SElinux process killed while trying to set boolean
- by Antonio
I've got a strange problem. I can not allow apache to connect to database at my CentOC 6.4 box:
[root@centos6 ~]# setsebool -P httpd_can_network_connect on
Killed
[root@centos6 ~]# sestatus -b | grep httpd_can_network_connect
httpd_can_network_connect off
httpd_can_network_connect_cobbler off
httpd_can_network_connect_db off
I watched log file, but there was no log messages:
tail -f /var/log/audit/audit.log
UPDATE:
There are some information in /var/log/messages:
Nov 9 19:07:16 vs302 kernel: setsebool invoked oom-killer: gfp_mask=0x280da, order=0, oom_adj=0, oom_score_adj=0
Nov 9 19:07:16 vs302 kernel: setsebool cpuset=/ mems_allowed=0
Nov 9 19:07:16 vs302 kernel: Pid: 1660, comm: setsebool Not tainted 2.6.32-358.23.2.el6.x86_64 #1
Nov 9 19:07:16 vs302 kernel: Call Trace:
Nov 9 19:07:16 vs302 kernel: [<ffffffff810cb641>] ? cpuset_print_task_mems_allowed+0x91/0xb0
Nov 9 19:07:16 vs302 kernel: [<ffffffff8111ce40>] ? dump_header+0x90/0x1b0
Nov 9 19:07:16 vs302 kernel: [<ffffffff8111d2c2>] ? oom_kill_process+0x82/0x2a0
Nov 9 19:07:16 vs302 kernel: [<ffffffff8111d201>] ? select_bad_process+0xe1/0x120
Nov 9 19:07:16 vs302 kernel: [<ffffffff8111d700>] ? out_of_memory+0x220/0x3c0
Nov 9 19:07:16 vs302 kernel: [<ffffffff8112c3dc>] ? __alloc_pages_nodemask+0x8ac/0x8d0
Nov 9 19:07:16 vs302 kernel: [<ffffffff81160d6a>] ? alloc_pages_vma+0x9a/0x150
Nov 9 19:07:16 vs302 kernel: [<ffffffff81143f0b>] ? handle_pte_fault+0x76b/0xb50
Nov 9 19:07:16 vs302 kernel: [<ffffffff81228664>] ? task_has_capability+0xb4/0x110
Nov 9 19:07:16 vs302 kernel: [<ffffffff81004a49>] ? __raw_callee_save_xen_pmd_val+0x11/0x1e
Nov 9 19:07:16 vs302 kernel: [<ffffffff8114452a>] ? handle_mm_fault+0x23a/0x310
Nov 9 19:07:16 vs302 kernel: [<ffffffff811485b6>] ? vma_adjust+0x556/0x5e0
Nov 9 19:07:16 vs302 kernel: [<ffffffff810474e9>] ? __do_page_fault+0x139/0x480
Nov 9 19:07:16 vs302 kernel: [<ffffffff81148b8a>] ? vma_merge+0x29a/0x3e0
Nov 9 19:07:16 vs302 kernel: [<ffffffff81149fdc>] ? do_brk+0x26c/0x350
Nov 9 19:07:16 vs302 kernel: [<ffffffff8100ba1d>] ? retint_restore_args+0x5/0x6
Nov 9 19:07:16 vs302 kernel: [<ffffffff81513bfe>] ? do_page_fault+0x3e/0xa0
Nov 9 19:07:16 vs302 kernel: [<ffffffff81510fb5>] ? page_fault+0x25/0x30
Nov 9 19:07:16 vs302 kernel: Mem-Info:
Nov 9 19:07:16 vs302 kernel: Node 0 DMA per-cpu:
Nov 9 19:07:16 vs302 kernel: CPU 0: hi: 0, btch: 1 usd: 0
Nov 9 19:07:16 vs302 kernel: Node 0 DMA32 per-cpu:
Nov 9 19:07:16 vs302 kernel: CPU 0: hi: 186, btch: 31 usd: 30
Nov 9 19:07:16 vs302 kernel: active_anon:132249 inactive_anon:46 isolated_anon:0
Nov 9 19:07:16 vs302 kernel: active_file:56 inactive_file:59 isolated_file:0
Nov 9 19:07:16 vs302 kernel: unevictable:0 dirty:2 writeback:0 unstable:0
Nov 9 19:07:16 vs302 kernel: free:1369 slab_reclaimable:1774 slab_unreclaimable:11588
Nov 9 19:07:16 vs302 kernel: mapped:54 shmem:48 pagetables:1211 bounce:0
Nov 9 19:07:16 vs302 kernel: Node 0 DMA free:2440kB min:72kB low:88kB high:108kB active_anon:12156kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:14648kB mlocked:0kB dirty:0kB writeback:0kB mapped:0kB shmem:0kB slab_reclaimable:24kB slab_unreclaimable:8kB kernel_stack:0kB pagetables:16kB unstable:0kB bounce:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? yes
Nov 9 19:07:16 vs302 kernel: lowmem_reserve[]: 0 590 590 590
Nov 9 19:07:16 vs302 kernel: Node 0 DMA32 free:3036kB min:3072kB low:3840kB high:4608kB active_anon:516840kB inactive_anon:184kB active_file:224kB inactive_file:236kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:604988kB mlocked:0kB dirty:8kB writeback:0kB mapped:216kB shmem:192kB slab_reclaimable:7072kB slab_unreclaimable:46344kB kernel_stack:880kB pagetables:4828kB unstable:0kB bounce:0kB writeback_tmp:0kB pages_scanned:128 all_unreclaimable? no
Nov 9 19:07:16 vs302 kernel: lowmem_reserve[]: 0 0 0 0
Nov 9 19:07:16 vs302 kernel: Node 0 DMA: 0*4kB 1*8kB 0*16kB 0*32kB 0*64kB 1*128kB 1*256kB 0*512kB 0*1024kB 1*2048kB 0*4096kB = 2440kB
Nov 9 19:07:16 vs302 kernel: Node 0 DMA32: 129*4kB 67*8kB 30*16kB 19*32kB 6*64kB 2*128kB 1*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 3036kB
Nov 9 19:07:16 vs302 kernel: 182 total pagecache pages
Nov 9 19:07:16 vs302 kernel: 0 pages in swap cache
Nov 9 19:07:16 vs302 kernel: Swap cache stats: add 0, delete 0, find 0/0
Nov 9 19:07:16 vs302 kernel: Free swap = 0kB
Nov 9 19:07:16 vs302 kernel: Total swap = 0kB
Nov 9 19:07:16 vs302 kernel: 157439 pages RAM
Nov 9 19:07:16 vs302 kernel: 6271 pages reserved
Nov 9 19:07:16 vs302 kernel: 2686 pages shared
Nov 9 19:07:16 vs302 kernel: 146395 pages non-shared
Nov 9 19:07:16 vs302 kernel: [ pid ] uid tgid total_vm rss cpu oom_adj oom_score_adj name
Nov 9 19:07:16 vs302 kernel: [ 271] 0 271 2798 231 0 -17 -1000 udevd
Nov 9 19:07:16 vs302 kernel: [ 476] 0 476 2797 230 0 -17 -1000 udevd
Nov 9 19:07:16 vs302 kernel: [ 718] 0 718 2279 122 0 0 0 dhclient
Nov 9 19:07:16 vs302 kernel: [ 762] 0 762 6909 58 0 -17 -1000 auditd
Nov 9 19:07:16 vs302 kernel: [ 787] 0 787 62270 147 0 0 0 rsyslogd
Nov 9 19:07:16 vs302 kernel: [ 801] 25 801 40326 2655 0 0 0 named
Nov 9 19:07:16 vs302 kernel: [ 850] 0 850 16563 172 0 -17 -1000 sshd
Nov 9 19:07:16 vs302 kernel: [ 875] 0 875 23451 240 0 0 0 sshd
Nov 9 19:07:16 vs302 kernel: [ 966] 498 966 4780 44 0 0 0 wrapper
Nov 9 19:07:16 vs302 kernel: [ 968] 498 968 497404 40812 0 0 0 java
Nov 9 19:07:16 vs302 kernel: [ 1057] 0 1057 20216 225 0 0 0 master
Nov 9 19:07:16 vs302 kernel: [ 1064] 89 1064 20278 209 0 0 0 qmgr
Nov 9 19:07:16 vs302 kernel: [ 1071] 0 1071 27075 121 0 0 0 bash
Nov 9 19:07:16 vs302 kernel: [ 1111] 0 1111 24880 350 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1117] 48 1117 24913 351 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1118] 48 1118 24880 337 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1119] 48 1119 24880 337 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1120] 48 1120 24880 337 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1121] 48 1121 24880 337 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1122] 48 1122 24880 337 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1124] 48 1124 24880 337 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1125] 48 1125 24880 337 0 0 0 httpd
Nov 9 19:07:16 vs302 kernel: [ 1129] 0 1129 29313 151 0 0 0 crond
Nov 9 19:07:16 vs302 kernel: [ 1143] 0 1143 1018 22 0 0 0 agetty
Nov 9 19:07:16 vs302 kernel: [ 1146] 0 1146 1015 22 0 0 0 mingetty
Nov 9 19:07:16 vs302 kernel: [ 1514] 0 1514 23451 237 0 0 0 sshd
Nov 9 19:07:16 vs302 kernel: [ 1517] 0 1517 27075 113 0 0 0 bash
Nov 9 19:07:16 vs302 kernel: [ 1641] 89 1641 20236 218 0 0 0 pickup
Nov 9 19:07:16 vs302 kernel: [ 1659] 0 1659 25234 39 0 0 0 tail
Nov 9 19:07:16 vs302 kernel: [ 1660] 0 1660 89903 85712 0 0 0 setsebool
Nov 9 19:07:16 vs302 kernel: Out of memory: Kill process 1660 (setsebool) score 568 or sacrifice child
Nov 9 19:07:16 vs302 kernel: Killed process 1660, UID 0, (setsebool) total-vm:359612kB, anon-rss:342708kB, file-rss:140kB
