API tools faq
paste
Guest User

Untitled

a guest
Jan 21st, 2018
313
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.45 KB | None | 0 0
raw download clone embed print report
  1. $ ls -Z /var/run/docker.sock
  2. srw-rw----. root root system_u:object_r:container_var_run_t:s0 /var/run/docker.sock
  3.  
  4. $ sudo semanage fcontext -l | grep '/var/run/docker'
  5. /var/run/docker.sock socket system_u:object_r:container_var_run_t:s0
  6.  
  7. $ sudo cat /var/log/audit/audit.log | grep sock
  8. type=AVC msg=audit(1516519533.557:1465348): avc: denied { connectto } for pid=54437 comm="python" path="/run/docker.sock" scontext=system_u:system_r:svirt_lxc_net_t:s0:c556,c641 tcontext=system_u:system_r:container_runtime_t:s0 tclass=unix_stream_socket
  9. type=AVC msg=audit(1516519533.966:1465349): avc: denied { connectto } for pid=54440 comm="python" path="/run/docker.sock" scontext=system_u:system_r:svirt_lxc_net_t:s0:c556,c641 tcontext=system_u:system_r:container_runtime_t:s0 tclass=unix_stream_socket
  10.  
  11. root 53831 0.0 0.0 216508 1932 ? Sl 18:24 0:00 _ /usr/bin/docker-containerd-shim-current 28b7eb84ebfccd297ea18352b38b765f1f3ede5e03fb9f29b3218b7355110b7e /var/run/docker/libcontainerd/28b7eb84ebfccd297ea18352b38b765f1f3ede5e03fb9f29b3218b7355110
  12. 1001 53846 0.0 0.0 2668 720 ? Ssl 18:24 0:00 | _ /pod
  13. root 54329 0.0 0.0 280636 1932 ? Sl 18:24 0:00 _ /usr/bin/docker-containerd-shim-current 149bb5c7d37b4335ade587d7a1b38331b48ffe7ae83c865fd4afc2dbc2fccc4f /var/run/docker/libcontainerd/149bb5c7d37b4335ade587d7a1b38331b48ffe7ae83c865fd4afc2dbc2fcc
  14. root 54345 0.1 0.1 95800 19040 ? Ss 18:24 0:03 _ /opt/datadog-agent/embedded/bin/python /opt/datadog-agent/bin/supervisord -n -c /etc/dd-agent/supervisor.conf
  15. root 54435 0.0 0.0 275920 5732 ? Sl 18:24 0:01 _ /opt/datadog-agent/bin/trace-agent
  16. root 54436 0.2 0.2 173424 40456 ? S 18:24 0:07 _ /opt/datadog-agent/embedded/bin/python /opt/datadog-agent/agent/ddagent.py
  17. root 54437 0.1 0.2 219256 37668 ? Sl 18:24 0:05 _ /opt/datadog-agent/embedded/bin/python /opt/datadog-agent/agent/dogstatsd.py --use-local-forwarder
  18. root 54440 1.4 0.3 320204 57180 ? S 18:24 0:50 _ /opt/datadog-agent/embedded/bin/python /opt/datadog-agent/agent/agent.py foreground --use-local-forwarder
  19.  
  20. $ sudo semanage fcontext -a -t svirt_lxc_net_t "/var/run/docker.sock"
  21. ValueError: Type svirt_lxc_net_t is invalid, must be a file or device type
  22.  
  23. chcon -R -t svirt_sandbox_file_t /var/run/docker.sock
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!