Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 593393 - perl-Razor-Agent-2.84-1.el5.src.rpm SElinux denials on log file
Summary: perl-Razor-Agent-2.84-1.el5.src.rpm SElinux denials on log file
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy-targeted
Version: 5.5
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
: ---
Assignee: Daniel Walsh
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-18 17:38 UTC by R P Herrold
Modified: 2012-10-03 14:57 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-05-19 12:02:13 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description R P Herrold 2010-05-18 17:38:08 UTC
Description of problem:

SElinux denials on log file

Version-Release number of selected component (if applicable):

perl-Razor-Agent-2.84-1.el5

How reproducible:

build, install run

Steps to Reproduce:

type=1107 audit(1273870143.957:3): user pid=1935 uid=81 auid=4294967295 subj=system_u:system_r:system_dbusd_t:s0 msg='avc:  received policyload notice (seqno=2)
: exe="?" (sauid=81, hostname=?, addr=?, terminal=?)'
type=1403 audit(1273870143.961:4): policy loaded auid=4294967295 ses=4294967295
type=1400 audit(1274203962.780:5): avc:  denied  { ioctl } for  pid=9820 comm="spamd" path="/razor-agent.log" dev=sda2 ino=14 scontext=user_u:system_r:spamd_t:s0 tcontext=user_u:object_r:root_t:s0 tclass=file
type=1400 audit(1274203962.781:6): avc:  denied  { append } for  pid=9820 comm="spamd" path="/razor-agent.log" dev=sda2 ino=14 scontext=user_u:system_r:spamd_t:s0 tcontext=user_u:object_r:root_t:s0 tclass=file

Comment 1 Robert Scheck 2010-05-18 19:33:57 UTC
Re-assigning to selinux-policy-targeted. Daniel, can you take care, please?

Comment 2 Daniel Walsh 2010-05-19 12:02:13 UTC
Why is razor writing its log file in /?

If you move the log file to /var/log/ and run restorecon on it, this AVC will go away.

If you must have the log file in /, then you need to setup the correct labeling.

# semanage fcontext -a -t razor_log_t /razor-agent.log
# restorecon -v /razor-agent.log


Note You need to log in before you can comment on or make changes to this bug.