execmem_exec_t, unconfined.te and nsplugin
by Joe Nall
libsepol.print_missing_requirements: nsplugin's global requirements
were not met: type/attribute execmem_exec_t
/usr/bin/semodule_link: Error while linking packages
make[1]: *** [validate] Error 1
make[1]: Leaving directory `/home/joe/src2/Linux_x86_64/BUILD/rpmbuild/
BUILD/serefpolicy-3.5.13'
error: Bad exit status from /var/tmp/rpm-tmp.XoIIV1 (%install)
I'm trying to build an mls policy with nsplugin defined as a module in
modules-mls.conf. nsplugin depends on execmem_exec_t which is defined
in unconfined.te which is _not_ a module in modules-mls.conf, creating
the error above.
Is there a better place to declare execmem_exec_t (userdomain.te?).
joe
15 years, 4 months
New F10 X AVC
by Joe Nall
Any clue what is going on with this AVC? This is is a local variant of
selinux-policy-mls-3.5.13-125. xterms and our non-gtk apps do not
generate this AVC. It is fatal to the apps that experience it. New in
F10.
joe
node=fast type=USER_AVC msg=audit(1231388602.219:4379667): user
pid=3917 uid=0 auid=4294967295 ses=4294967295
subj=system_u:system_r:xdm_xserver_t:s0-s15:c0.c1023 msg='avc:
denied { write } for request=RANDR:SelectInput comm=/usr/lib64/
firefox-3.0.5/firefox resid=78 restype=WINDOW
scontext=user_u:user_r:user_t:s6:c0.c511
tcontext=system_u:object_r:xdm_rootwindow_t:s0-s15:c0.c1023
tclass=x_drawable : exe="/usr/bin/Xorg" (sauid=0, hostname=?, addr=?,
terminal=?)'
node=fast type=USER_AVC msg=audit(1231388632.992:4379857): user
pid=3917 uid=0 auid=4294967295 ses=4294967295
subj=system_u:system_r:xdm_xserver_t:s0-s15:c0.c1023 msg='avc:
denied { write } for request=RANDR:SelectInput comm=/usr/bin/gnome-
terminal resid=78 restype=WINDOW
scontext=user_u:user_r:user_t:s4:c0,c2,c11,c200.c511
tcontext=system_u:object_r:xdm_rootwindow_t:s0-s15:c0.c1023
tclass=x_drawable : exe="/usr/bin/Xorg" (sauid=0, hostname=?, addr=?,
terminal=?)'
15 years, 4 months
avc Dead-Letter? Fedora 10
by Frank Murphy
This is the first Fedora I've come across a files called dead-letter.
I don't use sendmail, exim is installed, if relevant.
Summary:
SELinux is preventing the sendmail from using potentially mislabeled files
(./dead.letter).
Detailed Description:
SELinux has denied sendmail access to potentially mislabeled file(s)
(./dead.letter). This means that SELinux will not allow sendmail to use
these
files. It is common for users to edit files in their home directory or tmp
directories and then move (mv) them to system directories. The problem
is that
the files end up with the wrong file context which confined applications
are not
allowed to access.
Allowing Access:
If you want sendmail to access this files, you need to relabel them using
restorecon -v './dead.letter'. You might want to relabel the entire
directory
using restorecon -R -v './dead.letter'.
Additional Information:
Source Context system_u:system_r:logwatch_t:s0
Target Context system_u:object_r:admin_home_t:s0
Target Objects ./dead.letter [ dir ]
Source sendmail
Source Path /usr/sbin/ssmtp
Port <Unknown>
Host frank01.frankly3d.local
Source RPM Packages ssmtp-2.61-11.7.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-34.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name home_tmp_bad_labels
Host Name frank01.frankly3d.local
Platform Linux frank01.frankly3d.local
2.6.27.9-159.fc10.i686 #1 SMP Tue Dec 16
15:12:04
EST 2008 i686 i686
Alert Count 1
First Seen Sun 28 Dec 2008 12:18:46 GMT
Last Seen Sun 28 Dec 2008 12:18:46 GMT
Local ID 6feff0bd-d81b-472e-8c9b-a4538c69479f
Line Numbers
Raw Audit Messages
node=frank01.frankly3d.local type=AVC msg=audit(1230466726.28:154): avc:
denied { add_name } for pid=4443 comm="sendmail" name="dead.letter"
scontext=system_u:system_r:logwatch_t:s0
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
node=frank01.frankly3d.local type=SYSCALL msg=audit(1230466726.28:154):
arch=40000003 syscall=5 success=no exit=-13 a0=97312d0 a1=441 a2=1b6
a3=440 items=0 ppid=4311 pid=4443 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="sendmail" exe="/usr/sbin/ssmtp"
subj=system_u:system_r:logwatch_t:s0 key=(null)
====================================================
Dead-Letter contents
====================================================
/etc/cron.daily/0logwatch:
sendmail: Cannot open mail:25
/etc/cron.daily/rkhunter:
send-mail: Cannot open mail:25
send-mail: Cannot open mail:25
/bin/sh: opt/f-prot/fpscan: No such file or directory
15 years, 4 months
Troubleshootng the Selunix troubleshooter
by Richard Chapman
Hi.. When I first installed Centos 5.0 - I disabled SELinux at the first
sign of trouble. I have now seen the light - and have enabled SELinux
on the system which is now updated to Centos 5.2 with Kernel Linux
2.6.18-92.1.22.el5 on x86_64. I initially enabled Selinux in permissive
mode - and tried looking at the GUI SELinux Troubleshooter - but it
shows no problems. This may be OK - because there are no "type=avc"
messages in the audit.log file. However there are thousands of "type=
user_avc". Here are the last 20 while in permissive mode:
type=USER_AVC msg=audit(1231052785.984:833): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=AddMatch dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.984:834): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=GetNameOwner dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.985:835): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.Hal.Device member=Rescan dest=org.freedesktop.Hal spid=7820 tpid=3667 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.986:836): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.14 spid=3667 tpid=7820 scontext=system_u:system_r:init_t:s0 tcontext=user_u:system_r:initrc_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.987:837): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=RemoveMatch dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.987:838): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=AddMatch dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.987:839): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=GetNameOwner dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.988:840): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.Hal.Device member=Rescan dest=org.freedesktop.Hal spid=7820 tpid=3667 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.989:841): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.14 spid=3667 tpid=7820 scontext=system_u:system_r:init_t:s0 tcontext=user_u:system_r:initrc_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.990:842): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=RemoveMatch dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.990:843): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=AddMatch dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.990:844): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=GetNameOwner dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.991:845): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.Hal.Device member=Rescan dest=org.freedesktop.Hal spid=7820 tpid=3667 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.991:846): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.14 spid=3667 tpid=7820 scontext=system_u:system_r:init_t:s0 tcontext=user_u:system_r:initrc_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.992:847): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=RemoveMatch dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.992:848): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=AddMatch dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.992:849): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=GetNameOwner dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.992:850): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.Hal.Device member=Rescan dest=org.freedesktop.Hal spid=7820 tpid=3667 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.993:851): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_return dest=:1.14 spid=3667 tpid=7820 scontext=system_u:system_r:init_t:s0 tcontext=user_u:system_r:initrc_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
type=USER_AVC msg=audit(1231052785.994:852): user pid=2489 uid=81 auid=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { send_msg } for msgtype=method_call interface=org.freedesktop.DBus member=RemoveMatch dest=org.freedesktop.DBus spid=7820 scontext=user_u:system_r:initrc_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=dbus : exe="/bin/dbus-daemon" (sauid=81, hostname=?, addr=?, terminal=?)'
If I set the system to Enforcing mode - and log out and log back in -
the login seems to run very slowly. If I try to run the gui SELinux
Troubleshooter - the application window doesn't come up - but I see the
following errors in the boot.log file.
Jan 3 16:55:54 C5 dbus: avc: received setenforce notice (enforcing=1)
Jan 3 16:56:23 C5 userhelper[24703]: running
'/usr/share/system-config-securitylevel/system-config-securitylevel.py'
with system_u:system_r:unconfined_t context
Jan 3 16:56:23 C5 userhelper[24703]: running
'/usr/share/system-config-securitylevel/system-config-securitylevel.py'
with root privileges on behalf of 'root'
Jan 3 16:58:02 C5 gconfd (root-21790): Exiting
Jan 3 16:58:02 C5 sshd[21044]: pam_unix(sshd:session): session closed
for user nx
Jan 3 16:58:02 C5 su: pam_unix(su-l:session): session closed for user root
Jan 3 16:58:23 C5 sshd[24747]: Accepted publickey for nx from
192.168.0.2 port 33869 ssh2
Jan 3 16:58:23 C5 sshd[24747]: pam_unix(sshd:session): session opened
for user nx by (uid=0)
Jan 3 16:58:25 C5 su: pam_unix(su-l:session): session opened for user
root by (uid=102)
Jan 3 16:58:28 C5 dovecot: IMAP(tim): Disconnected: Logged out
Jan 3 16:58:30 C5 gconfd (root-25493): starting (version 2.14.0), pid
25493 user 'root'
Jan 3 16:58:30 C5 gconfd (root-25493): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only
configuration source at position 0
Jan 3 16:58:30 C5 gconfd (root-25493): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at
position 1
Jan 3 16:58:30 C5 gconfd (root-25493): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only
configuration source at position 2
Jan 3 16:58:33 C5 pcscd: winscard.c:304:SCardConnect() Reader E-Gate 0 0
Not Found
Jan 3 16:58:33 C5 last message repeated 4 times
Jan 3 16:58:33 C5 gconfd (root-25493): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at
position 0
Jan 3 16:59:46 C5 gdm[4045]: pam_unix(gdm:session): session opened for
user root by (uid=0)
Jan 3 16:59:59 C5 pcscd: winscard.c:304:SCardConnect() Reader E-Gate 0 0
Not Found
Jan 3 16:59:59 C5 last message repeated 4 times
Jan 3 17:00:01 C5 crond[25738]: (root) CMD (/var/www/sarg/sarg.cron >
/dev/null 2>&1)
Jan 3 17:00:01 C5 crond[25740]: (root) CMD
(/etc/webmin/webalizer/webalizer.pl /var/log/squid/access.log)
Jan 3 17:00:01 C5 crond[25742]: (root) CMD (/etc/webmin/status/monitor.pl)
Jan 3 17:00:01 C5 crond[25743]: (root) CMD
(/etc/webmin/fetchmail/check.pl --mail rchapman\(a)aardvark\.com\.au --errors)
Jan 3 17:00:01 C5 su: pam_unix(su:session): session opened for user
richard by (uid=0)
Jan 3 17:00:04 C5 su: pam_unix(su:session): session opened for user
postgres by (uid=0)
Jan 3 17:00:04 C5 su: pam_unix(su:session): session closed for user postgres
Jan 3 17:00:13 C5 su: pam_unix(su:session): session closed for user richard
Jan 3 17:01:01 C5 crond[25911]: (root) CMD (run-parts /etc/cron.hourly)
Jan 3 17:01:15 C5 userhelper[25928]: running
'/usr/share/system-config-securitylevel/system-config-securitylevel.py'
with system_u:system_r:unconfined_t context
Jan 3 17:01:15 C5 userhelper[25928]: running
'/usr/share/system-config-securitylevel/system-config-securitylevel.py'
with root privileges on behalf of 'root'
Jan 3 17:02:18 C5 setroubleshoot: [dbus.ERROR] could not start dbus: Did
not receive a reply. Possible causes include: the remote application did
not send a reply, the message bus security policy blocked the reply, the
reply timeout expired, or the network connection was broken.
Jan 3 17:03:06 C5 dovecot: imap-login: Login: user=<tim>, method=PLAIN,
rip=192.168.0.199, lip=192.168.0.201
Jan 3 17:03:37 C5 dovecot: IMAP(tim): Disconnected: Logged out
Jan 3 17:04:14 C5 setroubleshoot: [dbus.ERROR] could not start dbus: Did
not receive a reply. Possible causes include: the remote application did
not send a reply, the message bus security policy blocked the reply, the
reply timeout expired, or the network connection was broken.
I have also tried the comand line sealert application - which runs fine
- but shows no problems:
[root@C5 <mailto:root@C5> ~]# sealert -a /var/log/audit/audit.log
100% donefound 0 alerts in /var/log/audit/audit.log
[root@C5 <mailto:root@C5> ~]#
It looks to me as if there is some problem (possibly a policy issue)
with my dbus connection. and this is preventing the selinux
troubleshooter operating in enforcing mode - and also probably causing
some other problems in enforcing mode - though no "type-avc" problems
show up int eh audit logs.
Can anyone explain to me what "type=user_avc" messages are - and why
they are not reported by teh gui SELinux troubleshooter or sealert? How
should I debug the remainig issues in theis system?
All adice appreciated.
Richard.
15 years, 4 months
setroubleshoot - kills itself
by Genes MailLists
I was monitoring a remote server (permissive mode) via sealert -b
when setroubleshootd exited with this in /var/log/messages:
Did selinux deny setroubleshootd ?
gene
----------------------------------------------------
Jan 3 13:48:03 web1 setroubleshoot: [program.ERROR] setroubleshoot
generated
AVC, exiting to avoid recursion,
context=system_u:system_r:setroubleshootd_t:s0, AVC
scontext=system_u:system_r:setroubleshootd_t:s0
Jan 3 13:48:03 web1 setroubleshoot: [program.ERROR] audit
event#012node=web1.prv.sapience.com
type=AVC msg=audit(1231008483.779:1387): avc: denied { signull }
for pid=265 9 comm="setroubleshootd"
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=unconf ined_u:unconfined_r:unconfined_t:s0
tclass=process#012#012node=web1.prv.sapience.com type=SYSCALL
msg=audit(1231008483.779:1387): arch=40000003 syscall=37
success=yes exit=0 a0=2079 a1=0 a2=ad454c a3=2079 items=0
ppid=1 pid=2659 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="setroubleshootd"
exe=2F7573722F62696E2F707974686F6E2E237072656C696E6B23202864656C6574656429
subj=system_u: system_r:setroubleshootd_t:s0 key=(null)
15 years, 4 months
Re: squid reverse proxy - AVC
by Genes MailLists
On 01/05/2009 10:27 AM, Daniel J Walsh wrote:
>
> Are you seeing this avc on every boot? Or just once. THis could have
> happened if you were in the /var/named/chroot/etc directory hen you
> restarted the squid application.
Brilliant catch - i just cd /etc/squid and restarted it ... and no
avc. I have not as yet rebooted to see what happens on a full reboot -
but it certainly appears that i was in /var/named/chroot/etc when I
started squid.
I will report back when the machine gets a reboot to confirm all is well.
Thank you for you insight and help.
gene/
15 years, 4 months
GCL
by Jerry James
I have been told that the Fedora builders run with SELinux disabled.
In that case, is it necessary continue with bz #472780? Can I just
include the policy I attached to that bug in the GCL source RPM and
stop worrying about build-time permissions? Do I need somebody's
permission (no pun intended) to do that?
Thanks,
--
Jerry James
http://loganjerry.googlepages.com/
15 years, 4 months
squid reverse proxy - AVC
by Genes MailLists
I use squid on the border firewall to act as a reverse proxy for
non-https web server.
This is fedora 10 fully updated with selinux set to permissive until
its clean, I see this logged - any suggestions how to deal with it ?
Thanks for any help
gene
Summary:
SELinux is preventing squid (squid_t) "search" to ./etc (named_conf_t).
...
Source Context unconfined_u:system_r:squid_t:s0
Target Context system_u:object_r:named_conf_t:s0
Target Objects ./etc [ dir ]
Source squid
Source Path /usr/sbin/squid
Port <Unknown>
...
Raw Audit Messages
type=AVC msg=audit(1230675079.826:69): avc: denied { search }
for pid=4026 comm="squid" name="etc" dev=sda1 ino=207365
scontext=unconfined_u:system_r:squid_t:s0
tcontext=system_u:object_r:named_conf_t:s0 tclass=dir
type=SYSCALL msg=audit(1230675079.826:69): arch=40000003
syscall=11 success=no exit=-2 a0=bfcda538 a1=bfcd94fc a2=bfcda7e8
a3=1 items=0 ppid=4025 pid=4026 auid=500 uid=23 gid=23 euid=0 suid=0
fsuid=0 egid=23 sgid=23 fsgid=23 tty=(none) ses=2
comm="squid" exe="/usr/sbin/squid" subj=unconfined_u:system_r:squid_t:s0
key=(null)
15 years, 4 months
SELinux XWindows Problem
by Mohammad zoroufi
Dear All,
I like to make SELinux operating in Enforcing mode (Fedora 9); but the main
problem I have encountered is that the XWindows is not supported by SELinux.
So I should work in text mode.
Would anyone help me on this so that I overcome to this problem?
**
Sincerely
15 years, 4 months