Go programs cause an selinux alert #1340
Description
by ficoos:
Before filing a bug, please check whether it has been fixed since
the latest release: run "hg pull -u" and retry what you did to
reproduce the problem. Thanks.
What steps will reproduce the problem?
1.run a go base program with SELinux on
2.look at audit.log
3.
What is the expected output?
No selinux errors unless doing something intentional
What do you see instead?
selinux alert
Summary:
SELinux is preventing /home/saggi/Projects/shituf/shituf "mmap_zero" access on
<Unknown>.
Detailed Description:
SELinux denied access requested by shituf. The current boolean settings do not
allow this access. If you have not setup shituf to require this access this may
signal an intrusion attempt. If you do intend this access you need to change the
booleans on this system to allow the access.
Allowing Access:
Confined processes can be configured to run requiring different access, SELinux
provides booleans to allow you to turn on/off access as needed. The boolean
mmap_low_allowed is set incorrectly.
Boolean Description:
Control the ability to mmap a low area of the address space, as configured by
/proc/sys/kernel/mmap_min_addr.
Fix Command:
# setsebool -P mmap_low_allowed 1
Additional Information:
Source Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects None [ memprotect ]
Source 8.out
Source Path /home/user/Projects/go/src/pkg/archive/tar/8.out
Port <Unknown>
Host lapdog
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.9.7-14.fc14
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name catchall_boolean
Host Name lapdog
Platform Linux lapdog 2.6.35.6-48.fc14.i686 #1 SMP Fri Oct
22 15:34:36 UTC 2010 i686 i686
Alert Count 494
First Seen Wed 08 Dec 2010 09:40:18 PM IST
Last Seen Sat 11 Dec 2010 12:49:09 AM IST
Local ID 5664748d-f944-4b7d-8edb-9be534657ac9
Line Numbers
Raw Audit Messages
node=lapdog type=AVC msg=audit(1292021349.66:60234): avc: denied { mmap_zero } for
pid=30265 comm="shituf"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=memprotect
node=lapdog type=SYSCALL msg=audit(1292021349.66:60234): arch=40000003 syscall=192
success=no exit=-13 a0=0 a1=1000 a2=0 a3=32 items=0 ppid=14906 pid=30265 auid=500
uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts2 ses=13
comm="shituf" exe="/home/saggi/Projects/shituf/shituf"
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
Which compiler are you using (5g, 6g, 8g, gccgo)?
8g
Which operating system are you using?
Linux (Fedora 14)
Which revision are you using? (hg identify)
56e39c466cc1 release/release.2010-12-08
Please provide any additional information below.
I haven't experienced any errors or malfunctions and would never have noticed the error
if not for the alert popping up.