Getting `child setpgid: permission denied` errors when executing any command in Red Hat Enterprise Linux 5

Solution Verified - Updated -

Issue

  • Getting child setpgid: permission denied errors when executing any command in Red Hat Enterprise Linux 5
  • The terminal output looks like:
[root@localhost ~]# getenforce
-bash: child setpgid (6959 to 6959): Permission denied
-bash: /usr/sbin/getenforce: Permission denied
  • The SELinux avc denials from audit.log files are;
----
time->Fri Sep 19 12:20:01 2014
type=SYSCALL msg=audit(1411109401.066:97178): arch=40000003 syscall=5 success=no exit=-13 a0=b7f7865a a1=0 a2=36 a3=8 items=0 ppid=21982 pid=21983 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14937 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411109401.066:97178): avc:  denied  { read } for  pid=21983 comm="sa1" name="libtermcap.so.2.0.8" dev=dm-0 ino=881977 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file
----
time->Fri Sep 19 12:20:01 2014
type=SYSCALL msg=audit(1411109401.066:97179): arch=40000003 syscall=5 success=no exit=-13 a0=bff953a0 a1=0 a2=0 a3=40 items=0 ppid=21982 pid=21983 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14937 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411109401.066:97179): avc:  denied  { read } for  pid=21983 comm="sa1" name="libtermcap.so.2.0.8" dev=dm-0 ino=881977 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file
----
time->Fri Sep 19 12:30:01 2014
type=SYSCALL msg=audit(1411110001.096:97186): arch=40000003 syscall=11 success=yes exit=0 a0=9917328 a1=9917358 a2=9916988 a3=40 items=0 ppid=22026 pid=22027 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14938 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411110001.096:97186): avc:  denied  { write } for  pid=22027 comm="sa1" path="pipe:[5248737]" dev=pipefs ino=5248737 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
type=AVC msg=audit(1411110001.096:97186): avc:  denied  { write } for  pid=22027 comm="sa1" path="pipe:[5248737]" dev=pipefs ino=5248737 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
type=AVC msg=audit(1411110001.096:97186): avc:  denied  { read } for  pid=22027 comm="sa1" path="pipe:[5248736]" dev=pipefs ino=5248736 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
----

Environment

  • Red Hat Enterprise Linux 5.9
  • bash-3.2-32.el5_9.1
  • selinux-policy-2.4.6-346.el5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content