View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0013153 | CentOS-7 | selinux-policy | public | 2017-04-20 01:45 | 2017-04-20 01:45 |
Reporter | garybaus | ||||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | new | Resolution | open | ||
Platform | OS | OS Version | 7 | ||
Product Version | |||||
Target Version | Fixed in Version | ||||
Summary | 0013153: SELinux is preventing /usr/sbin/ldconfig from 'read' accesses on the directory lib64. | ||||
Description | Description of problem: SELinux is preventing /usr/sbin/ldconfig from 'read' accesses on the directory lib64. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that ldconfig should be allowed read access on the lib64 directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'ldconfig' --raw | audit2allow -M my-ldconfig # semodule -i my-ldconfig.pp Additional Information: Source Context system_u:system_r:ldconfig_t:s0 Target Context system_u:object_r:initrc_tmp_t:s0 Target Objects lib64 [ dir ] Source ldconfig Source Path /usr/sbin/ldconfig Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages filesystem-3.2-21.el7.x86_64 Policy RPM selinux-policy-3.13.1-102.el7_3.16.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.10.0-514.16.1.el7.x86_64 #1 SMP Wed Apr 12 15:04:24 UTC 2017 x86_64 x86_64 Alert Count 1 First Seen 2017-04-19 20:04:40 CDT Last Seen 2017-04-19 20:04:40 CDT Local ID ee336644-be36-4023-a4cb-be5e9e6a8f15 Raw Audit Messages type=AVC msg=audit(1492650280.804:94): avc: denied { read } for pid=10492 comm="ldconfig" name="lib64" dev="dm-1" ino=67647330 scontext=system_u:system_r:ldconfig_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=dir Hash: ldconfig,ldconfig_t,initrc_tmp_t,dir,read Version-Release number of selected component: selinux-policy-3.13.1-102.el7_3.16.noarch | ||||
Additional Information | reporter: libreport-2.1.11.1 hashmarkername: setroubleshoot kernel: 3.10.0-514.16.1.el7.x86_64 reproducible: Not sure how to reproduce the problem type: libreport | ||||
Tags | No tags attached. | ||||
abrt_hash | bf9357489cd79fe11fa8a09432adfbbac6de797619c23df0a04694f2fdc73f3c | ||||
URL | |||||
Date Modified | Username | Field | Change |
---|---|---|---|
2017-04-20 01:45 | garybaus | New Issue |