fedora-selinux June 2009 archive
Main Archive Page > Month Archives  > fedora-selinux archives
fedora-selinux: memcached policy

memcached policy

From: Vadym Chepkov <chepkov_at_nospam>
Date: Tue Jun 30 2009 - 03:49:08 GMT
To: Fedora SELinux <fedora-selinux-list@redhat.com>

It seems selinux memcache module has bugs in it or do I miss some boolean? I seriously doubt about first one.

memcached-selinux-1.2.8-1.fc11.i586

type=AVC msg=audit(1246327827.194:59): avc: denied { write } for pid=2559 comm="memcached" name="memcached.pid" dev=dm-3 ino=699 scontext=unconfined_u:system_r:memcached_t:s0 tcontext=unconfined_u:object_r:memcached_var_run_t:s0 tclass=file

type=AVC msg=audit(1246332806.070:95): avc: denied { write } for pid=3780 comm="memcached" scontext=unconfined_u:system_r:memcached_t:s0 tcontext=unconfined_u:system_r:memcached_t:s0 tclass=netlink_route_socket

type=AVC msg=audit(1246332806.070:97): avc: denied { name_bind } for pid=3780 comm="memcached" src=11211 scontext=unconfined_u:system_r:memcached_t:s0 tcontext=system_u:object_r:memcache_port_t:s0 tclass=tcp_socket

type=AVC msg=audit(1246332806.071:98): avc: denied { name_bind } for pid=3780 comm="memcached" src=11211 scontext=unconfined_u:system_r:memcached_t:s0 tcontext=system_u:object_r:memcache_port_t:s0 tclass=udp_socket

Sincerely yours,
  Vadym Chepkov -- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list