2017-10-21 23:08 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0013153CentOS-7selinux-policypublic2017-04-20 01:45
Reportergarybaus 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusnewResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0013153: SELinux is preventing /usr/sbin/ldconfig from 'read' accesses on the directory lib64.
DescriptionDescription of problem:
SELinux is preventing /usr/sbin/ldconfig from 'read' accesses on the directory lib64.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that ldconfig should be allowed read access on the lib64 directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'ldconfig' --raw | audit2allow -M my-ldconfig
# semodule -i my-ldconfig.pp

Additional Information:
Source Context system_u:system_r:ldconfig_t:s0
Target Context system_u:object_r:initrc_tmp_t:s0
Target Objects lib64 [ dir ]
Source ldconfig
Source Path /usr/sbin/ldconfig
Port <Unknown>
Host (removed)
Source RPM Packages
Target RPM Packages filesystem-3.2-21.el7.x86_64
Policy RPM selinux-policy-3.13.1-102.el7_3.16.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-514.16.1.el7.x86_64 #1 SMP
                              Wed Apr 12 15:04:24 UTC 2017 x86_64 x86_64
Alert Count 1
First Seen 2017-04-19 20:04:40 CDT
Last Seen 2017-04-19 20:04:40 CDT
Local ID ee336644-be36-4023-a4cb-be5e9e6a8f15

Raw Audit Messages
type=AVC msg=audit(1492650280.804:94): avc: denied { read } for pid=10492 comm="ldconfig" name="lib64" dev="dm-1" ino=67647330 scontext=system_u:system_r:ldconfig_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=dir


Hash: ldconfig,ldconfig_t,initrc_tmp_t,dir,read

Version-Release number of selected component:
selinux-policy-3.13.1-102.el7_3.16.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-514.16.1.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hashbf9357489cd79fe11fa8a09432adfbbac6de797619c23df0a04694f2fdc73f3c
URL
Attached Files

-Relationships
+Relationships

-Notes
There are no notes attached to this issue.
+Notes

-Issue History
Date Modified Username Field Change
2017-04-20 01:45 garybaus New Issue
+Issue History