Hi Stephen, sestatus -v SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28
Process contexts: Current context: system_u:system_r:unconfined_t:s0-s0:c0.c1023 Init context: system_u:system_r:init_t:s0 /usr/sbin/sshd system_u:system_r:sshd_t:s0-s0:c0.c1023 File contexts: Controlling terminal: system_u:object_r:sshd_devpts_t:s0 /etc/passwd system_u:object_r:passwd_file_t:s0 /etc/shadow system_u:object_r:shadow_t:s0 /bin/bash system_u:object_r:shell_exec_t:s0 /bin/login system_u:object_r:login_exec_t:s0 /bin/sh system_u:object_r:bin_t:s0 -> system_u:object_r:shell_exec_t:s0 /sbin/agetty system_u:object_r:getty_exec_t:s0 /sbin/init system_u:object_r:bin_t:s0 -> system_u:object_r:init_exec_t:s0 /usr/sbin/sshd system_u:object_r:sshd_exec_t:s0 /lib/libc.so.6 system_u:object_r:lib_t:s0 -> system_u:object_r:lib_t:s0 /lib/ld-linux.so.2 system_u:object_r:lib_t:s0 -> system_u:object_r:ld_so_t:s0 rpm -q libselinux libselinux-2.5-6.el7.i686 libselinux-2.5-6.el7.x86_64 Please let me know if you want any other details . Thanks On Mon, Dec 4, 2017 at 9:30 PM, Stephen Smalley <[email protected]> wrote: > On Mon, 2017-12-04 at 10:44 -0500, Stephen Smalley wrote: > > On Mon, 2017-12-04 at 15:15 +0530, Aman Sharma wrote: > > > Hi All, > > > > > > I am seeing a number of su core files after a fresh install of Cent > > > OS 7 Machine. In this particular case I have 622 cores files found. > > > The backtrace is given below > > > > > > Reading symbols from /usr/bin/su...Reading symbols from > > > /usr/bin/su...(no debugging symbols found)...done. > > > (no debugging symbols found)...done. > > > [New LWP 15427] > > > [Thread debugging using libthread_db enabled] > > > Using host libthread_db library "/lib64/libthread_db.so.1". > > > Core was generated by `su - informix -c source > > > /usr/local/cm/db/informix/local/ids.env; /usr/local/cm/'. > > > Program terminated with signal 6, Aborted. > > > #0 0x00007f74f109a1d7 in raise () from /lib64/libc.so.6 > > > > > > ==================================== > > > backtrace > > > =================================== > > > #0 0x00007f74f109a1d7 in raise () from /lib64/libc.so.6 > > > #1 0x00007f74f109b8c8 in abort () from /lib64/libc.so.6 > > > #2 0x00007f74f1093146 in __assert_fail_base () from > > > /lib64/libc.so.6 > > > #3 0x00007f74f10931f2 in __assert_fail () from /lib64/libc.so.6 > > > #4 0x00007f74e9ed46ac in avc_context_to_sid_raw () from > > > /lib64/libselinux.so.1 > > > #5 0x00007f74e9ed46e5 in avc_context_to_sid () from > > > /lib64/libselinux.so.1 > > > #6 0x00007f74e9ed83ad in selinux_check_access () from > > > /lib64/libselinux.so.1 > > > #7 0x00007f74ea0f4d76 in check_for_root () from > > > /lib/security/../../lib64/security/pam_rootok.so > > > #8 0x00007f74f162cf1a in _pam_dispatch () from /lib64/libpam.so.0 > > > #9 0x00007f74f162c7e0 in pam_authenticate () from > > > /lib64/libpam.so.0 > > > #10 0x00007f74f1a5f857 in su_main () > > > #11 0x00007f74f1086b35 in __libc_start_main () from > > > /lib64/libc.so.6 > > > #12 0x00007f74f1a5e890 in _start () > > > ==================================== > > > > > > From the Back trace logs , looks like crash is related to Selinux. > > > Can Any body Please help me on this. why its getting crash. > > > > Implication is that pam_rootok passed a NULL context to > > selinux_check_access(). Which would be a bug in pam. What does > > sestatus -v show for this machine? > > Sorry, I'm wrong; the assert is on avc_running, which implies that the > AVC wasn't initialized. sestatus -v would still be useful. Also rpm > -q libselinux. > > -- Thanks Aman Cell: +91 9990296404 | Email ID : [email protected]
