Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1354347 - [Selinux] avc: denied for logrotate
Summary: [Selinux] avc: denied for logrotate
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Storage Console
Classification: Red Hat
Component: build
Version: 2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3
Assignee: Timothy Asir
QA Contact: sds-qe-bugs
URL:
Whiteboard:
Depends On:
Blocks: 1326788
TreeView+ depends on / blocked
 
Reported: 2016-07-11 07:38 UTC by Timothy Asir
Modified: 2018-11-19 05:42 UTC (History)
6 users (show)

Fixed In Version: rhscon-core-0.0.36-1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-11-19 05:42:20 UTC


Attachments (Terms of Use)

Description Timothy Asir 2016-07-11 07:38:27 UTC
Description of problem:
avc: denied for log rotate

time->Sun Jul 10 03:36:04 2016
type=USER_AVC msg=audit(1468101964.319:3367): pid=4523 uid=0 auid=0 ses=304 subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 msg='avc:  denied  { passwd } for  scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=passwd  exe="/usr/bin/su" sauid=0 hostname=? addr=? terminal=?'
----
time->Sun Jul 10 03:36:04 2016
type=USER_AVC msg=audit(1468101964.600:3371): pid=644 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_call interface=org.freedesktop.login1.Manager member=CreateSession dest=org.freedesktop.login1 spid=4523 tpid=650 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:systemd_logind_t:s0 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Sun Jul 10 03:36:04 2016
type=USER_AVC msg=audit(1468101964.604:3372): pid=644 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { send_msg } for msgtype=method_return dest=:1.687 spid=650 tpid=4523 scontext=system_u:system_r:systemd_logind_t:s0 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
----
time->Sun Jul 10 03:36:02 2016
type=SYSCALL msg=audit(1468101962.201:3363): arch=c000003e syscall=42 success=no exit=-115 a0=11 a1=7fa79488b7c0 a2=1c a3=75 items=0 ppid=1 pid=26638 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1468101962.201:3363): avc:  denied  { name_connect } for  pid=26638 comm="httpd" dest=10080 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:amanda_port_t:s0 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.674:3376): arch=c000003e syscall=4 success=yes exit=0 a0=7fa858880d38 a1=7fa858232d90 a2=7fa858232d90 a3=0 items=0 ppid=4523 pid=4565 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.674:3376): avc:  denied  { getattr } for  pid=4565 comm="beam" path="/var/lib/rabbitmq/.erlang.cookie" dev="dm-0" ino=35829760 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=file
----
time->Sun Jul 10 03:36:04 2016
type=SYSCALL msg=audit(1468101964.273:3364): arch=c000003e syscall=41 success=yes exit=3 a0=10 a1=80003 a2=7 a3=0 items=0 ppid=4512 pid=4523 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=304 comm="su" exe="/usr/bin/su" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101964.273:3364): avc:  denied  { create } for  pid=4523 comm="su" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=netlink_selinux_socket
----
time->Sun Jul 10 03:36:04 2016
type=SYSCALL msg=audit(1468101964.274:3365): arch=c000003e syscall=49 success=yes exit=0 a0=3 a1=7ffc71e78ec0 a2=c a3=0 items=0 ppid=4512 pid=4523 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=304 comm="su" exe="/usr/bin/su" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101964.274:3365): avc:  denied  { bind } for  pid=4523 comm="su" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=netlink_selinux_socket
----
time->Sun Jul 10 03:36:04 2016
type=SYSCALL msg=audit(1468101964.318:3366): arch=c000003e syscall=1 success=yes exit=94 a0=4 a1=7f61c3581010 a2=5e a3=0 items=0 ppid=4512 pid=4523 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=304 comm="su" exe="/usr/bin/su" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101964.318:3366): avc:  denied  { compute_av } for  pid=4523 comm="su" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=security
----
time->Sun Jul 10 03:36:04 2016
type=SYSCALL msg=audit(1468101964.906:3374): arch=c000003e syscall=21 success=yes exit=0 a0=7fbf4c0825a0 a1=4 a2=7fbf7413bfa8 a3=0 items=0 ppid=29690 pid=29750 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bigfin" exe="/var/lib/skyring/providers/bigfin" subj=system_u:system_r:skyring_t:s0 key=(null)
type=AVC msg=audit(1468101964.906:3374): avc:  denied  { read } for  pid=29750 comm="bigfin" name="var" dev="dm-0" ino=133 scontext=system_u:system_r:skyring_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.266:3375): arch=c000003e syscall=49 success=no exit=-98 a0=3 a1=7ffc04bff580 a2=10 a3=7ffc04bff020 items=0 ppid=1 pid=4558 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="epmd" exe="/usr/lib64/erlang/erts-5.10.4/bin/epmd" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.266:3375): avc:  denied  { name_bind } for  pid=4558 comm="epmd" src=4369 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:epmd_port_t:s0 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.675:3377): arch=c000003e syscall=21 success=yes exit=0 a0=7fa858880d38 a1=4 a2=0 a3=0 items=0 ppid=4523 pid=4565 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.675:3377): avc:  denied  { read } for  pid=4565 comm="beam" name=".erlang.cookie" dev="dm-0" ino=35829760 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=file
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.675:3378): arch=c000003e syscall=2 success=yes exit=5 a0=7fa858880d78 a1=0 a2=1b6 a3=0 items=0 ppid=4523 pid=4566 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.675:3378): avc:  denied  { open } for  pid=4566 comm="beam" path="/var/lib/rabbitmq/.erlang.cookie" dev="dm-0" ino=35829760 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=file
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.682:3379): arch=c000003e syscall=50 success=yes exit=0 a0=5 a1=80 a2=7fa85b1c0028 a3=7ffdca528d00 items=0 ppid=4523 pid=4531 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.682:3379): avc:  denied  { listen } for  pid=4531 comm="beam" lport=58901 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.684:3380): arch=c000003e syscall=42 success=no exit=-115 a0=6 a1=7fa858881020 a2=10 a3=7ffdca528d00 items=0 ppid=4523 pid=4531 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.684:3380): avc:  denied  { name_connect } for  pid=4531 comm="beam" dest=4369 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:epmd_port_t:s0 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.689:3381): arch=c000003e syscall=43 success=no exit=-11 a0=5 a1=7ffdca528fc0 a2=7ffdca528fb0 a3=7ffdca528d00 items=0 ppid=4523 pid=4531 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.689:3381): avc:  denied  { accept } for  pid=4531 comm="beam" lport=58901 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tclass=tcp_socket
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.715:3382): arch=c000003e syscall=21 success=yes exit=0 a0=7fa858881ae0 a1=4 a2=0 a3=0 items=0 ppid=4523 pid=4563 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.715:3382): avc:  denied  { read } for  pid=4563 comm="beam" name="rabbitmq" dev="dm-0" ino=35564875 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=dir
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.715:3383): arch=c000003e syscall=21 success=yes exit=0 a0=7fa858881ae0 a1=2 a2=0 a3=0 items=0 ppid=4523 pid=4563 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.715:3383): avc:  denied  { write } for  pid=4563 comm="beam" name="rabbitmq" dev="dm-0" ino=35564875 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_var_lib_t:s0 tclass=dir
----
time->Sun Jul 10 03:36:06 2016
type=SYSCALL msg=audit(1468101966.803:3384): arch=c000003e syscall=42 success=no exit=-115 a0=8 a1=7fa858882018 a2=10 a3=1 items=0 ppid=4523 pid=4531 auid=0 uid=995 gid=992 euid=995 suid=995 fsuid=995 egid=992 sgid=992 fsgid=992 tty=(none) ses=304 comm="beam" exe="/usr/lib64/erlang/erts-5.10.4/bin/beam" subj=system_u:system_r:logrotate_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1468101966.803:3384): avc:  denied  { name_connect } for  pid=4531 comm="beam" dest=25672 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rabbitmq_port_t:s0 tclass=tcp_socket


Version-Release number of selected component (if applicable):
skyring-0.0.32.tar.gz

Comment 2 Boris Ranto 2016-07-21 15:05:28 UTC
Hi Timothy,

is this still an issue? Could you retest with the latest packages? From what I understand at least some of these denials should already be fixed.

Comment 3 Timothy Asir 2016-07-26 04:56:29 UTC
Yes its fixed now in the latest version. I could not able to see this denial now.

Comment 6 Shubhendu Tripathi 2018-11-19 05:42:20 UTC
This product is EOL now


Note You need to log in before you can comment on or make changes to this bug.