On Mon, Sep 12, 2011 at 04:07:05PM +1000, Russell Coker wrote: > The problem that Paul reported only occurs on one system (I have not been > able > to reproduce it on other AMD64 Xen DomU systems with a similar > configuration). > It only occurs when SE Linux is in enforcing mode and when the default policy > is in use which doesn't permit the following access. sshd aborts after the > below messages are logged. > > I don't think that the problem Paul reported is a security problem and I > suspect that it may not be closely related to the original bug report. > > type=AVC msg=audit(1315807424.338:39): avc: denied { unix_read unix_write } > for pid=1363 comm="sshd" key=58236 scontext=system_u:system_r:sshd_t:s0- > s0:c0.c1023 tcontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tclass=shm > type=SYSCALL msg=audit(1315807424.338:39): arch=c000003e syscall=29 > success=no > exit=-131939286884392 a0=e37c a1=200048 a2=1b6 a3=0 items=0 ppid=627 pid=1363 > auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 > tty=(none) ses=4294967295 comm="sshd" exe="/usr/sbin/sshd" > subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null) > type=AVC msg=audit(1315807424.338:40): avc: denied { unix_read unix_write } > for pid=1363 comm="sshd" key=58771 scontext=system_u:system_r:sshd_t:s0- > s0:c0.c1023 tcontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tclass=sem > type=SYSCALL msg=audit(1315807424.338:40): arch=c000003e syscall=64 > success=no > exit=-131939286884392 a0=e593 a1=8 a2=1b6 a3=0 items=0 ppid=627 pid=1363 > auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 > tty=(none) ses=4294967295 comm="sshd" exe="/usr/sbin/sshd" > subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
These are shmget and semget. Odd, since openssh has no code to call those itself as far as I can see. Can you get a backtrace from the point where shmget is called? -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org