[DSE-Dev] Bug#875727: selinux-policy-default: udev can't get service status

Russell Coker russell at coker.com.au
Thu Sep 14 04:04:45 UTC 2017


Package: selinux-policy-default
Version: 2:2.20161023.1-9
Severity: normal

type=USER_AVC msg=audit(1505361590.348:23): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:  denied  { status } for auid=n/a uid=0 gid=0 path="/lib/systemd/system/ifup at .service" cmdline="" scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_unit_t:s0 tclass=service permissive=0  exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'

When running on unstable in a strict configuration.

Needs:
init_get_generic_units_status(udev_t)


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages selinux-policy-default depends on:
ii  libselinux1      2.7-1
ii  libsemanage1     2.7-1
ii  libsepol1        2.7-1
ii  policycoreutils  2.7-1
ii  selinux-utils    2.7-1

Versions of packages selinux-policy-default recommends:
ii  checkpolicy  2.7-1
ii  setools      4.1.1-3

Versions of packages selinux-policy-default suggests:
pn  logcheck        <none>
pn  syslog-summary  <none>

-- Configuration Files:
/etc/selinux/default/modules/active/file_contexts.local changed [not included]

-- no debconf information



More information about the SELinux-devel mailing list