Bug#624425: issue that only occurs on SE Linux
The problem that Paul reported only occurs on one system (I have not been able
to reproduce it on other AMD64 Xen DomU systems with a similar configuration).
It only occurs when SE Linux is in enforcing mode and when the default policy
is in use which doesn't permit the following access. sshd aborts after the
below messages are logged.
I don't think that the problem Paul reported is a security problem and I
suspect that it may not be closely related to the original bug report.
type=AVC msg=audit(1315807424.338:39): avc: denied { unix_read unix_write }
for pid=1363 comm="sshd" key=58236 scontext=system_u:system_r:sshd_t:s0-
s0:c0.c1023 tcontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tclass=shm
type=SYSCALL msg=audit(1315807424.338:39): arch=c000003e syscall=29 success=no
exit=-131939286884392 a0=e37c a1=200048 a2=1b6 a3=0 items=0 ppid=627 pid=1363
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=4294967295 comm="sshd" exe="/usr/sbin/sshd"
subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1315807424.338:40): avc: denied { unix_read unix_write }
for pid=1363 comm="sshd" key=58771 scontext=system_u:system_r:sshd_t:s0-
s0:c0.c1023 tcontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tclass=sem
type=SYSCALL msg=audit(1315807424.338:40): arch=c000003e syscall=64 success=no
exit=-131939286884392 a0=e593 a1=8 a2=1b6 a3=0 items=0 ppid=627 pid=1363
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=4294967295 comm="sshd" exe="/usr/sbin/sshd"
subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=ANOM_ABEND msg=audit(1315807424.341:41): auid=4294967295 uid=0 gid=0
ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 pid=1363
comm="sshd" sig=11
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
Reply to: