Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 928321 - avc: denied { search } for comm="oracle" name="54006" dev=proc ino=4795833 scontext=unconfined_u:system_r:oracle_db_t:s0 tcontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023
Summary: avc: denied { search } for comm="oracle" name="54006" dev=proc ino=4795833 ...
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Server
Version: 560
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jan Pazdziora
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
Depends On:
Blocks: sat560-triage
TreeView+ depends on / blocked
 
Reported: 2013-03-27 12:16 UTC by Jan Hutař
Modified: 2013-04-15 13:51 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-04-15 13:51:45 UTC


Attachments (Terms of Use)

Description Jan Hutař 2013-03-27 12:16:30 UTC
Description of problem:
Sometimes I do see this AVC with no reproducer know.


Version-Release number of selected component (if applicable):
selinux-policy-3.7.19-195.el6_4.3.noarch
oracle-instantclient-sqlplus-selinux-10.2.0.19-3.el6sat.noarch
oracle-rhnsat-selinux-10.2.0.20-4.el6sat.noarch
oracle-instantclient-selinux-10.2.0.19-3.el6sat.noarch


How reproducible:
rarely


Steps to Reproduce:
1. Appears from time to time


Actual results:
time->Wed Mar 27 16:08:02 2013
type=SYSCALL msg=audit(1364414882.179:1855): arch=80000016 syscall=5 per=400000 success=no exit=-13 a0=3ffffe45308 a1=0 a2=0 a3=d0435023ff0e5504 items=0 ppid=1 pid=48964 auid=4294967295 uid=498 gid=495 euid=498 suid=498 fsuid=498 egid=496 sgid=496 fsgid=496 tty=(none) ses=4294967295 comm="oracle" exe="/opt/apps/oracle/web/product/10.2.0/db_1/bin/oracle" subj=unconfined_u:system_r:oracle_db_t:s0 key=(null)
type=AVC msg=audit(1364414882.179:1855): avc:  denied  { search } for  pid=48964 comm="oracle" name="54006" dev=proc ino=4795833 scontext=unconfined_u:system_r:oracle_db_t:s0 tcontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 tclass=dir


Expected results:
Satellite should not produce this SELinux denial


Note You need to log in before you can comment on or make changes to this bug.