From: aranea@aixah.de (Luis Ressel)
Date: Sun, 10 Sep 2017 19:22:46 +0200
Subject: [refpolicy] file map perm issues
In-Reply-To: <20170910124023.GA29705@meriadoc.perfinion.com>
References: <20170910124023.GA29705@meriadoc.perfinion.com>
Message-ID: <20170910192246.6861edb9@vega.skynet.aixah.de>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Sun, 10 Sep 2017 20:40:23 +0800
Jason Zaman via refpolicy <refpolicy@oss.tresys.com> wrote:

> Lastly, Ive seen a whole ton of domains need allow foo etc_t:file map;
> and the audit logs show /etc/passwd as the file being accessed.  I'm
> fairly certain this is from nsswitch. Can someone else verify too?
> strace (below) and the fact that there is a very strong correlation
> with domains that contain nsswitch_domain.

I'm seeing those too, for pretty much all nsswitch domains. Also on
gentoo, with glibc 2.23.

Cheers,
Luis Ressel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20170910/80e489a4/attachment-0001.bin