[CentOS] SELinux is preventing /bin/ps from search access

m.roth at 5-cent.us m.roth at 5-cent.us
Thu Sep 13 16:06:07 EDT 2012


CentOS 6.3. *Just* updated, including most current selinux-policy and
selinux-policy-targeted. I'm getting tons of these, as in it's just
spitting them out when I tail -f /var/log/messages:
Sep 13 15:20:51 <server> setroubleshoot: SELinux is preventing /bin/ps
from search access on the directory @2. For complete SELinux messages. run
sealert -l d92ec78b-3897-4760-93c5-343a662fec67
Sep 13 15:20:51 <server> setroubleshoot: SELinux is preventing /bin/ps
from getattr access on the directory /proc/<pid>. For complete SELinux
messages. run sealert -l a9c9bf7d-d646-4c29-9fe6-ac61b6806f52
Sep 13 15:20:52 <server> setroubleshoot: SELinux is preventing /bin/ps
from search access on the directory 4417. For complete SELinux messages.
run sealert -l b321ab2d-0277-45c9-bc86-545f9ff6ff91

You can see how many of them there are from the timestamps.

Googling, I've seen other folks complain months ago, but no answers.
Anyone have a clue? (And yes, I've posted this to the selinux list, also.
I'm getting deluged in the logs, and would very, very much like to solve
this today.)

If selinux wasn't in permissive mode, something(s) would be dead.

       mark




More information about the CentOS mailing list