Message307715
| Author |
xdegaye |
| Recipients |
barry, serhiy.storchaka, xdegaye |
| Date |
2017年12月06日.10:26:58 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1512556019.18.0.213398074469.issue32199@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
Attached ip_link.strace and ip_link_list.strace, the output of strace for the 'ip link' and 'ip link list' commands.
At the end of the process, both commands create an PF_NETLINK socket to receive from the kernel link information through the NETLINK_ROUTE group. The sendto() function fails with EACCES for 'ip link list' and its SELinux avc record relates to this event (the netlink prefix used throughout the documentation [1] is 'nlmsg' and the resource denied in the avc record is 'nlmsg_write'). The SELinux avc record for 'ip link' relates to a failed attempt to open "/data/misc/net/group" (it does not exist).
[1] http://man7.org/linux/man-pages/man7/netlink.7.html |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2017年12月06日 10:26:59 | xdegaye | set | recipients:
+ xdegaye, barry, serhiy.storchaka |
| 2017年12月06日 10:26:59 | xdegaye | set | messageid: <1512556019.18.0.213398074469.issue32199@psf.upfronthosting.co.za> |
| 2017年12月06日 10:26:59 | xdegaye | link | issue32199 messages |
| 2017年12月06日 10:26:59 | xdegaye | create |
|