projects / platform / upstream / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4bda1c7) | patch
systemd: fix smack error
authorINSUN PYO <insun.pyo@samsung.com>
Fri, 2 Jul 2021 04:34:32 +0000 (13:34 +0900)
committerŁukasz Stelmach <l.stelmach@samsung.com>
Mon, 12 Feb 2024 15:37:49 +0000 (16:37 +0100)
commit3d365419809ead9a0bfb9ff8d5cce0210b675052
tree28569c98f8947d2d3badb302aa6cfb5c91253c78tree | snapshot
parent4bda1c76fdca92ffe296ba02c2c07a4a44dc5ab4commit | diff
systemd: fix smack error

A user systemd session accesses /proc/1/sched to detect container.

Jan 01 09:00:14 localhost audit[636]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=636 comm="systemd" name="sched" dev="proc" ino=12247
Jan 01 09:00:14 localhost audit[636]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=636 comm="systemd" name="sched" dev="proc" ino=12247
Jan 01 09:00:14 localhost audit[636]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=636 comm="systemd" name="sched" dev="proc" ino=12247
Jan 01 09:00:23 localhost audit[915]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=915 comm="systemctl" name="sched" dev="proc" ino=12247

Change-Id: I0d6f632b090582888c45f309c8a8bf06f4f0f510
src/basic/virt.c diff | blob | history
Domain: System / System Framework;