Getting `child setpgid: permission denied` errors when executing any command in Red Hat Enterprise Linux 5

Solution Verified - Updated -

Issue

  • Getting child setpgid: permission denied errors when executing any command in Red Hat Enterprise Linux 5
  • The terminal output looks like:
[root@localhost ~]# getenforce
-bash: child setpgid (6959 to 6959): Permission denied
-bash: /usr/sbin/getenforce: Permission denied
  • The SELinux avc denials from audit.log files are;
----
time->Fri Sep 19 12:20:01 2014
type=SYSCALL msg=audit(1411109401.066:97178): arch=40000003 syscall=5 success=no exit=-13 a0=b7f7865a a1=0 a2=36 a3=8 items=0 ppid=21982 pid=21983 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14937 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411109401.066:97178): avc:  denied  { read } for  pid=21983 comm="sa1" name="libtermcap.so.2.0.8" dev=dm-0 ino=881977 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file
----
time->Fri Sep 19 12:20:01 2014
type=SYSCALL msg=audit(1411109401.066:97179): arch=40000003 syscall=5 success=no exit=-13 a0=bff953a0 a1=0 a2=0 a3=40 items=0 ppid=21982 pid=21983 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14937 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411109401.066:97179): avc:  denied  { read } for  pid=21983 comm="sa1" name="libtermcap.so.2.0.8" dev=dm-0 ino=881977 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file
----
time->Fri Sep 19 12:30:01 2014
type=SYSCALL msg=audit(1411110001.096:97186): arch=40000003 syscall=11 success=yes exit=0 a0=9917328 a1=9917358 a2=9916988 a3=40 items=0 ppid=22026 pid=22027 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14938 comm="sa1" exe="/bin/bash" subj=user_u:system_r:sysstat_t:s0 key=(null)
type=AVC msg=audit(1411110001.096:97186): avc:  denied  { write } for  pid=22027 comm="sa1" path="pipe:[5248737]" dev=pipefs ino=5248737 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
type=AVC msg=audit(1411110001.096:97186): avc:  denied  { write } for  pid=22027 comm="sa1" path="pipe:[5248737]" dev=pipefs ino=5248737 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
type=AVC msg=audit(1411110001.096:97186): avc:  denied  { read } for  pid=22027 comm="sa1" path="pipe:[5248736]" dev=pipefs ino=5248736 scontext=user_u:system_r:sysstat_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fifo_file
----

Environment

  • Red Hat Enterprise Linux 5.9
  • bash-3.2-32.el5_9.1
  • selinux-policy-2.4.6-346.el5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In