Actions
Bug #7021
closedWhen SELinux is enabled, the ncf-api-venv home is owned by root
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:
Description
type=AVC msg=audit(1437489622.784:688): avc: denied { setattr } for pid=4835 comm="useradd" name="ncf-api-venv" dev="dm-1" ino=135910344 scontext=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir type=SYSCALL msg=audit(1437489622.784:688): arch=c000003e syscall=92 success=no exit=-13 a0=7fff598f08e6 a1=3e5 a2=3e4 a3=6165726373662f72 items=0 ppid=4833 pid=4835 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=5 comm="useradd" exe="/usr/sbin/useradd" subj=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1437489622.784:689): avc: denied { setattr } for pid=4835 comm="useradd" name="ncf-api-venv" dev="dm-1" ino=135910344 scontext=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir type=SYSCALL msg=audit(1437489622.784:689): arch=c000003e syscall=90 success=no exit=-13 a0=7fff598f08e6 a1=1c0 a2=0 a3=3f items=0 ppid=4833 pid=4835 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=5 comm="useradd" exe="/usr/sbin/useradd" subj=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023 key=(null) type=ADD_USER msg=audit(1437489622.784:690): pid=4835 uid=0 auid=1000 ses=5 subj=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023 msg='op=adding home directory id=997 exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success' type=AVC msg=audit(1437489622.784:691): avc: denied { create } for pid=4835 comm="useradd" name=".bash_logout" scontext=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_lib_t:s0 tclass=file type=SYSCALL msg=audit(1437489622.784:691): arch=c000003e syscall=2 success=no exit=-13 a0=7fa36fbb9c90 a1=241 a2=1a4 a3=6165726373662f72 items=0 ppid=4833 pid=4835 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=5 comm="useradd" exe="/usr/sbin/useradd" subj=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023 key=(null)
Actions