Package: dpkg
Version: 1.17.23
Severity: normal
Below are some AVC messages from a fairly routine dpkg upgrade. As you can
see the programs setfiles, load_policy, and restorecon which are run from
postinst scripts are inheriting a file handle for
/var/lib/dpkg/triggers/Unincorp .
type=AVC msg=audit(1422274481.981:202): avc: denied { read } for pid=12679
comm="setfiles" path="/var/lib/dpkg/triggers/Unincorp" dev="xvda" ino=199493
scontext=bofh:sysadm_r:setfiles_t:s0-s0:c0.c1023
tcontext=bofh:object_r:dpkg_var_lib_t:s0 tclass=file permissive=1
type=AVC msg=audit(1422274483.261:203): avc: denied { read } for pid=12685
comm="load_policy" path="/var/lib/dpkg/triggers/Unincorp" dev="xvda"
ino=199493 scontext=bofh:sysadm_r:load_policy_t:s0-s0:c0.c1023
tcontext=bofh:object_r:dpkg_var_lib_t:s0 tclass=file permissive=1
type=AVC msg=audit(1422279601.565:427): avc: denied { read } for pid=22513
comm="restorecon" path="/var/lib/dpkg/triggers/Unincorp" dev="xvda" ino=208505
scontext=bofh:sysadm_r:setfiles_t:s0-s0:c0.c1023
tcontext=bofh:object_r:dpkg_var_lib_t:s0 tclass=file permissive=0
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages dpkg depends on:
ii libbz2-1.0 1.0.6-7+b2
ii libc6 2.19-13
ii liblzma5 5.1.1alpha+20120614-2
ii libselinux1 2.3-2
ii tar 1.27.1-2
ii zlib1g 1:1.2.8.dfsg-2+b1
dpkg recommends no packages.
Versions of packages dpkg suggests:
ii apt 1.0.5
-- no debconf information
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
