Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- NOTE: The bug is that the bash shell cannot handle the parentheses in (rm) unless you escape them.
- SELinux is preventing /usr/lib/systemd/systemd from write access on the sock_file notify.
- ***** Plugin catchall (100. confidence) suggests **************************
- If you believe that systemd should be allowed write access on the notify sock_file by default.
- Then you should report this as a bug.
- You can generate a local policy module to allow this access.
- Do
- allow this access for now by executing:
- # grep (rm) /var/log/audit/audit.log | audit2allow -M mypol
- # semodule -i mypol.pp
- Additional Information:
- Source Context system_u:system_r:docker_t:s0
- Target Context system_u:object_r:docker_tmpfs_t:s0
- Target Objects notify [ sock_file ]
- Source (rm)
- Source Path /usr/lib/systemd/systemd
- Port <Unknown>
- Host mothership.depaulo.org
- Source RPM Packages systemd-216-20.fc21.x86_64
- Target RPM Packages
- Policy RPM selinux-policy-3.13.1-105.3.fc21.noarch
- Selinux Enabled True
- Policy Type targeted
- Enforcing Mode Enforcing
- Host Name mothership.depaulo.org
- Platform Linux mothership.depaulo.org
- 3.18.6-200.fc21.x86_64 #1 SMP Fri Feb 6 22:59:42
- UTC 2015 x86_64 x86_64
- Alert Count 106
- First Seen 2015-03-03 22:27:34 EST
- Last Seen 2015-03-04 07:14:39 EST
- Local ID 4c3277e0-81e2-4cf3-afa1-d5f211c29adf
- Raw Audit Messages
- type=AVC msg=audit(1425471279.886:196843): avc: denied { write } for pid=8528 comm="systemd-logind" name="notify" dev="tmpfs" ino=24015030 scontext=system_u:system_r:docker_t:s0 tcontext=system_u:object_r:docker_tmpfs_t:s0 tclass=sock_file permissive=1
- type=SYSCALL msg=audit(1425471279.886:196843): arch=x86_64 syscall=sendmsg success=yes exit=ECHILD a0=f a1=7fff4fb0e870 a2=4000 a3=ffffffff items=0 ppid=8157 pid=8528 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=systemd-logind exe=/usr/lib/systemd/systemd-logind subj=system_u:system_r:docker_t:s0 key=(null)
- Hash: (rm),docker_t,docker_tmpfs_t,sock_file,write
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement