aje$1@ciao.gmane.io>
- References: <4792_1593451210_5EFA22CA_4792_148_1_rdd7rq$3aje$1@ciao.gmane.io>
- Prev by Date: Re: Child of daemon sending SIGCHLD to systemd
- Next by Date: Re: Child of daemon sending SIGCHLD to systemd
- Previous by thread: Child of daemon sending SIGCHLD to systemd
- Next by thread: systemd-journald, syslog.socket and service activation
- Index(es):
 |