On 8/8/07, Mohammed El-Afifi <mohammed_elafifi@xxxxxxxxx> wrote:
> I'm running fedora 7, 64-bit edition. I'm trying to issue the following
> command:
> /sbin/ldconfig -v
> to know what the current libraries considered for run-time linking are. I'm
> using the command in an administrative context(root privileges), however I
> get no output at all. I even get no error messages. The shell prompt just
> returns asking for the next command.
I started encountering this symptom after installing the Oracle 10g
client on my F7 (32-bit) system. That may very well be a coincidence,
though. But I had to turn off selinux enforcing to get around the
problem. Here's a copy of my audit log when I do
sudo ldconfig -v
type=AVC msg=audit(1186575614.946:6245): avc: denied { dac_override
} for pid=2571 comm="ldconfig" capability=1
scontext=user_u:system_r:ldconfig_t:s0
tcontext=user_u:system_r:ldconfig_t:s0 tclass=capability
type=SYSCALL msg=audit(1186575614.946:6245): arch=40000003 syscall=195
success=yes exit=0 a0=820bc08 a1=bffcd220 a2=8209801 a3=8209801
items=0 ppid=2547 pid=2571 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=pts0 comm="ldconfig" exe="/sbin/ldconfig"
subj=user_u:system_r:ldconfig_t:s0 key=(null)
type=AVC msg=audit(1186575614.948:6246): avc: denied { read } for
pid=2571 comm="ldconfig" name="libtoextract.so" dev=dm-0 ino=708718
scontext=user_u:system_r:ldconfig_t:s0
tcontext=user_u:object_r:usr_t:s0 tclass=lnk_file
type=AVC msg=audit(1186575614.948:6246): avc: denied { search } for
pid=2571 comm="ldconfig" name="/" dev=dm-1 ino=2
scontext=user_u:system_r:ldconfig_t:s0
tcontext=system_u:object_r:home_root_t:s0 tclass=dir
type=AVC msg=audit(1186575614.948:6246): avc: denied { search } for
pid=2571 comm="ldconfig" name="depot" dev=dm-1 ino=25985025
scontext=user_u:system_r:ldconfig_t:s0
tcontext=user_u:object_r:user_home_dir_t:s0 tclass=dir
type=AVC msg=audit(1186575614.948:6246): avc: denied { search } for
pid=2571 comm="ldconfig" name="collections" dev=dm-1 ino=26149153
scontext=user_u:system_r:ldconfig_t:s0
tcontext=user_u:object_r:user_home_t:s0 tclass=dir
type=AVC msg=audit(1186575614.948:6246): avc: denied { getattr } for
pid=2571 comm="ldconfig" name="libtoextract.so" dev=dm-1 ino=26186370
scontext=user_u:system_r:ldconfig_t:s0
tcontext=user_u:object_r:user_home_t:s0 tclass=file
type=SYSCALL msg=audit(1186575614.948:6246): arch=40000003 syscall=195
success=yes exit=0 a0=bffcc2a0 a1=bffcd2fc a2=a000 a3=820aa88 items=0
ppid=2547 pid=2571 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=pts0 comm="ldconfig" exe="/sbin/ldconfig"
subj=user_u:system_r:ldconfig_t:s0 key=(null)
type=AVC_PATH msg=audit(1186575614.948:6246):
path="/home/depot/collections/tora-1.3.21/lib/libtoextract.so"
type=AVC msg=audit(1186575614.948:6247): avc: denied { read } for
pid=2571 comm="ldconfig" name="libtoextract.so" dev=dm-1 ino=26186370
scontext=user_u:system_r:ldconfig_t:s0
tcontext=user_u:object_r:user_home_t:s0 tclass=file
type=SYSCALL msg=audit(1186575614.948:6247): arch=40000003 syscall=5
success=yes exit=4 a0=bffcc2a0 a1=0 a2=1b6 a3=8 items=0 ppid=2547
pid=2571 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts0 comm="ldconfig" exe="/sbin/ldconfig"
subj=user_u:system_r:ldconfig_t:s0 key=(null)
--
Garry Williams +1 678 656-4579
