Selinux: Failure during smart card login when "ocsp" is enable.
Issue
-
Selinux: Failure during smart card login when "ocsp" is enable.
-
Error 1.
type=AVC msg=audit(1468858105.962:1007): avc: denied { name_connect } for pid=2581 comm="login" dest=80
scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:http_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1468858105.962:1007): arch=c000003e syscall=42 success=no exit=-13 a0=a a1=7ffd27039710 a2=10 a3=28 items=0 ppid=1
pid=2581 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=4294967295 comm="login" exe="/bin/login"
subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 key=(null) type=SOCKADDR msg=audit(1468858105.962:1007):
saddr=020000509C70668E0000000000000000
- Error 2
type=AVC msg=audit(1469019786.38:274): avc: denied { signull } for pid=2610 comm="login" scontext=system_u:system_r:local_login_t:s0-
s0:c0.c1023 tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tclass=process
type=SYSCALL msg=audit(1469019786.38:274): arch=x86_64 syscall=kill success=yes exit=0 a0=a79 a1=0 a2=4 a3=6 items=0 ppid=1 pid=2610
auid=1060 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=3 comm=login exe=/bin/login
subj=system_u:system_r:local_login_t:s0-s0:c0.c1023 key=(null)
Environment
- Red Hat Enterprise Linux 6
- selinux-policy
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
