On Apr 3, 2017 19:12, "Rahmadi Trimananda" <[email protected]> wrote:
This is the result of "dmesg | grep avc". Please let me know if you need
more information about my system (RaspberryPi 2 running Raspbian Jessie).
[ 2.275229] audit: type=1400 audit(2.249:3): avc: denied { associate }
for pid=1 comm="systemd" name="pts" scontext=system_u:object_r:devpts_t:s0
tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1
[ 2.577155] audit: type=1400 audit(2.549:4): avc: denied { wake_alarm
} for pid=1 comm="systemd" capability=35 scontext=system_u:system_r:init_t:s0
tcontext=system_u:system_r:init_t:s0 tclass=capability2 permissive=1
[ 2.601211] audit: type=1400 audit(2.569:5): avc: denied { execstack }
for pid=95 comm="systemd-fstab-g" scontext=system_u:system_r:init_t:s0
tcontext=system_u:system_r:init_t:s0 tclass=process permissive=1
[ 2.601321] audit: type=1400 audit(2.569:6): avc: denied { execmem }
for pid=95 comm="systemd-fstab-g" scontext=system_u:system_r:init_t:s0
tcontext=system_u:system_r:init_t:s0 tclass=process permissive=1
[ 2.605393] audit: type=1400 audit(2.579:7): avc: denied { execmod }
for pid=95 comm="systemd-fstab-g"
path="/usr/lib/arm-linux-gnueabihf/libarmmem.so"
dev="mmcblk0p2" ino=144391 scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:lib_t:s0 tclass=file permissive=1
[ 3.201440] audit: type=1400 audit(3.169:8): avc: denied { execstack }
for pid=107 comm="mount" scontext=system_u:system_r:mount_t:s0
tcontext=system_u:system_r:mount_t:s0 tclass=process permissive=1
[ 3.201499] audit: type=1400 audit(3.169:9): avc: denied { execmem }
for pid=107 comm="mount" scontext=system_u:system_r:mount_t:s0
tcontext=system_u:system_r:mount_t:s0 tclass=process permissive=1
[ 3.217575] audit: type=1400 audit(3.189:10): avc: denied { execstack
} for pid=108 comm="kmod" scontext=system_u:system_r:insmod_t:s0
tcontext=system_u:system_r:insmod_t:s0 tclass=process permissive=1
[ 5.291711] audit: type=1400 audit(1491249900.889:59): avc: denied {
mmap_zero } for pid=243 comm="alsactl"
scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:system_r:alsa_t:s0-s0:c0.c1023 tclass=memprotect
permissive=1
[ 5.304205] audit: type=1400 audit(1491249900.909:60): avc: denied {
execstack } for pid=243 comm="alsactl"
scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:system_r:alsa_t:s0-s0:c0.c1023 tclass=process permissive=1
[ 5.304582] audit: type=1400 audit(1491249900.909:61): avc: denied {
execmem } for pid=243 comm="alsactl"
scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:system_r:alsa_t:s0-s0:c0.c1023 tclass=process permissive=1
[ 5.306197] audit: type=1400 audit(1491249900.909:62): avc: denied {
use } for pid=120 comm="systemd-journal" path="/dev/pts/0" dev="devpts"
ino=3 scontext=system_u:system_r:syslogd_t:s0
tcontext=system_u:system_r:plymouthd_t:s0
tclass=fd permissive=1
[ 5.355105] audit: type=1400 audit(1491249900.959:63): avc: denied {
execmod } for pid=243 comm="alsactl"
path="/usr/lib/arm-linux-gnueabihf/libarmmem.so"
dev="mmcblk0p2" ino=144391 scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:object_r:lib_t:s0 tclass=file permissive=1
[ 5.357519] audit: type=1400 audit(1491249900.959:64): avc: denied {
write } for pid=243 comm="alsactl" name="/" dev="tmpfs" ino=5104
scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_lock_t:s0
tclass=dir permissive=1
[ 5.357705] audit: type=1400 audit(1491249900.959:65): avc: denied {
add_name } for pid=243 comm="alsactl" name="asound.state.lock"
scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_lock_t:s0
tclass=dir permissive=1
[ 5.358083] audit: type=1400 audit(1491249900.959:66): avc: denied {
create } for pid=243 comm="alsactl" name="asound.state.lock"
scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_lock_t:s0
tclass=file permissive=1
[ 5.358671] audit: type=1400 audit(1491249900.959:67): avc: denied {
read write open } for pid=243 comm="alsactl"
path="/run/lock/asound.state.lock"
dev="tmpfs" ino=1816 scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_lock_t:s0 tclass=file permissive=1
[ 5.358893] audit: type=1400 audit(1491249900.959:68): avc: denied {
getattr } for pid=243 comm="alsactl" path="/run/lock/asound.state.lock"
dev="tmpfs" ino=1816 scontext=system_u:system_r:alsa_t:s0-s0:c0.c1023
tcontext=system_u:object_r:var_lock_t:s0 tclass=file permissive=1
I don't see anything that would prevent running javac offhand, perhaps
others more versed in the desktop side can help tomorrow morning.
Make sure you run javac so we can see any avc messages generated for it.
Also run javac in strace and see where it's dying. Does this work in
permissive mode? Ie sudo setenforce 0?
On Mon, Apr 3, 2017 at 6:54 PM, William Roberts <[email protected]>
wrote:
> Do you see any "avc: denied" messages in dmesg/syslog? If so send them.
>
> On Apr 3, 2017 16:28, "Rahmadi Trimananda" <[email protected]> wrote:
>
>> Hi All,
>>
>> I am trying to run javac and java on my Raspbian while SELinux is
>> enabled. However, I keep getting "Segmentation fault", even when I just run
>> "javac" or "java". This happens in enforcing mode, but it doesn't happen
>> with "gcc". I am wondering why, because both are in /usr/bin directory and
>> both binaries have the same context.
>>
>> Can somebody please help?
>>
>> Thank you so much!
>>
>> Regards,
>> Rahmadi
>>
>>
>> _______________________________________________
>> Selinux mailing list
>> [email protected]
>> To unsubscribe, send email to [email protected].
>> To get help, send an email containing "help" to
>> [email protected].
>>
>
--
Kind regards,
Rahmadi Trimananda
Ph.D. student @ University of California, Irvine
"Stay hungry, stay foolish!" - Steve Jobs -
_______________________________________________
Selinux mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to [email protected].
