Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 455469 - AVC denial when firstaidkit changes /var/log/firstaidkit.log after changing root passwd
Summary: AVC denial when firstaidkit changes /var/log/firstaidkit.log after changing r...
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-07-15 17:19 UTC by Joel Andres Granados
Modified: 2008-07-15 18:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-07-15 18:10:39 UTC


Attachments (Terms of Use)
the audit log (deleted)
2008-07-15 17:20 UTC, Joel Andres Granados
no flags Details

Description Joel Andres Granados 2008-07-15 17:19:42 UTC
Description of problem:
We have firstaidkit, (python script) that has a plugin called passwd which
serves the purpose of changing the root passwd. additionally firstaidkit logs to
/var/log/firstaidkit.log When I run any other plugin the log file is quite ok
and there are no problems but when I run passwd, it creates an SElinux denial :(
 I'm pretty sure that its at the moment when the passwd gets changed.


How reproducible:
always.  only with that plugin.  Other plugins log to that file with no problem

Steps to Reproduce:
1. yum install firstaidkit-plugin-passwd -y
2. firstaidkit -f passwd resetRoot
3. This should produce the AVC denial seen in /var/log/messages or
/var/log/audit/audit.log
  
Actual results:
AVC denial

Expected results:
For SElinux to let Firstaidkti change the root passwd.

Additional info:
I will attach the /var/log/audit/audit.log log.  I executed firstaidkit with an
empty log.

Comment 1 Joel Andres Granados 2008-07-15 17:20:10 UTC
Created attachment 311855 [details]
the audit log

Comment 2 Daniel Walsh 2008-07-15 18:10:39 UTC
Fixed in selinux-policy-3.4.2-14.fc10.noarch


Note You need to log in before you can comment on or make changes to this bug.