Guest

Preview Tool

Cisco Bug: CSCvv58733 - set of selinux denials seen on 12.0.1 SU4

Last Modified

Sep 30, 2020

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

12.0(1.10000.10) 12.0(1.24900.12)

Description (partial)

Symptom:
ipprefsd_t,cucm_t,ilsd_t,crond_t and crond denials are seen on 12.0.1 SU4 build

Conditions:
#============= ipprefsd_t ==============
allow ipprefsd_t nscd_t:nscd { shmempwd getpwd gethost shmemhost };
#============= tomcatd_t ==============

allow tomcatd_t sshd_t:process signull;
allow tomcatd_t sysadm_t:process { signull sigkill };

#============= crond_t ==============
allow crond_t named_conf_t:dir search;

#============= cucm_t ==============
allow cucm_t nscd_t:nscd { shmemgrp shmempwd getpwd shmemhost shmemserv getgrp gethost getserv };

#============= ilsd_t ==============
allow ilsd_t nscd_t:nscd { getgrp shmempwd getpwd shmemgrp shmemserv shmemhost gethost getserv };

#============= init_t ==============
allow init_t postfix_bounce_t:dir getattr;
allow init_t tomcat_lib_t:lnk_file read;
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.