Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 225079 - mdstat disallowed sendmail access.
Summary: mdstat disallowed sendmail access.
Keywords:
Status: CLOSED DUPLICATE of bug 216241
Alias: None
Product: Fedora
Classification: Fedora
Component: mdadm
Version: 6
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Doug Ledford
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-01-28 17:22 UTC by Dave Jones
Modified: 2015-01-04 22:29 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-05-18 00:15:38 UTC


Attachments (Terms of Use)

Description Dave Jones 2007-01-28 17:22:25 UTC
I had a raid5 set fail, and noticed two AVCs, which seem to have prevented root
from getting mail about the failure, which meant it went unnoticed for weeks..

type=AVC msg=audit(1170003945.248:7): avc:  denied  { read } for  pid=2771
comm="sendmail" name="md1" dev=tmpfs ino=7157
scontext=system_u:system_r:system_mail_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file
type=AVC msg=audit(1170003945.248:7): avc:  denied  { read } for  pid=2771
comm="sendmail" name="mdstat" dev=proc ino=4026532358
scontext=system_u:system_r:system_mail_t:s0
tcontext=system_u:object_r:proc_mdstat_t:s0 tclass=file

Comment 1 Daniel Walsh 2007-01-29 18:51:43 UTC
I you sure these are not leaked file descriptors?  Why would the senmail
application want to read a fixed disk or proc_mdstat?

Comment 2 Dave Jones 2007-02-03 20:59:18 UTC
hmm, could be. I'm not sure where to start looking though, and as the raid array
has been reconstructed, it's not reproducable right now.


Comment 3 Doug Ledford 2007-05-18 00:15:05 UTC
This is actually an mdadm issue, not raidtools.  Changing component.

Comment 4 Doug Ledford 2007-05-18 00:15:38 UTC

*** This bug has been marked as a duplicate of 216241 ***


Note You need to log in before you can comment on or make changes to this bug.