LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-21-2012, 10:33 AM   #1
gatsby
Member
 
Registered: Jan 2006
Posts: 34

Rep: Reputation: 15
SELinux issue with shell script


Hello -

I am encountering an issue with SELinux. I have a homemade shell script that I want to execute from a remote server. This shell script works when I execute it locally - it just cd's to a home directory on the box and reads a text file - but when I try to execute it from a remote server, the script acts like it can't read that prespecified home directory.

The denial I'm getting is:

type=AVC msg=audit(1356100819.930:404): avc: denied { getattr } for pid=2257 comm="myscript.sh" path="/home" dev="dm-2" ino=2 scontext=system_u:system_r:nrpe_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1356100819.930:404): arch=c000003e syscall=4 success=no exit=-13 a0=1f51760 a1=7fff053f4ba0 a2=7fff053f4ba0 a3=14 items=0 ppid=2256 pid=2257 auid=4294967295 uid=997 gid=996 euid=997 suid=997 fsuid=997 egid=996 sgid=996 fsgid=996 tty=(none) ses=4294967295 comm="myscript.sh" exe="/usr/bin/bash" subj=system_u:system_r:nrpe_t:s0 key=(null)

I've tried an audit2allow of this and loaded the resulting policy, but without success. Any thoughts or advice on how to understand what is going on here? I'm not familiar with this syscall behavior, but the issue is related to SELinux, since permissive allows that script to be executed as desired.

Thanks in advance.

Last edited by unSpawn; 12-21-2012 at 11:03 AM. Reason: //Combat unwanted smileys with the vBB "[noparse]" tag
 
Old 12-21-2012, 11:23 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,991
Blog Entries: 54

Rep: Reputation: 2744Reputation: 2744Reputation: 2744Reputation: 2744Reputation: 2744Reputation: 2744Reputation: 2744Reputation: 2744Reputation: 2744Reputation: 2744Reputation: 2744
Quote:
Originally Posted by gatsby View Post
it just cd's to a home directory on the box and reads a text file
'ausyscall' says "syscall=4" is write, not read?


Quote:
Originally Posted by gatsby View Post
tcontext=system_u:object_r:home_root_t:s0
Why does "myscript.sh" reside in "/home" and not in `awk -F':' '/997:/ {print $6}' /etc/passwd` like it should?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Issue in running commands in expect script from shell script yadvinder Programming 0 05-31-2012 04:07 AM
Shell Script issue elmo219 Linux - Newbie 4 03-09-2012 10:08 AM
Issue with shell script zaeem Linux - Networking 10 01-06-2011 09:56 AM
Shell script issue suvra82002 Linux - Enterprise 23 07-26-2008 02:02 PM
issue with shell script chupacabra Linux - General 3 10-18-2002 08:12 PM


All times are GMT -5. The time now is 12:43 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration