Leaked file descriptors causing AVC denial messages
Issue
-
Should ifconfig be allowed to access /dev/mem? After configuring a standard system for permissive mode, this message appears regularly:
Feb 17 07:54:48 example.com setroubleshoot: SELinux is preventing /sbin/ifconfig from read access on the chr_file /dev/mem. For complete SELinux messages. run sealert -l 0bac8e0a-961c-4b82-a166-999ba9cbc517 -
What can I do to prevent messages like the following and what do they mean?
Mar 16 08:00:52 example.com setroubleshoot: SELinux is preventing /usr/bin/python access to a leaked /tmp/puppet20120316-6771-1gndgri-0 file descriptor. For complete SELinux messages. run sealert -l a9b3853c-463c-4ca0-9ef9-c2a5db8ad9cb
Environment
- Red Hat Enterprise Linux
- SELinux
- Any 3rd-party application
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
