[DSE-Dev] Bug#775610: policycoreutils: strange access to /root/tmpfiles.d from restorecond

Russell Coker russell at coker.com.au
Sat Jan 17 23:19:57 UTC 2015 

Package: policycoreutils
Version: 2.3-1
Severity: normal


# dmesg|grep tmpfiles.d
[   48.978396] audit: type=1400 audit(1421535877.996:30): avc:  denied  { read } for  pid=746 comm="restorecond" name="tmpfiles.d" dev="dm-0" ino=207033 scontext=system_u:system_r:restorecond_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=lnk_file permissive=0
# find /root -inum 207033
/root/tmpfiles.d

For some reason restorecond is trying to read the symlink /root/tmpfiles.d.
The symlink in question was created in 2012 and I don't know why I created it
or if it was created by a script.

A grep of the source code didn't show a reason for this access, there is no
match for the string tmpfiles.d in the policycoreutils source.

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: unable to detect

Versions of packages policycoreutils depends on:
ii  init-system-helpers  1.22
ii  libaudit1            1:2.4-1+b1
ii  libc6                2.19-13
ii  libcap2              1:2.24-6
ii  libdbus-1-3          1.8.14-1
ii  libdbus-glib-1-2     0.102-1
ii  libgcc1              1:4.9.2-10
ii  libglib2.0-0         2.42.1-1
ii  libpam0g             1.1.8-3.1
ii  libpcre3             2:8.35-3.3
ii  libselinux1          2.3-2
ii  libsemanage1         2.3-1+b1
ii  libsepol1            2.3-2
ii  libstdc++6           4.9.2-10
ii  lsb-base             4.1+Debian13+nmu1
ii  psmisc               22.21-2
ii  python               2.7.8-2
ii  python-ipy           1:0.81-1
ii  python-selinux       2.3-2
ii  python-semanage      2.3-1+b1
ii  python-sepolgen      1.2.1-1
ii  python-sepolicy      2.3-1
ii  python-setools       3.3.8-3.1
ii  selinux-utils        2.3-2

Versions of packages policycoreutils recommends:
pn  python-audit            <none>
ii  selinux-policy-default  2:2.20140421-7.2

Versions of packages policycoreutils suggests:
ii  selinux-policy-dev  2:2.20140421-7

-- Configuration Files:
/etc/init.d/mcstrans [Errno 13] Permission denied: u'/etc/init.d/mcstrans'
/etc/init.d/restorecond [Errno 13] Permission denied: u'/etc/init.d/restorecond'

-- no debconf information

More information about the SELinux-devel mailing list