Unix_chkpwd Wants Access To /proc
Hi.
From 11.06 journal is logging a lot of denied access to /proc for unix_chkpwd by selinux. They are so frequent, that I see them in htop. :) Right now I have 2122 logges denials. Is it OK for unix_chkpwd to poke in /proc? It has to know who is logged in, do probably yes, bit I’m not sure.
cheers
—
Łukasz Posadowski
2 thoughts on - Unix_chkpwd Wants Access To /proc
Once upon a time, Łukasz Posadowski said:
I haven’t dug into it, but I’m thinking there was some policy or library change that isn’t quite right… sssd_be also has the same denial on startup (so every boot).
—
Chris Adams
Once upon a time, Chris Adams said:
Went ahead and poked at it – the issue is the new version of libcap-ng. Opened https://bugzilla.redhat.com/show_bug.cgi?id=1971688
—
Chris Adams