Getting two avc's that trouble shooter indicates there is policy to allow the operations.
I believe the sebool "mysql_connect_any" may correct the following avc: time->Tue May 1 18:17:25 2012 type=SYSCALL msg=audit(1335921445.082:4514): arch=c000003e syscall=21 success=no exit=-13 a0=7f406ac5d9f0 a1=4 a2=7f406ac5d9fe a3=1c items=0 ppid=1 pid=24416 auid=4294967295 uid=27 gid=27 euid=27 suid=27 fsuid=27 egid=27 sgid=27 fsgid=27 tty=(none) ses=4294967295 comm="mysqld" exe="/usr/libexec/mysqld" subj=system_u:system_r:mysqld_t:s0 key=(null) type=AVC msg=audit(1335921445.082:4514): avc: denied { read } for pid=24416 comm="mysqld" name="unix" dev="proc" ino=4026532000 scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file
But I have no clue which bool would correct the following: time->Tue May 1 19:01:13 2012 type=SYSCALL msg=audit(1335924073.146:4554): arch=c000003e syscall=59 success=yes exit=0 a0=f293b0 a1=f294b0 a2=f283b0 a3=18 items=0 ppid=25927 pid=25928 auid=4294967295 uid=989 gid=983 euid=989 suid=989 fsuid=989 egid=983 sgid=983 fsgid=983 tty=(none) ses=4294967295 comm="ldconfig" exe="/sbin/ldconfig" subj=system_u:system_r:ldconfig_t:s0 key=(null) type=AVC msg=audit(1335924073.146:4554): avc: denied { write } for pid=25928 comm="ldconfig" path=2F746D702F666669536752617269202864656C6574656429 dev="dm-1" ino=1836898 scontext=system_u:system_r:ldconfig_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/02/2012 12:26 AM, David Highley wrote:
Getting two avc's that trouble shooter indicates there is policy to allow the operations.
I believe the sebool "mysql_connect_any" may correct the following avc: time->Tue May 1 18:17:25 2012 type=SYSCALL msg=audit(1335921445.082:4514): arch=c000003e syscall=21 success=no exit=-13 a0=7f406ac5d9f0 a1=4 a2=7f406ac5d9fe a3=1c items=0 ppid=1 pid=24416 auid=4294967295 uid=27 gid=27 euid=27 suid=27 fsuid=27 egid=27 sgid=27 fsgid=27 tty=(none) ses=4294967295 comm="mysqld" exe="/usr/libexec/mysqld" subj=system_u:system_r:mysqld_t:s0 key=(null) type=AVC msg=audit(1335921445.082:4514): avc: denied { read } for pid=24416 comm="mysqld" name="unix" dev="proc" ino=4026532000 scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file
What policy were you using when you got this.
rpm -q selinux-policy
But I have no clue which bool would correct the following: time->Tue May 1 19:01:13 2012 type=SYSCALL msg=audit(1335924073.146:4554): arch=c000003e syscall=59 success=yes exit=0 a0=f293b0 a1=f294b0 a2=f283b0 a3=18 items=0 ppid=25927 pid=25928 auid=4294967295 uid=989 gid=983 euid=989 suid=989 fsuid=989 egid=983 sgid=983 fsgid=983 tty=(none) ses=4294967295 comm="ldconfig" exe="/sbin/ldconfig" subj=system_u:system_r:ldconfig_t:s0 key=(null) type=AVC msg=audit(1335924073.146:4554): avc: denied { write } for pid=25928 comm="ldconfig" path=2F746D702F666669536752617269202864656C6574656429 dev="dm-1" ino=1836898 scontext=system_u:system_r:ldconfig_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
THis is a leaked file descriptor and probably not that important, can be safely ignored.
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
"Daniel J Walsh wrote:"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/02/2012 12:26 AM, David Highley wrote:
Getting two avc's that trouble shooter indicates there is policy to allow the operations.
I believe the sebool "mysql_connect_any" may correct the following avc: time->Tue May 1 18:17:25 2012 type=SYSCALL msg=audit(1335921445.082:4514): arch=c000003e syscall=21 success=no exit=-13 a0=7f406ac5d9f0 a1=4 a2=7f406ac5d9fe a3=1c items=0 ppid=1 pid=24416 auid=4294967295 uid=27 gid=27 euid=27 suid=27 fsuid=27 egid=27 sgid=27 fsgid=27 tty=(none) ses=4294967295 comm="mysqld" exe="/usr/libexec/mysqld" subj=system_u:system_r:mysqld_t:s0 key=(null) type=AVC msg=audit(1335921445.082:4514): avc: denied { read } for pid=24416 comm="mysqld" name="unix" dev="proc" ino=4026532000 scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file
What policy were you using when you got this.
rpm -q selinux-policy
selinux-policy-3.10.0-84.fc16.noarch
But I have no clue which bool would correct the following: time->Tue May 1 19:01:13 2012 type=SYSCALL msg=audit(1335924073.146:4554): arch=c000003e syscall=59 success=yes exit=0 a0=f293b0 a1=f294b0 a2=f283b0 a3=18 items=0 ppid=25927 pid=25928 auid=4294967295 uid=989 gid=983 euid=989 suid=989 fsuid=989 egid=983 sgid=983 fsgid=983 tty=(none) ses=4294967295 comm="ldconfig" exe="/sbin/ldconfig" subj=system_u:system_r:ldconfig_t:s0 key=(null) type=AVC msg=audit(1335924073.146:4554): avc: denied { write } for pid=25928 comm="ldconfig" path=2F746D702F666669536752617269202864656C6574656429 dev="dm-1" ino=1836898 scontext=system_u:system_r:ldconfig_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
THis is a leaked file descriptor and probably not that important, can be safely ignored.
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk+hJiIACgkQrlYvE4MpobPstQCfchO+jZeC8PlULXfpuMYg1pE/ wQAAoJgIB6fZOITJgvF94SiVJEldENof =/X30 -----END PGP SIGNATURE-----
On 05/02/2012 12:57 PM, David Highley wrote:
"Daniel J Walsh wrote:"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/02/2012 12:26 AM, David Highley wrote:
Getting two avc's that trouble shooter indicates there is policy to allow the operations.
I believe the sebool "mysql_connect_any" may correct the following avc: time->Tue May 1 18:17:25 2012 type=SYSCALL msg=audit(1335921445.082:4514): arch=c000003e syscall=21 success=no exit=-13 a0=7f406ac5d9f0 a1=4 a2=7f406ac5d9fe a3=1c items=0 ppid=1 pid=24416 auid=4294967295 uid=27 gid=27 euid=27 suid=27 fsuid=27 egid=27 sgid=27 fsgid=27 tty=(none) ses=4294967295 comm="mysqld" exe="/usr/libexec/mysqld" subj=system_u:system_r:mysqld_t:s0 key=(null) type=AVC msg=audit(1335921445.082:4514): avc: denied { read } for pid=24416 comm="mysqld" name="unix" dev="proc" ino=4026532000 scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file
What policy were you using when you got this.
rpm -q selinux-policy
selinux-policy-3.10.0-84.fc16.noarch
Open a new bug please. Thank you.
But I have no clue which bool would correct the following: time->Tue May 1 19:01:13 2012 type=SYSCALL msg=audit(1335924073.146:4554): arch=c000003e syscall=59 success=yes exit=0 a0=f293b0 a1=f294b0 a2=f283b0 a3=18 items=0 ppid=25927 pid=25928 auid=4294967295 uid=989 gid=983 euid=989 suid=989 fsuid=989 egid=983 sgid=983 fsgid=983 tty=(none) ses=4294967295 comm="ldconfig" exe="/sbin/ldconfig" subj=system_u:system_r:ldconfig_t:s0 key=(null) type=AVC msg=audit(1335924073.146:4554): avc: denied { write } for pid=25928 comm="ldconfig" path=2F746D702F666669536752617269202864656C6574656429 dev="dm-1" ino=1836898 scontext=system_u:system_r:ldconfig_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
THis is a leaked file descriptor and probably not that important, can be safely ignored.
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk+hJiIACgkQrlYvE4MpobPstQCfchO+jZeC8PlULXfpuMYg1pE/ wQAAoJgIB6fZOITJgvF94SiVJEldENof =/X30 -----END PGP SIGNATURE-----
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
"Miroslav Grepl wrote:"
On 05/02/2012 12:57 PM, David Highley wrote:
"Daniel J Walsh wrote:"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/02/2012 12:26 AM, David Highley wrote:
Getting two avc's that trouble shooter indicates there is policy to allow the operations.
I believe the sebool "mysql_connect_any" may correct the following avc: time->Tue May 1 18:17:25 2012 type=SYSCALL msg=audit(1335921445.082:4514): arch=c000003e syscall=21 success=no exit=-13 a0=7f406ac5d9f0 a1=4 a2=7f406ac5d9fe a3=1c items=0 ppid=1 pid=24416 auid=4294967295 uid=27 gid=27 euid=27 suid=27 fsuid=27 egid=27 sgid=27 fsgid=27 tty=(none) ses=4294967295 comm="mysqld" exe="/usr/libexec/mysqld" subj=system_u:system_r:mysqld_t:s0 key=(null) type=AVC msg=audit(1335921445.082:4514): avc: denied { read } for pid=24416 comm="mysqld" name="unix" dev="proc" ino=4026532000 scontext=system_u:system_r:mysqld_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file
What policy were you using when you got this.
rpm -q selinux-policy
selinux-policy-3.10.0-84.fc16.noarch
Open a new bug please. Thank you.
Did some rechecking after setting the sebool for mysql and getting an application update. No longer see the issues here.
But I have no clue which bool would correct the following: time->Tue May 1 19:01:13 2012 type=SYSCALL msg=audit(1335924073.146:4554): arch=c000003e syscall=59 success=yes exit=0 a0=f293b0 a1=f294b0 a2=f283b0 a3=18 items=0 ppid=25927 pid=25928 auid=4294967295 uid=989 gid=983 euid=989 suid=989 fsuid=989 egid=983 sgid=983 fsgid=983 tty=(none) ses=4294967295 comm="ldconfig" exe="/sbin/ldconfig" subj=system_u:system_r:ldconfig_t:s0 key=(null) type=AVC msg=audit(1335924073.146:4554): avc: denied { write } for pid=25928 comm="ldconfig" path=2F746D702F666669536752617269202864656C6574656429 dev="dm-1" ino=1836898 scontext=system_u:system_r:ldconfig_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
THis is a leaked file descriptor and probably not that important, can be safely ignored.
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk+hJiIACgkQrlYvE4MpobPstQCfchO+jZeC8PlULXfpuMYg1pE/ wQAAoJgIB6fZOITJgvF94SiVJEldENof =/X30 -----END PGP SIGNATURE-----
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
selinux@lists.fedoraproject.org