Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Netopyr <NoMiS@×××××××××××.com>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] portage proc problem?
Date: Sun, 05 Feb 2006 22:02:41
Message-Id: 1139176709.9737.46.camel@localhost
In Reply to: Re: [gentoo-hardened] portage proc problem? by Mivz
1 It's really weird all this, as far I can see the dmesg result's don't
2 have anything to do with the the error messages I got.
3 I am absolutely in the role of sysadm_r
4
5 id = uid=0(root) gid=0(root)
6 groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video),35(games) context=root:sysadm_r:sysadm_t
7
8 The first time I saw these dmesg error's but whatever I install after
9 it I never saw it again, it just didn't gave me any information then the
10 error messages I supplied.
11 is there any way to so I can give you guy's more info to solve my
12 problem...
13 I did a relabel of my filesystem already without any success.
14 probably I have to mention I am using the ~x86 arch so maybe there is a
15 problem there.
16
17
18
19 On Sun, 2006-02-05 at 15:12 +0100, Mivz wrote:
20
21 > Netopyr wrote:
22 >
23 > > I am upgrading as sysadm_r indeed in permissive mode.
24 > > my dmesg gives me the following output.
25 > >
26 > > audit(1138995159.751:9524): avc: denied { create } for pid=11198
27 > > comm="mknod" name="null" scontext=root:sysadm_r:portage_t
28 > > tcontext=root:object_r:portage_tmp_t tclass=chr_file
29 > > audit(1138995159.755:9525): avc: denied { getattr } for pid=11199
30 > > comm="chmod" name="null" dev=hda3 ino=6427517
31 > > scontext=root:sysadm_r:portage_t tcontext=root:object_r:portage_tmp_t
32 > > tclass=chr_file
33 > > audit(1138995159.755:9526): avc: denied { setattr } for pid=11199
34 > > comm="chmod" name="null" dev=hda3 ino=6427517
35 > > scontext=root:sysadm_r:portage_t tcontext=root:object_r:portage_tmp_t
36 > > tclass=chr_file
37 > > audit(1138995159.763:9527): avc: denied { write } for pid=11200
38 > > comm="touch" name="null" dev=hda3 ino=6427517
39 > > scontext=root:sysadm_r:portage_t tcontext=root:object_r:portage_tmp_t
40 > > tclass=chr_file
41 > > audit(1138995159.827:9528): avc: denied { mknod } for pid=11210
42 > > comm="udevd" capability=27 scontext=root:staff_r:staff_t
43 > > tcontext=root:staff_r:staff_t tclass=capability
44 > >
45 > > but what do you mean by "Do you have the portage_t enabeld?" if I need
46 > > it how can I enable it.
47 > > Coudn't find anything about it in the docs..
48 >
49 >
50 > You don't need it. It's a role you can enable in tunables, wich enabels
51 > you to emerge as portage_r instead of sysadm_r.
52 >
53 > But the last line in your dmesg says root:staff_r:staff_t, sure your in
54 > sysadm_r?
55 > It is a access problem, so something is blocking.
56 > Mabey you need to relabel you filesystem.
57 >
58 > >
59 > > regards Netopyr
60 > >
61 > >
62 > > On Wed, 2006-02-01 at 17:18 +0100, Mivz wrote:
63 > >
64 > >>Netopyr wrote:
65 > >>
66 > >>> Hello,I am running a selinux enabled kernel already for a long time
67 > >>> withoud problems but since my last -uD world I got problems installing
68 > >>> anything.
69 > >>> my SElinux won;t allow me to install any program anymore since it got
70 > >>> access violations on my proc filesystem (at least I think).
71 > >>> The output at the end of this message will give you more information.
72 > >>> can someone help me out please?
73 > >>>
74 > >>> Kind regards,
75 > >>>
76 > >>> Netopyr
77 > >>>
78 > >>> -- Example updating udev ---
79 > >>> >>> Source compiled.
80 > >>> >>> Test phase [not enabled]: sys-fs/udev-081-r1
81 > >>>
82 > >>> >>> Install udev-081-r1 into /var/tmp/portage/udev-081-r1/image/
83 > >>> category sys-fsACCESS DENIED open_wr: /proc/self/attr/fscreate
84 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
85 > >>> Permission denied
86 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
87 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
88 > >>> Permission denied
89 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
90 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
91 > >>> Permission denied
92 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
93 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
94 > >>> Permission denied
95 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
96 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
97 > >>> Permission denied
98 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
99 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
100 > >>> Permission denied
101 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
102 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
103 > >>> Permission denied
104 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
105 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
106 > >>> Permission denied
107 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
108 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
109 > >>> Permission denied
110 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
111 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
112 > >>> Permission denied
113 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
114 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
115 > >>> Permission denied
116 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
117 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
118 > >>> Permission denied
119 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
120 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
121 > >>> Permission denied
122 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
123 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
124 > >>> Permission denied
125 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
126 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
127 > >>> Permission denied
128 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
129 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
130 > >>> Permission denied
131 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
132 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
133 > >>> Permission denied
134 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
135 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
136 > >>> Permission denied
137 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
138 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
139 > >>> Permission denied
140 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
141 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
142 > >>> Permission denied
143 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
144 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
145 > >>> Permission denied
146 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
147 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
148 > >>> Permission denied
149 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
150 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
151 > >>> Permission denied
152 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
153 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
154 > >>> Permission denied
155 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
156 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
157 > >>> Permission denied
158 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
159 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
160 > >>> Permission denied
161 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
162 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
163 > >>> Permission denied
164 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
165 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
166 > >>> Permission denied
167 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
168 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
169 > >>> Permission denied
170 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
171 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
172 > >>> Permission denied
173 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
174 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
175 > >>> Permission denied
176 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
177 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
178 > >>> Permission denied
179 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
180 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
181 > >>> Permission denied
182 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
183 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
184 > >>> Permission denied
185 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
186 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
187 > >>> Permission denied
188 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
189 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
190 > >>> Permission denied
191 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
192 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
193 > >>> Permission denied
194 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
195 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
196 > >>> Permission denied
197 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
198 > >>> install: cannot set setfscreatecon `root:object_r:portage_ebuild_t':
199 > >>> Permission denied
200 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
201 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
202 > >>> Permission denied
203 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
204 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
205 > >>> Permission denied
206 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
207 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
208 > >>> Permission denied
209 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
210 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
211 > >>> Permission denied
212 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
213 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
214 > >>> Permission denied
215 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
216 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
217 > >>> Permission denied
218 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
219 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
220 > >>> Permission denied
221 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
222 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
223 > >>> Permission denied
224 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
225 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
226 > >>> Permission denied
227 > >>> ACCESS DENIED open_wr: /proc/self/attr/fscreate
228 > >>> install: cannot set setfscreatecon `root:object_r:portage_tmp_t':
229 > >>> Permission denied
230 > >>> man:
231 > >>> prepallstrip:
232 > >>> strip: i686-pc-linux-gnu-strip --strip-unneeded
233 > >>> /usr/bin/udevinfo
234 > >>> /usr/bin/udevtest
235 > >>> /usr/bin/udevmonitor
236 > >>> /sbin/udev
237 > >>> /sbin/udevd
238 > >>> /sbin/udevsend
239 > >>> /sbin/udevstart
240 > >>> /sbin/udevcontrol
241 > >>> /sbin/udev_run_devd
242 > >>> /sbin/udev_run_hotplugd
243 > >>> /sbin/ata_id
244 > >>> /sbin/vol_id
245 > >>> /sbin/scsi_id
246 > >>> /sbin/usb_id
247 > >>> /sbin/cdrom_id
248 > >>> /sbin/create_floppy_devices
249 > >>> /sbin/firmware_helper
250 > >>> >>> Completed installing udev-081-r1 into
251 > >>> /var/tmp/portage/udev-081-r1/image/
252 > >>>
253 > >>> --------------------------- ACCESS VIOLATION SUMMARY
254 > >>> ---------------------------LOG FILE =
255 > >>> "/var/log/sandbox/sandbox-sys-fs_-_udev-081-r1-23054.log"
256 > >>>
257 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23080/attr/fscreate)
258 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23082/attr/fscreate)
259 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23084/attr/fscreate)
260 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23087/attr/fscreate)
261 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23089/attr/fscreate)
262 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23091/attr/fscreate)
263 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23093/attr/fscreate)
264 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23095/attr/fscreate)
265 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23097/attr/fscreate)
266 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23099/attr/fscreate)
267 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23101/attr/fscreate)
268 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23103/attr/fscreate)
269 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23105/attr/fscreate)
270 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23107/attr/fscreate)
271 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23109/attr/fscreate)
272 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23111/attr/fscreate)
273 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23113/attr/fscreate)
274 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23115/attr/fscreate)
275 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23118/attr/fscreate)
276 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23124/attr/fscreate)
277 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23130/attr/fscreate)
278 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23135/attr/fscreate)
279 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23137/attr/fscreate)
280 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23146/attr/fscreate)
281 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23151/attr/fscreate)
282 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23155/attr/fscreate)
283 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23159/attr/fscreate)
284 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23163/attr/fscreate)
285 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23167/attr/fscreate)
286 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23171/attr/fscreate)
287 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23175/attr/fscreate)
288 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23180/attr/fscreate)
289 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23185/attr/fscreate)
290 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23190/attr/fscreate)
291 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23195/attr/fscreate)
292 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23200/attr/fscreate)
293 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23205/attr/fscreate)
294 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23212/attr/fscreate)
295 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23214/attr/fscreate)
296 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23217/attr/fscreate)
297 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23219/attr/fscreate)
298 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23221/attr/fscreate)
299 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23223/attr/fscreate)
300 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23225/attr/fscreate)
301 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23228/attr/fscreate)
302 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23230/attr/fscreate)
303 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23233/attr/fscreate)
304 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23235/attr/fscreate)
305 > >>> open_wr: /proc/self/attr/fscreate (symlink to /proc/23241/attr/fscreate)
306 > >>> --------------------------------------------------------------------------------
307 > >>
308 > >>
309 > >>Did you do this as root in sysadm_r?
310 > >>Do you have the portage_t enabeld?
311 > >>What does dmesg gives as output on the denies?
312 > >>Tryed upgrading in permissive mode?
313 > >>
314 > >>
315 > >>
316 >

Replies

Subject Author
Re: [gentoo-hardened] portage proc problem? Mivz <mivz@×××××××××××××.net>
Report Message
Find on MARC Find on Google Groups