SCIENTIFIC-LINUX-DEVEL Archives

April 2005

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Release Candidate 2 for SL 4.x i386 and x86_64 now available for testing
From:
Jan Iven <[log in to unmask]>
Reply To:
Jan Iven <[log in to unmask]>
Date:
Fri, 15 Apr 2005 12:49:40 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (17 lines) 
> Apr 15 11:36:37 gw2 kernel: audit(1113557797.171:0): avc:  denied  { read } for  pid=2978 exe=/usr/sbin/snmpd name=config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file
> Apr 15 11:36:37 gw2 kernel: audit(1113557797.287:0): avc:  denied  { getattr } for  pid=2978 exe=/usr/sbin/snmpd path=/etc/selinux/config dev=hda2 ino=621981 scontext=root:system_r:snmpd_t tcontext=system_u:object_r:selinux_config_t tclass=file
> Apr 15 11:36:37 gw2 snmpd: snmpd startup succeeded
> [root@gw2 ~]# 
> 
> - Manual strace of snmpd (permissive selinux):
> 
> [root@gw2 ~]# strace /usr/sbin/snmpd 

strace -f .... ?

per the audit message, this could be the policy patch mentioned at 
http://www.nsa.gov/selinux/list-archive/0411/9591.cfm

Regards
Jan

ATOM RSS1 RSS2