Project

General

Profile

Actions
Copy link

Bug #6115

closed

Denials with nightly

Added by Lukas Zapletal almost 10 years ago. Updated almost 4 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Packaging
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Installed, then executed foreman-debug:

type=AVC msg=audit(1402297207.624:80): avc:  denied  { read write } for  pid=9153 comm="initdb" path="/tmp/puppet20140609-8628-dhgi1u-0" dev=vda3 ino=187315 scontext=system_u:system_r:postgresql_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
type=AVC msg=audit(1402297207.624:80): avc:  denied  { read write } for  pid=9153 comm="initdb" path="/tmp/puppet20140609-8628-dhgi1u-0" dev=vda3 ino=187315 scontext=system_u:system_r:postgresql_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
type=AVC msg=audit(1402297356.641:126): avc:  denied  { execute } for  pid=10047 comm="ruby" name="node.rb" dev=vda3 ino=150194 scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:object_r:puppet_etc_t:s0 tclass=file
type=AVC msg=audit(1402297356.641:126): avc:  denied  { execute_no_trans } for  pid=10047 comm="ruby" path="/etc/puppet/node.rb" dev=vda3 ino=150194 scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:object_r:puppet_etc_t:s0 tclass=file
type=AVC msg=audit(1402297496.028:130): avc:  denied  { ioctl } for  pid=13735 comm="ping" path="/root/foreman-debug/ping_localhost" dev=vda3 ino=187728 scontext=system_u:system_r:ping_t:s0 tcontext=system_u:object_r:admin_home_t:s0 tclass=file
type=AVC msg=audit(1402297496.031:131): avc:  denied  { ioctl } for  pid=13737 comm="ping" path="/root/foreman-debug/ping_hostname" dev=vda3 ino=187729 scontext=system_u:system_r:ping_t:s0 tcontext=system_u:object_r:admin_home_t:s0 tclass=file
type=AVC msg=audit(1402297496.035:132): avc:  denied  { ioctl } for  pid=13739 comm="ping" path="/root/foreman-debug/ping_hostname_full" dev=vda3 ino=187730 scontext=system_u:system_r:ping_t:s0 tcontext=system_u:object_r:admin_home_t:s0 tclass=file
type=AVC msg=audit(1402297509.661:153): avc:  denied  { ioctl } for  pid=14358 comm="ping" path="/root/nightly-2014060903051402297507/sos_commands/foreman/foreman-debug/ping_localhost" dev=vda3 ino=188381 scontext=system_u:system_r:ping_t:s0 tcontext=system_u:object_r:admin_home_t:s0 tclass=file
type=AVC msg=audit(1402297509.666:154): avc:  denied  { ioctl } for  pid=14360 comm="ping" path="/root/nightly-2014060903051402297507/sos_commands/foreman/foreman-debug/ping_hostname" dev=vda3 ino=188382 scontext=system_u:system_r:ping_t:s0 tcontext=system_u:object_r:admin_home_t:s0 tclass=file
type=AVC msg=audit(1402297509.669:155): avc:  denied  { ioctl } for  pid=14362 comm="ping" path="/root/nightly-2014060903051402297507/sos_commands/foreman/foreman-debug/ping_hostname_full" dev=vda3 ino=188383 scontext=system_u:system_r:ping_t:s0 tcontext=system_u:object_r:admin_home_t:s0 tclass=file
type=AVC msg=audit(1402298342.067:182): avc:  denied  { write } for  pid=15386 comm="logrotate" name="logrotate.status" dev=vda3 ino=21866 scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_lib_t:s0 tclass=file

Some of these belong to foreman-debug.

Actions
Copy link

Also available in: Atom PDF