[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: selinux prelink avc's

From: Paul Howarth <paul city-fan org>
To: dragoran <dragoran feuerpokemon de>
Cc: fedora-selinux-list redhat com
Subject: Re: selinux prelink avc's
Date: Tue, 23 May 2006 15:42:38 +0100

On Tue, 2006-05-23 at 16:28 +0200, dragoran wrote:
> dragoran wrote:
> > dragoran wrote:
> >> audit(1147793154.831:353): avc:  denied  { execute_no_trans } for  
> >> pid=5195 comm="prelink" name="ld-2.4.so" dev=md0 ino=8061163 
> >> scontext=system_u:system_r:prelink_t:s0 
> >> tcontext=system_u:object_r:lib_t:s0 tclass=file
> >> audit(1147793154.831:354): avc:  denied  { execute_no_trans } for  
> >> pid=5196 comm="prelink" name="ld-2.4.so" dev=md0 ino=8061163 
> >> scontext=system_u:system_r:prelink_t:s0 
> >> tcontext=system_u:object_r:lib_t:s0 tclass=file
> >> audit(1147793155.019:355): avc:  denied  { execute_no_trans } for  
> >> pid=5197 comm="prelink" name="ld-2.4.so" dev=md0 ino=8061163 
> >> scontext=system_u:system_r:prelink_t:s0 
> >> tcontext=system_u:object_r:lib_t:s0 tclass=file
> >> audit(1147793155.447:356): avc:  denied  { execute_no_trans } for  
> >> pid=5198 comm="prelink" name="ld-2.4.so" dev=md0 ino=8061163 
> >> scontext=system_u:system_r:prelink_t:s0 
> >> tcontext=system_u:object_r:lib_t:s0 tclass=file
> >> audit(1147793156.255:357): avc:  denied  { execute_no_trans } for  
> >> pid=5199 comm="prelink" name="ld-2.4.so" dev=md0 ino=8061163 
> >> scontext=system_u:system_r:prelink_t:s0 
> >> tcontext=system_u:object_r:lib_t:s0 tclass=file
> >> I am using FC5 with selinux-policy-targeted-2.2.36-2.fc5
> >> whats gonig on? is a file misslabeled or is this a policy bug?
> >>
> >> -- 
> >> fedora-selinux-list mailing list
> >> fedora-selinux-list redhat com
> >> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> >>
> >>
> > hello?
> > any solution for this problem?
> >
> >
> 
> it happend again...
> am I the only  one seeing this?
> audit(1148393411.538:2907): avc:  denied  { execute_no_trans } for  
> pid=16856 comm="prelink" name="ld-2.4.so" dev=md0 ino=8060939 
> scontext=system_u:system_r:prelink_t:s0 
> tcontext=system_u:object_r:lib_t:s0 tclass=file
> audit(1148393411.794:2908): avc:  denied  { execmod } for  pid=16859 
> comm="ld-linux.so.2" name="libGLcore.so.1.0.8762" dev=md0 ino=29797475 
> scontext=system_u:system_r:prelink_t:s0 tcontext=root:object_r:lib_t:s0 
> tclass=file
> audit(1148393411.814:2909): avc:  denied  { execmod } for  pid=16860 
> comm="ld-linux.so.2" name="libnvidia-tls.so.1.0.8762" dev=md0 
> ino=30869146 scontext=system_u:system_r:prelink_t:s0 
> tcontext=root:object_r:lib_t:s0 tclass=file
> audit(1148393412.438:2910): avc:  denied  { unlink } for  pid=13702 
> comm="prelink" name="prelink.cache" dev=md0 ino=7012828 
> scontext=system_u:system_r:prelink_t:s0 
> tcontext=user_u:object_r:etc_t:s0 tclass=file
> prelink seems to be completly broken and nobody seems to notice it?

I'm not seeing this anywhere.

Perhaps it's because /lib/ld-2.4.so is lib_t rather than ld_so_t on your
system?

Paul.

Follow-Ups:
- Re: selinux prelink avc's
  - From: dragoran

References:
- selinux prelink avc's
  - From: dragoran
- Re: selinux prelink avc's
  - From: dragoran
- Re: selinux prelink avc's
  - From: dragoran

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]