API tools faq
paste
Advertisement
mikedep333

selinux

mikedep333
Mar 4th, 2015
340
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.39 KB | None | 0 0
raw download clone embed print report
  1. NOTE: The bug is that the bash shell cannot handle the parentheses in (rm) unless you escape them.
  2.  
  3.  
  4. SELinux is preventing /usr/lib/systemd/systemd from write access on the sock_file notify.
  5.  
  6. ***** Plugin catchall (100. confidence) suggests **************************
  7.  
  8. If you believe that systemd should be allowed write access on the notify sock_file by default.
  9. Then you should report this as a bug.
  10. You can generate a local policy module to allow this access.
  11. Do
  12. allow this access for now by executing:
  13. # grep (rm) /var/log/audit/audit.log | audit2allow -M mypol
  14. # semodule -i mypol.pp
  15.  
  16. Additional Information:
  17. Source Context system_u:system_r:docker_t:s0
  18. Target Context system_u:object_r:docker_tmpfs_t:s0
  19. Target Objects notify [ sock_file ]
  20. Source (rm)
  21. Source Path /usr/lib/systemd/systemd
  22. Port <Unknown>
  23. Host mothership.depaulo.org
  24. Source RPM Packages systemd-216-20.fc21.x86_64
  25. Target RPM Packages
  26. Policy RPM selinux-policy-3.13.1-105.3.fc21.noarch
  27. Selinux Enabled True
  28. Policy Type targeted
  29. Enforcing Mode Enforcing
  30. Host Name mothership.depaulo.org
  31. Platform Linux mothership.depaulo.org
  32. 3.18.6-200.fc21.x86_64 #1 SMP Fri Feb 6 22:59:42
  33. UTC 2015 x86_64 x86_64
  34. Alert Count 106
  35. First Seen 2015-03-03 22:27:34 EST
  36. Last Seen 2015-03-04 07:14:39 EST
  37. Local ID 4c3277e0-81e2-4cf3-afa1-d5f211c29adf
  38.  
  39. Raw Audit Messages
  40. type=AVC msg=audit(1425471279.886:196843): avc: denied { write } for pid=8528 comm="systemd-logind" name="notify" dev="tmpfs" ino=24015030 scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:docker_tmpfs_t:s0 tclass=sock_file permissive=1
  41.  
  42.  
  43. type=SYSCALL msg=audit(1425471279.886:196843): arch=x86_64 syscall=sendmsg success=yes exit=ECHILD a0=f a1=7fff4fb0e870 a2=4000 a3=ffffffff items=0 ppid=8157 pid=8528 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=systemd-logind exe=/usr/lib/systemd/systemd-logind subj=system_u:system_r:docker_t:s0 key=(null)
  44.  
  45. Hash: (rm),docker_t,docker_tmpfs_t,sock_file,write
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!