SELinux ntpd problem?
Daniel J Walsh
dwalsh at redhat.com
Fri Nov 12 02:19:00 UTC 2004
Jason Cortezzo wrote:
> I get these messages during boot. They are the very last lines output
> by dmesg....
>
> audit(1100213115.443:0): avc: denied { read } for pid=2213
> exe=/usr/sbin/ntpdate name=mtab dev=dm-0 ino=3606667
> scontext=user_u:system_r:ntpd_t
> tcontext=system_u:object_r:etc_runtime_t tclass=file
> audit(1100213115.443:0): avc: denied { read } for pid=2213
> exe=/usr/sbin/ntpdate name=meminfo dev=proc ino=-268435454
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:proc_t
> tclass=file
> audit(1100213122.880:0): avc: denied { read } for pid=2219
> exe=/usr/sbin/ntpd name=mtab dev=dm-0 ino=3606667
> scontext=user_u:system_r:ntpd_t
> tcontext=system_u:object_r:etc_runtime_t tclass=file
> audit(1100213122.881:0): avc: denied { read } for pid=2219
> exe=/usr/sbin/ntpd name=meminfo dev=proc ino=-268435454
> scontext=user_u:system_r:ntpd_t tcontext=system_u:object_r:proc_t
> tclass=file
>
>
> Can anyone decipher this?
>
> Thanks,
> Jason
>
Basically there is a bug in ntpd poliyc that is not allowing it to read
/etc/mtab and /proc/meminfo.
Fixed in selinux-policy-targeted-1.17.30-2.24
Dan
More information about the fedora-list
mailing list