Getting `child setpgid: permission denied` errors when executing any command in Red Hat Enterprise Linux 5
Issue
- Getting
child setpgid: permission denied
errors when executing any command in Red Hat Enterprise Linux 5 - The terminal output looks like:
[root@localhost ~]# getenforce
-bash: child setpgid (6959 to 6959): Permission denied
-bash: /usr/sbin/getenforce: Permission denied
- The
SELinux avc denials
from audit.log files are;
----
time->Fri Sep 19 12:20:01 2014
type=SYSCALL msg=audit(1411109401.066:97178): arch=40000003 syscall=5 success=no exit=-13 a0=b7f7865a a1=0 a2=36 a3=8 items=0 ppid=21982 pid=21983 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14937 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411109401.066:97178): avc: denied { read } for pid=21983 comm="sa1" name="libtermcap.so.2.0.8" dev=dm-0 ino=881977 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file
----
time->Fri Sep 19 12:20:01 2014
type=SYSCALL msg=audit(1411109401.066:97179): arch=40000003 syscall=5 success=no exit=-13 a0=bff953a0 a1=0 a2=0 a3=40 items=0 ppid=21982 pid=21983 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14937 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411109401.066:97179): avc: denied { read } for pid=21983 comm="sa1" name="libtermcap.so.2.0.8" dev=dm-0 ino=881977 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file
----
time->Fri Sep 19 12:30:01 2014
type=SYSCALL msg=audit(1411110001.096:97186): arch=40000003 syscall=11 success=yes exit=0 a0=9917328 a1=9917358 a2=9916988 a3=40 items=0 ppid=22026 pid=22027 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14938 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411110001.096:97186): avc: denied { write } for pid=22027 comm="sa1" path="pipe:[5248737]" dev=pipefs ino=5248737 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
type=AVC msg=audit(1411110001.096:97186): avc: denied { write } for pid=22027 comm="sa1" path="pipe:[5248737]" dev=pipefs ino=5248737 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
type=AVC msg=audit(1411110001.096:97186): avc: denied { read } for pid=22027 comm="sa1" path="pipe:[5248736]" dev=pipefs ino=5248736 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
----
Environment
- Red Hat Enterprise Linux 5.9
- bash-3.2-32.el5_9.1
- selinux-policy-2.4.6-346.el5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.