newrole: double free or corruption
by Andy Warner
Got the following output from using the newrole command on Fedora 12.
Not sure where to properly report such bugs.
If it helps, the rubix_remote_client_r role transition should fail (as
it does) as there are no role transition rules for it. The role is
associated with the current SELinux user.
I believe my system just updated to the newest newrole package.
[warner@Fedora12-Dev ~]$ yum info policycoreutils
Loaded plugins: presto, refresh-packagekit
Installed Packages
Name : policycoreutils
Arch : i686
Version : 2.0.78
Release : 3.fc12
Size : 3.3 M
Repo : installed
>From repo : updates
Error output from newrole follows:
[warner@Fedora12-Dev ~]$ newrole -r rubix_remote_client_r
Password:
failed to exec shell
: Permission denied
*** glibc detected *** newrole: double free or corruption (out):
0x01726138 ***
======= Backtrace: =========
/lib/libc.so.6(-0xff836d9f)[0x233261]
/lib/libselinux.so.1(freecon+0x1e)[0x9fd42e]
newrole(main+0x6eb)[0x119d6b]
/lib/libc.so.6(__libc_start_main+0xe6)[0x1dbbb6]
newrole(+0x16f1)[0x1186f1]
======= Memory map: ========
00117000-0011d000 r-xp 00000000 fd:00 126525 /usr/bin/newrole
0011d000-0011e000 r--p 00005000 fd:00 126525 /usr/bin/newrole
0011e000-0011f000 rw-p 00006000 fd:00 126525 /usr/bin/newrole
0011f000-00135000 r-xp 00000000 fd:00 56679 /lib/libpthread-2.11.so
00135000-00136000 r--p 00015000 fd:00 56679 /lib/libpthread-2.11.so
00136000-00137000 rw-p 00016000 fd:00 56679 /lib/libpthread-2.11.so
00137000-00139000 rw-p 00000000 00:00 0
001a5000-001c3000 r-xp 00000000 fd:00 56677 /lib/ld-2.11.so
001c3000-001c4000 r--p 0001d000 fd:00 56677 /lib/ld-2.11.so
001c4000-001c5000 rw-p 0001e000 fd:00 56677 /lib/ld-2.11.so
001c5000-00333000 r-xp 00000000 fd:00 56678 /lib/libc-2.11.so
00333000-00334000 ---p 0016e000 fd:00 56678 /lib/libc-2.11.so
00334000-00336000 r--p 0016e000 fd:00 56678 /lib/libc-2.11.so
00336000-00337000 rw-p 00170000 fd:00 56678 /lib/libc-2.11.so
00337000-0033a000 rw-p 00000000 00:00 0
0055f000-00560000 r-xp 00000000 00:00 0 [vdso]
005f6000-005fa000 r-xp 00000000 fd:00 1331 /lib/libattr.so.1.1.0
005fa000-005fb000 rw-p 00003000 fd:00 1331 /lib/libattr.so.1.1.0
0062d000-00638000 r-xp 00000000 fd:00 10441 /lib/libnss_files-2.11.so
00638000-00639000 r--p 0000a000 fd:00 10441 /lib/libnss_files-2.11.so
00639000-0063a000 rw-p 0000b000 fd:00 10441 /lib/libnss_files-2.11.so
008a3000-008a5000 r-xp 00000000 fd:00 15448 /lib/libpam_misc.so.0.82.0
008a5000-008a6000 rw-p 00001000 fd:00 15448 /lib/libpam_misc.so.0.82.0
00928000-0092c000 r-xp 00000000 fd:00 1332 /lib/libcap.so.2.16
0092c000-0092d000 rw-p 00003000 fd:00 1332 /lib/libcap.so.2.16
00992000-00995000 r-xp 00000000 fd:00 56684 /lib/libdl-2.11.so
00995000-00996000 r--p 00002000 fd:00 56684 /lib/libdl-2.11.so
00996000-00997000 rw-p 00003000 fd:00 56684 /lib/libdl-2.11.so
009f3000-00a0f000 r-xp 00000000 fd:00 56687 /lib/libselinux.so.1
00a0f000-00a10000 r--p 0001b000 fd:00 56687 /lib/libselinux.so.1
00a10000-00a11000 rw-p 0001c000 fd:00 56687 /lib/libselinux.so.1
00c8b000-00c97000 r-xp 00000000 fd:00 15447 /lib/libpam.so.0.82.1
00c97000-00c98000 rw-p 0000b000 fd:00 15447 /lib/libpam.so.0.82.1
00e6f000-00e85000 r-xp 00000000 fd:00 15446 /lib/libaudit.so.1.0.0
00e85000-00e86000 r--p 00015000 fd:00 15446 /lib/libaudit.so.1.0.0
00e86000-00e87000 rw-p 00016000 fd:00 15446 /lib/libaudit.so.1.0.0
00ea9000-00ec6000 r-xp 00000000 fd:00 51325
/lib/libgcc_s-4.4.2-20091027.so.1
00ec6000-00ec7000 rw-p 0001c000 fd:00 51325
/lib/libgcc_s-4.4.2-20091027.so.1
00f05000-00f0c000 r-xp 00000000 fd:00 56680 /lib/librt-2.11.so
00f0c000-00f0d000 r--p 00006000 fd:00 56680 /lib/librt-2.11.so
00f0d000-00f0e000 rw-p 00007000 fd:00 56680 /lib/librt-2.11.so
01724000-017a9000 rw-p 00000000 00:00 0 [heap]
b7627000-b7827000 r--p 00000000 fd:00 12545
/usr/lib/locale/locale-archive
b7827000-b782a000 rw-p 00000000 00:00 0
b783b000-b7842000 r--s 00000000 fd:00 10739
/usr/lib/gconv/gconv-modules.cache
b7842000-b7843000 rw-p 00000000 00:00 0
bfcce000-bfce3000 rw-p 00000000 00:00 0 [stack]
[warner@Fedora12-Dev ~]$
14 years, 4 months
need help in contributing to se-linux policy development
by sai ganesh
hi,
my name is sai. i am a
fedora-ambassador<https://fedoraproject.org/wiki/user:ganesai>.i
want to contribute to the development of se-linux policies.i am a Redhat
certified se-linux policy administrator.i want to contribute to the
development of se-linux policies.how can i contribute ?
whom should i contact?
i have already tried contacting the owners of the se-linux packages.i
didn't get any response.
--
s.saiganesh
“The Linux philosophy is 'Laugh in the face of danger'. Oops. Wrong One. 'Do
it yourself'. Yes, that's it
14 years, 4 months
policy for vino server (based on current rawhide policy)
by Dominick Grift
I create policy for vino server today. I tested it a few times and it
works. You can either use it by enabling remote desktop or via empathy.
It requires many patches etc though. I attached what i think is related.
I might have missed some.
Its also on my git repository ( i maintain it there )
git clone git://82.197.205.60/selinux-modules.git
You will have to some vnc tube ports (vnc_port_t) there is a comment
about it in vino.te.
14 years, 4 months
New Years Resolution
by Steve Blackwell
OK, here is one of my New Year's resolutions:
Get a better understanding of SELinux.
I'm running a F11 box in permissive mode and I get hundreds of AVCs.
Let start with this one.
SELinux is preventing dbus-daemon (system_dbusd_t) "search"
unconfined_t.
node=steve.blackwell type=AVC msg=audit(1262408462.863:1162): avc:
denied { search } for pid=1613 comm="dbus-daemon" name="23667" dev=proc
ino=584443 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
tcontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tclass=dir
Now, if I'm reading this correctly, the dbus-daemon process tried to
search a directory called 23667 but didn't have permission to do so.
The problem with that is that I don't have a directory called 23667.
At least there isn't one now but I suppose it could have existed at the
time the AVC was generated which was just after midnight. I'm getting
one of these every hour with different numbers for the target
directory. I thought that it might be related to a cron job but it
seems that the hourly crom job just calls anacron to check to see if
the daily, weekly or monthly cron job needs to be run. The other
possibility is that it has something to do with BackupPC.
One thing I don't understand is why SELinux is flagging this in the
first place. Since the target context is unconfined_t, should anything
be able to search it?
Steve.
14 years, 4 months