[fc3] ntpd issue with SELinux and dm

Davide Rossetti davide.rossetti at roma1.infn.it
Thu Apr 14 11:03:16 UTC 2005 

>>
>> 17:28:54 connect(9, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 
>> 110) = -1 EACCES (Permission denied)
>> 17:28:54 close(9)                       = 0
>> 17:28:54 --- SIGSEGV (Segmentation fault) @ 0 (0) ---
>> 17:28:54 +++ killed by SIGSEGV +++
>>
>> the signal is async as I saw it fail in other points as well...
>>
>> in /var/log/messages I find:
>>
>> Apr 13 17:28:54 xeone ntpd[15458]: ntpd 4.2.0a at 1.1190-r Mon Oct 11 
>> 09:10:20 EDT 2004 (1)
>> Apr 13 17:28:54 xeone ntpd[15458]: precision = 66.000 usec
>> Apr 13 17:28:54 xeone ntpd[15458]: Listening on interface wildcard, 
>> 0.0.0.0#123
>> Apr 13 17:28:54 xeone ntpd[15458]: Listening on interface wildcard, 
>> ::#123
>> Apr 13 17:28:54 xeone ntpd[15458]: Listening on interface lo, 
>> 127.0.0.1#123
>> Apr 13 17:28:54 xeone ntpd[15458]: Listening on interface eth0, 
>> 10.0.0.75#123
>> Apr 13 17:28:54 xeone ntpd[15458]: kernel time sync status 0040
>> Apr 13 17:28:54 xeone kernel: audit(1113406134.559:0): avc:  denied  
>> { write } for  pid=15458 exe=/usr/sbin/ntpd name=root dev=dm
>> -0 ino=1160993 scontext=root:system_r:ntpd_t 
>> tcontext=root:object_r:user_home_dir_t tclass=dir
>>
>> [root at xeone ~]# df
>> Filesystem           1K-blocks      Used Available Use% Mounted on
>> /dev/mapper/VolGroup00-LogVol00
>>                      15449552   2584572  12080188  18% /
>> /dev/sda1               256666     30601    212813  13% /boot
>> none                    515232         0    515232   0% /dev/shm
>>
>> file context of dm inodes are:
>>
>> [root at xeone ~]# ls -lZ /dev/dm*
>> brw-r-----  root     root     system_u:object_r:fixed_disk_device_t 
>> /dev/dm-0
>> brw-r-----  root     root     system_u:object_r:fixed_disk_device_t 
>> /dev/dm-1
>>
> This is trying to write to a user_home_dir_t?
> What does
> ls -laZ /var/run/nscd
> show?
>
>
xeone DING! (65) apelink/driver>ls -lZa /var/run/nscd/
drwxr-xr-x  root     root     system_u:object_r:nscd_var_run_t ./
drwxr-xr-x  root     root     system_u:object_r:var_run_t      ../

but I do not run nscd:
xeone 13:00 (66) apelink/driver>chkconfig --list nscd
nscd            0:off   1:off   2:off   3:off   4:off   5:off   6:off

More information about the fedora-test-list mailing list