View Issue Details

IDProjectCategoryView StatusLast Update
0015676CentOS-7selinux-policypublic2019-01-07 22:13
Reportercarpi031 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0015676: SELinux is preventing /usr/bin/sudo from using the 'getpgid' accesses on a process.
DescriptionDescription of problem:
SELinux is preventing /usr/bin/sudo from using the 'getpgid' accesses on a process.

***** Plugin catchall (100. confidence) suggests **************************

Si vous pensez que sudo devrait être autorisé à accéder getpgid sur les processus étiquetés init_t par défaut.
Then vous devriez rapporter ceci en tant qu'anomalie.
Vous pouvez générer un module de stratégie local pour autoriser cet accès.
Do
autoriser cet accès pour le moment en exécutant :
# ausearch -c "sudo" --raw | audit2allow -M my-sudo
# semodule -X 300 -i my-sudo.pp

Additional Information:
Source Context system_u:system_r:neutron_t:s0
Target Context system_u:system_r:init_t:s0
Target Objects Unknown [ process ]
Source sudo
Source Path /usr/bin/sudo
Port <Unknown>
Host (removed)
Source RPM Packages sudo-1.8.23-3.el7.x86_64
Target RPM Packages
Policy RPM <Unknown>
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-957.1.3.el7.x86_64 #1 SMP
                              Thu Nov 29 14:49:43 UTC 2018 x86_64 x86_64
Alert Count 1
First Seen 2019-01-07 20:06:25 CET
Last Seen 2019-01-07 20:06:25 CET
Local ID 685f4e66-4941-4cfb-9d9e-281c5cbe52b4

Raw Audit Messages
type=AVC msg=audit(1546887985.664:36113): avc: denied { getpgid } for pid=13218 comm="sudo" scontext=system_u:system_r:neutron_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=process permissive=0


type=SYSCALL msg=audit(1546887985.664:36113): arch=x86_64 syscall=getpgid success=no exit=EACCES a0=1 a1=55ae2fbb2aa5 a2=0 a3=8 items=0 ppid=13113 pid=13218 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=sudo exe=/usr/bin/sudo subj=system_u:system_r:neutron_t:s0 key=(null)

Hash: sudo,neutron_t,init_t,process,getpgid
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hash7a12294f970a4782504192d81a3694619f058e905fddbbaffe9f25f2aac00eba
URL

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-01-07 22:13 carpi031 New Issue