| View previous topic :: View next topic |
| Author |
Message |
toralf
Developer
Joined: 01 Feb 2004
Posts: 3943
Location: Hamburg
|
 Posted: Sat May 18, 2013 9:38 am Post subject: [solved] which syscall calls "linkat" |
 |
|
I'm fuzzying a chroot image with trinity - and although I excluded that syscall from being executing due to a mass of | Code: | | kernel: type=1702 audit(1368866091.575:12): op=linkat action=denied pid=1901 comm="trinity-child2" path="/mnt/n22/v/f05" dev="loop2" ino=32010 |
lines in my syslog, I still get (much fewer) hits of those lines.
Last edited by toralf on Mon May 20, 2013 9:04 pm; edited 1 time in total |
|
| Back to top |
|
 |
user
Apprentice
Joined: 08 Feb 2004
Posts: 216
|
| Posted: Mon May 20, 2013 12:06 am Post subject: |
|
|
Hi toralf,
process "trinity-child2" called syscall linkat().
| Code: | # man 2 linkat
...
The linkat() system call operates in exactly the same way as link(2), except for the differences described in this manual page.
... |
Looks like this process has no proper rights to create a symlink. |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23092
|
| Posted: Mon May 20, 2013 1:01 am Post subject: |
|
|
| I believe toralf is not worried about resolving the denial, but rather wants to understand why the process took the action which was denied. He believes he has instructed it not to use linkat, yet he sees the kernel claiming that linkat is being used. This means either trinity is ignoring his instructions, the kernel is printing wrong data in a very well formed way, or, as toralf suggests, the internals of linkat are used by some other syscall that he has not blacklisted. |
|
| Back to top |
|
|
toralf
Developer
Joined: 01 Feb 2004
Posts: 3943
Location: Hamburg
|
| Posted: Mon May 20, 2013 9:04 pm Post subject: |
|
|
| it was just unlinkat - ick. |
|
| Back to top |
|
|
|
Kernel & Hardware
