Wind River Support Network

HomeDefectsSCP8-130
Not to be fixed

SCP8-130 : [seedit] avc: denied { read } for pid=246 comm="sshd"

Created: May 13, 2016    Updated: Mar 6, 2019
Resolved Date: Feb 19, 2019
Found In Version: 8.0
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

audit: type=1400 audit(1463132300.968:3): avc:  denied  { read } for  pid=246 comm="sshd" name="libwrap.so.0" dev="hda" ino=147 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:childdir__t:s0 tclass=lnk_file permissive=1^M
audit: type=1400 audit(1463132300.978:4): avc:  denied  { read } for  pid=246 comm="sshd" name="libwrap.so.0.7.6" dev="hda" ino=165 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:childdir__t:s0 tclass=file permissive=1^M
audit: type=1400 audit(1463132300.981:5): avc:  denied  { execute } for  pid=246 comm="sshd" path="/lib64/libwrap.so.0.7.6" dev="hda" ino=165 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:childdir__t:s0 tclass=file permissive=1^M
audit: type=1400 audit(1463132301.002:6): avc:  denied  { read } for  pid=246 comm="sshd" name="libcrypto.so.1.0.0" dev="hda" ino=2719 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usr_t:s0 tclass=file permissive=1^M
audit: type=1400 audit(1463132301.004:7): avc:  denied  { execute } for  pid=246 comm="sshd" path="/usr/lib64/libcrypto.so.1.0.0" dev="hda" ino=2719 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usr_t:s0 tclass=file permissive=1^M
Starting OpenBSD Secure Shell server: sshd^M^M
done.^M^M
audit: type=1400 audit(1463132301.320:8): avc:  denied  { write } for  pid=250 comm="sshd" name="/" dev="tmpfs" ino=7932 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rootdir_t:s0 tclass=dir permissive=1^M
audit: type=1400 audit(1463132301.325:9): avc:  denied  { create } for  pid=250 comm="sshd" name="sshd.pid" scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rootdir_t:s0 tclass=file permissive=1^M
audit: type=1400 audit(1463132301.326:10): avc:  denied  { write } for  pid=250 comm="sshd" path="/run/sshd.pid" dev="tmpfs" ino=11291 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rootdir_t:s0 tclass=file permissive=1^M

Steps to Reproduce

1)configure --enable-board=qemux86-64 --enable-kernel=secure --enable-rootfs=secure-core --with-init=sysvinit

2) make fs

3)make start-target TARGET_VIRT_BOOT_TYPE=disk TARGET_VIRT_DISK=$(/bin/ls -1 `pwd`/export/*.ext4) TARGET_QEMU_KERNEL_OPTS='selinux=1 enforcing=0'

4) #  seedit-init
 5) # reboot
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube