Selinux: Failure during smart card login when "ocsp" is enable.
Issue
-
Selinux: Failure during smart card login when "ocsp" is enable.
-
Error 1.
type=AVC msg=audit(1468858105.962:1007): avc: denied { name_connect } for pid=2581 comm="login" dest=80
scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:http_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1468858105.962:1007): arch=c000003e syscall=42 success=no exit=-13 a0=a a1=7ffd27039710 a2=10 a3=28 items=0 ppid=1
pid=2581 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=4294967295 comm="login" exe="/bin/login"
subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 key=(null) type=SOCKADDR msg=audit(1468858105.962:1007):
saddr=020000509C70668E0000000000000000
- Error 2
type=AVC msg=audit(1469019786.38:274): avc: denied { signull } for pid=2610 comm="login" scontext=system_u:system_r:local_login_t:s0-
s0:c0.c1023 tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tclass=process
type=SYSCALL msg=audit(1469019786.38:274): arch=x86_64 syscall=kill success=yes exit=0 a0=a79 a1=0 a2=4 a3=6 items=0 ppid=1 pid=2610
auid=1060 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=3 comm=login exe=/bin/login
subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 key=(null)
Environment
- Red Hat Enterprise Linux 6
- selinux-policy
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.