apache serving nfs-hosted files on FC5
by Ben
Is there a simple boolean that lets me do this? My avc errors look like:
Apr 9 11:21:50 charlotte kernel: audit(1144606910.006:153): avc:
denied { search } for pid=17677 comm="httpd" name="/" dev=0:12
ino=292243 scontext=root:system_r:httpd_t:s0
tcontext=system_u:object_r:nfs_t:s0 tclass=dir
Apr 9 11:21:50 charlotte kernel: audit(1144606910.006:154): avc:
denied { getattr } for pid=17677 comm="httpd" name="/" dev=0:12
ino=292243 scontext=root:system_r:httpd_t:s0
tcontext=system_u:object_r:nfs_t:s0 tclass=dir
On a related note, is there a way to see what the various booleans
are supposed to be good for?
16 years, 11 months
SELinux blocking something related to camera
by Tor Arne Thune
Hi.
I am having some trouble accessing my Canon EOS 10D camera through
digikam as non-root. SELinux seems to be blocking something. When I turn
the camera on I get these messages in /var/log/messages:
Apr 9 10:34:43 ranger kernel: usb 2-1: new full speed USB device using
uhci_hcd and address 2
Apr 9 10:34:44 ranger kernel: usb 2-1: configuration #1 chosen from 1
choice
Apr 9 10:34:44 ranger kernel: audit(1144571684.462:10): avc: denied {
search } for pid=21743 comm="cat" name="console" dev=dm-0 ino=1474652
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pam_var_console_t:s0 tclass=dir
Apr 9 10:37:03 ranger kernel: usb 2-1: USB disconnect, address 2
What should I disable in the SELinux policy to make this work? Any
thoughts are greatly appreciated.
16 years, 11 months
policy 2.2.29-6 complains about system_chkpwd_t
by Valdis.Kletnieks@vt.edu
Using 'strict' policy (yes, I know development is probably elsewhere at
the moment), installing selinux-policy-2.2.29-6, I get:
# rpm -Fvh selin*
Preparing... ########################################### [100%]
1:selinux-policy ########################################### [ 50%]
2:selinux-policy-strict ########################################### [100%]
libsepol.scope_copy_callback: authlogin: Duplicate declaration in module: type/attribute system_chkpwd_t
libsemanage.semanage_link_sandbox: Link packages failed
semodule: Failed!
Using a can opener on the .src.rpm and poking around, I find 3 hits in
./serefpolicy-2.2.29/policy/modules/system/authlogin.if - but all 3 seem
to be wrapped in a gen_require().
Any hints/suggestions? Hopefully enough info so somebody says "D'oh! fixed in
tomorrow's Rawhide", but I'm certainly willing to help debug this one.
16 years, 11 months
Re: [FC5] Samba and SELinux
by Stephen Smalley
On Mon, 2006-04-10 at 10:01 -0700, Dan Thurman wrote:
> I su as root initially and in my /root directory
> and created the "foo" there. You did not state
> where to create "foo" so if I did this in the
> wrong place, please let me know.
Re-added the list to the cc line above.
It doesn't matter where you create it - it is just a temporary working
directory.
> I downloaded the
> checkmodule and installed it earlier so it appears
> that this time everything works, except that in the
> tmp file created, I did not get the same files as
> you may have. Here is the log of actions:
>
> [dant@copper ~]$ su -
> Password:
> [root@copper ~]# mkdir foo
> [root@copper ~]# cd foo
> [root@copper foo]# vi local.te
> [root@copper foo]# touch local.if local.fc
> [root@copper foo]# make -f /usr/share/selinux/devel/Makefile
> Compliling targeted local module
> /usr/bin/checkmodule: loading policy configuration from tmp/local.tmp
> /usr/bin/checkmodule: policy configuration loaded
> /usr/bin/checkmodule: writing binary representation (version 5) to
> tmp/local.mod
> Creating targeted local.pp policy package
> rm tmp/local.mod.fc tmp/local.mod
> [root@copper foo]# ls
> local.fc local.if local.pp local.te tmp
> [root@copper foo]# ls tmp
> all_interfaces.conf local.mod.role local.tmp
> [root@copper foo]#
Looks correct to me, and matches what was in my original message. So
now you finish the sequence of instructions I provided originally, i.e.
# semodule -i local.pp
Then retry accessing /var/www content from samba, and if it still
doesn't work, check your /var/log/messages file for avc: denied
messages.
--
Stephen Smalley
National Security Agency
16 years, 11 months
[FC5] rsyncd invocation from rc.local
by mroselinux@eastgranby.k12.ct.us
I am migrating a samba server from FC3 to FC5. I did a fresh install and
have run into an SELINUX policy issue. I have no problem logging on as
root and typing in rsync --daemon, but when I insert the same line at the
end of /etc/rc.d/rc.local and reboot, then /var/log/messages shows the
following (with other stuff edited out).
----------------------------------------------------------------------
Apr 7 20:18:50 localhost kernel: hub 2-0:1.0: USB hub found
Apr 7 20:18:50 localhost rsyncd[2062]: rsync: failed to open log-file
/var/log/rsyncd.log: Permission denied (13)
Apr 7 20:18:50 localhost rsyncd[2062]: Ignoring "log file" setting.
Apr 7 20:18:50 localhost rsyncd[2062]: rsyncd version 2.6.6 starting,
listening on port 873
Apr 7 20:18:50 localhost rsyncd[2062]: unable to bind any inbound sockets
on port 873
Apr 7 20:18:50 localhost rsyncd[2062]: rsync error: error in socket IO
(code 10) at socket.c(448)
Apr 7 20:18:53 localhost kernel: SELinux: initialized (dev autofs, type
autofs), uses genfs_contexts
Apr 7 20:18:53 localhost kernel: ppdev: user-space parallel port driver
Apr 7 20:18:53 localhost kernel: audit(1144455530.173:2): avc: denied {
use } for pid=2061 comm="rsync" name="0" dev=devpts ino=2
scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:system_r:init_t:s0
tclass=fd
Apr 7 20:18:53 localhost kernel: audit(1144455530.173:3): avc: denied {
use } for pid=2061 comm="rsync" name="0" dev=devpts ino=2
scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:system_r:init_t:s0
tclass=fd
Apr 7 20:18:53 localhost kernel: audit(1144455530.173:4): avc: denied {
use } for pid=2061 comm="rsync" name="0" dev=devpts ino=2
scontext=system_u:system_r:rsync_t:s0 tcontext=system_u:system_r:init_t:s0
tclass=fd
Apr 7 20:18:53 localhost kernel: audit(1144455530.593:5): avc: denied {
search } for pid=2062 comm="rsync" name="log" dev=dm-0 ino=3309596
scontext=system_u:system_r:rsync_t:s0
tcontext=system_u:object_r:var_log_t:s0 tclass=dir
Apr 7 20:18:53 localhost kernel: audit(1144455530.645:6): avc: denied {
name_bind } for pid=2062 comm="rsync" src=873
scontext=system_u:system_r:rsync_t:s0
tcontext=system_u:object_r:rsync_port_t:s0 tclass=tcp_socket
Apr 7 20:18:53 localhost kernel: audit(1144455530.645:7): avc: denied {
name_bind } for pid=2062 comm="rsync" src=873
scontext=system_u:system_r:rsync_t:s0
tcontext=system_u:object_r:rsync_port_t:s0 tclass=tcp_socket
Apr 7 20:18:53 localhost kernel: [drm] Initialized drm 1.0.1 20051102
Apr 7 20:18:53 localhost kernel: ACPI: PCI Interrupt 0000:00:02.0[A] ->
GSI 16 (level, low) -> IRQ 19
Apr 7 20:18:53 localhost kernel: [drm] Initialized i915 1.4.0 20060119 on
minor 0
Apr 7 20:21:39 localhost gconfd (root-2295): starting (version 2.14.0),
pid 2295 user 'root'
Apr 7 20:21:39 localhost gconfd (root-2295): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only configuration
source at position 0
Apr 7 20:21:39 localhost gconfd (root-2295): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at
position 1
Apr 7 20:21:39 localhost gconfd (root-2295): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only configuration
source at position 2
Apr 7 20:21:40 localhost gconfd (root-2295): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at
position 0
Apr 7 20:21:41 localhost kernel: audit(1144455701.420:8): avc: denied {
use } for pid=2330 comm="bluez-pin" name="[7435]" dev=pipefs ino=7435
scontext=root:system_r:bluetooth_helper_t:s0-s0:c0.c255
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd
Apr 7 20:21:41 localhost kernel: audit(1144455701.420:9): avc: denied {
use } for pid=2330 comm="bluez-pin" name="[7435]" dev=pipefs ino=7435
scontext=root:system_r:bluetooth_helper_t:s0-s0:c0.c255
tcontext=system_u:system_r:xdm_t:s0-s0:c0.c255 tclass=fd
------------------------------------------------------------------------------
What do I need to do to allow rsync --daemon from within /etc/rc.d/rc.local?
Mark Orenstein
East Granby (CT) School System
16 years, 11 months
[FC5] New Partition help
by mroselinux@eastgranby.k12.ct.us
As I indicated in a previous message, I am migrating a samba server from
FC3 to FC5 and have run into another SELINUX policy issue. I have a
second hard drive with a single ext3 partition that I primarly use for
backups. It is labeled /backup. I did a mkdir /backup and entered the
appropriate line into fstab. When I reboot, I get the following
-----------------------------------------------------------------------
Apr 7 21:08:11 localhost kernel: audit(1144458480.400:2): avc: denied {
getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:file_t:s0
tclass=dir
Apr 7 21:08:11 localhost kernel: audit(1144458480.444:3): avc: denied {
getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:file_t:s0
tclass=dir
Apr 7 21:08:11 localhost kernel: audit(1144458480.516:4): avc: denied {
getattr } for pid=2036 comm="hald" name="/" dev=hdb1 ino=2
scontext=system_u:system_r:hald_t:s0 tcontext=system_u:object_r:file_t:s0
tclass=dir
--------------------------------------------------------------------------
What do I need to do to support the /backup partition with SELINUX?
Mark Orenstein
East Granby (CT) School System
16 years, 12 months
Xen AVC's FC5
by Bob Kashani
Xen doesn't seem to work with selinux enabled in FC5. :( Is the
recommended solution to turn selinux off when using xen in FC5?
selinux-policy-2.2.29-3.fc5
selinux-policy-targeted-2.2.29-3.fc5
kernel-xen0-2.6.16-1.2080_FC5
[root@chaucer ~]# audit2allow -l -i /var/log/audit/audit.log
allow cupsd_t var_run_t:dir setattr;
allow ifconfig_t xend_t:unix_stream_socket { read write };
allow smbd_t user_home_dir_t:file getattr;
allow xenconsoled_t console_device_t:chr_file { read write };
allow xend_t netutils_exec_t:file getattr;
allow xenstored_t console_device_t:chr_file { read write };
allow xenstored_t xen_device_t:chr_file { getattr read unlink write };
These are the AVC's that I get when I boot into the xen kernel:
type=AVC msg=audit(1144449050.119:5): avc: denied { setattr } for
pid=1887 comm="cupsd" name="cups" dev=hda2 ino=230397
scontext=system_u:system_r:cupsd_t:s0-s0:c0.c255
tcontext=user_u:object_r:var_run_t:s0 tclass=dir
type=SYSCALL msg=audit(1144449050.119:5): arch=40000003 syscall=212
success=no exit=-13 a0=8abfcb0 a1=0 a2=7 a3=0 items=1 pid=1887
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="cupsd" exe="/usr/sbin/cupsd"
type=CWD msg=audit(1144449050.119:5): cwd="/"
type=PATH msg=audit(1144449050.119:5): item=0 name="/var/run/cups"
flags=1 inode=230397 dev=03:02 mode=040755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.516:6): avc: denied { read write } for
pid=2063 comm="xenstored" name="console" dev=tmpfs ino=841
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:console_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1144449056.516:6): arch=40000003 syscall=11
success=yes exit=0 a0=9d76c48 a1=9d76f60 a2=9d76e38 a3=9d769f0 items=2
pid=2063 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="xenstored" exe="/usr/sbin/xenstored"
type=AVC_PATH msg=audit(1144449056.516:6): path="/dev/console"
type=CWD msg=audit(1144449056.516:6): cwd="/"
type=PATH msg=audit(1144449056.516:6): item=0 name="/usr/sbin/xenstored"
flags=101 inode=2481479 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449056.516:6): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.572:7): avc: denied { getattr } for
pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1144449056.572:7): arch=40000003 syscall=196
success=no exit=-13 a0=805716a a1=bf88064c a2=b45ff4 a3=bf88064c items=1
pid=2065 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="xenstored" exe="/usr/sbin/xenstored"
type=AVC_PATH msg=audit(1144449056.572:7): path="/dev/xen/evtchn"
type=CWD msg=audit(1144449056.572:7): cwd="/"
type=PATH msg=audit(1144449056.572:7): item=0 name="/dev/xen/evtchn"
flags=0 inode=3308 dev=00:0f mode=020600 ouid=0 ogid=0 rdev=0a:c9
type=AVC msg=audit(1144449056.572:8): avc: denied { unlink } for
pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1144449056.572:8): arch=40000003 syscall=10
success=no exit=-13 a0=805716a a1=d a2=a a3=0 items=1 pid=2065
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="xenstored" exe="/usr/sbin/xenstored"
type=CWD msg=audit(1144449056.572:8): cwd="/"
type=PATH msg=audit(1144449056.572:8): item=0 name="/dev/xen/evtchn"
flags=10 inode=3307 dev=00:0f mode=040755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.572:9): avc: denied { read write } for
pid=2065 comm="xenstored" name="evtchn" dev=tmpfs ino=3308
scontext=system_u:system_r:xenstored_t:s0
tcontext=system_u:object_r:xen_device_t:s0 tclass=chr_file
type=SYSCALL msg=audit(1144449056.572:9): arch=40000003 syscall=5
success=no exit=-13 a0=805716a a1=802 a2=bf8806e0 a3=0 items=1 pid=2065
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
comm="xenstored" exe="/usr/sbin/xenstored"
type=CWD msg=audit(1144449056.572:9): cwd="/"
type=PATH msg=audit(1144449056.572:9): item=0 name="/dev/xen/evtchn"
flags=101 inode=3308 dev=00:0f mode=020600 ouid=0 ogid=0 rdev=0a:c9
type=AVC msg=audit(1144449056.580:10): avc: denied { read write } for
pid=2066 comm="xenconsoled" name="console" dev=tmpfs ino=841
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:console_device_t:s0 tclass=chr_filetype=AVC
msg=audit(1144449056.580:10): avc: denied { read write } for pid=2066
comm="xenconsoled" name="console" dev=tmpfs ino=841
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:console_device_t:s0 tclass=chr_filetype=AVC
msg=audit(1144449056.580:10): avc: denied { read write } for pid=2066
comm="xenconsoled" name="console" dev=tmpfs ino=841
scontext=system_u:system_r:xenconsoled_t:s0
tcontext=system_u:object_r:console_device_t:s0
tclass=chr_filetype=SYSCALL msg=audit(1144449056.580:10): arch=40000003
syscall=11 success=yes exit=0 a0=99a0068 a1=99f4120 a2=bfefdfb4
a3=9991f98 items=2 pid=2066 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 comm="xenconsoled"
exe="/usr/sbin/xenconsoled"
type=AVC_PATH msg=audit(1144449056.580:10): path="/dev/console"
type=AVC_PATH msg=audit(1144449056.580:10): path="/dev/console"
type=AVC_PATH msg=audit(1144449056.580:10): path="/dev/console"
type=CWD msg=audit(1144449056.580:10): cwd="/"
type=PATH msg=audit(1144449056.580:10): item=0
name="/usr/sbin/xenconsoled" flags=101 inode=2481318 dev=03:02
mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449056.580:10): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.928:11): avc: denied { read write } for
pid=2083 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449056.928:11): arch=40000003 syscall=11
success=yes exit=0 a0=8a53890 a1=8a55ca0 a2=8a55b90 a3=8a545b8 items=2
pid=2083 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449056.928:11): path="socket:[7118]"
type=CWD msg=audit(1144449056.928:11): cwd="/"
type=PATH msg=audit(1144449056.928:11): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449056.928:11): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449056.952:12): avc: denied { read write } for
pid=2085 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449056.952:12): arch=40000003 syscall=11
success=yes exit=0 a0=8a60ee8 a1=8a610c0 a2=8a55b90 a3=8a60de0 items=2
pid=2085 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449056.952:12): path="socket:[7118]"
type=CWD msg=audit(1144449056.952:12): cwd="/"
type=PATH msg=audit(1144449056.952:12): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449056.952:12): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.248:13): avc: denied { read write } for
pid=2099 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.248:13): arch=40000003 syscall=11
success=yes exit=0 a0=8a61040 a1=8a61c78 a2=8a55b90 a3=8a60680 items=2
pid=2099 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.248:13): path="socket:[7118]"
type=CWD msg=audit(1144449057.248:13): cwd="/"
type=PATH msg=audit(1144449057.248:13): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.248:13): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.260:14): avc: denied { read write } for
pid=2100 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.260:14): arch=40000003 syscall=11
success=yes exit=0 a0=8a61788 a1=8a60b88 a2=8a55b90 a3=8a61108 items=2
pid=2100 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.260:14): path="socket:[7118]"
type=CWD msg=audit(1144449057.260:14): cwd="/"
type=PATH msg=audit(1144449057.260:14): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.260:14): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.268:15): avc: denied { read write } for
pid=2102 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.268:15): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a61580 a2=8a55b90 a3=8a60ee8 items=2
pid=2102 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.268:15): path="socket:[7118]"
type=CWD msg=audit(1144449057.268:15): cwd="/"
type=PATH msg=audit(1144449057.268:15): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.268:15): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.340:16): avc: denied { read write } for
pid=2111 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.340:16): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a50510 a2=8a55b90 a3=8a62178 items=2
pid=2111 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.340:16): path="socket:[7118]"
type=CWD msg=audit(1144449057.340:16): cwd="/"
type=PATH msg=audit(1144449057.340:16): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.340:16): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.348:17): avc: denied { read write } for
pid=2113 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.348:17): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a50510 a2=8a55b90 a3=8a62018 items=2
pid=2113 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.348:17): path="socket:[7118]"
type=CWD msg=audit(1144449057.348:17): cwd="/"
type=PATH msg=audit(1144449057.348:17): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.348:17): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.368:18): avc: denied { read write } for
pid=2118 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.368:18): arch=40000003 syscall=11
success=yes exit=0 a0=91b5b68 a1=91b6040 a2=91b5f28 a3=91b5890 items=2
pid=2118 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.368:18): path="socket:[7118]"
type=CWD msg=audit(1144449057.368:18): cwd="/"
type=PATH msg=audit(1144449057.368:18): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.368:18): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.380:19): avc: denied { read write } for
pid=2119 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.380:19): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a50400 a2=8a55b90 a3=8a61fb0 items=2
pid=2119 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.380:19): path="socket:[7118]"
type=CWD msg=audit(1144449057.380:19): cwd="/"
type=PATH msg=audit(1144449057.380:19): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.380:19): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.592:20): avc: denied { read write } for
pid=2162 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.592:20): arch=40000003 syscall=11
success=yes exit=0 a0=8927090 a1=89255a0 a2=89026c8 a3=8921b30 items=2
pid=2162 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.592:20): path="socket:[7118]"
type=CWD msg=audit(1144449057.592:20):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.592:20): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.592:20): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.632:21): avc: denied { read write } for
pid=2169 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.632:21): arch=40000003 syscall=11
success=yes exit=0 a0=8925ab0 a1=88ff1a0 a2=8901910 a3=89013e8 items=2
pid=2169 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.632:21): path="socket:[7118]"
type=CWD msg=audit(1144449057.632:21):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.632:21): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.632:21): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.640:22): avc: denied { read write } for
pid=2170 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.640:22): arch=40000003 syscall=11
success=yes exit=0 a0=8927110 a1=88ff1a0 a2=8901910 a3=8900bb0 items=2
pid=2170 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.640:22): path="socket:[7118]"
type=CWD msg=audit(1144449057.640:22):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.640:22): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.640:22): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.660:23): avc: denied { read write } for
pid=2173 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.660:23): arch=40000003 syscall=11
success=yes exit=0 a0=8925558 a1=8925588 a2=8902810 a3=8925720 items=2
pid=2173 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.660:23): path="socket:[7118]"
type=CWD msg=audit(1144449057.660:23):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.660:23): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.660:23): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.720:24): avc: denied { read write } for
pid=2187 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.720:24): arch=40000003 syscall=11
success=yes exit=0 a0=99f1560 a1=99f1440 a2=99de528 a3=99e20e8 items=2
pid=2187 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.720:24): path="socket:[7118]"
type=CWD msg=audit(1144449057.720:24):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.720:24): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.720:24): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.732:25): avc: denied { read write } for
pid=2189 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.732:25): arch=40000003 syscall=11
success=yes exit=0 a0=99de678 a1=99f1440 a2=99e1100 a3=99f2b60 items=2
pid=2189 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.732:25): path="socket:[7118]"
type=CWD msg=audit(1144449057.732:25):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.732:25): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.732:25): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.740:26): avc: denied { read write } for
pid=2192 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.740:26): arch=40000003 syscall=11
success=yes exit=0 a0=99e14b8 a1=99e16f0 a2=99e1a80 a3=99e1a70 items=2
pid=2192 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.740:26): path="socket:[7118]"
type=CWD msg=audit(1144449057.740:26):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449057.740:26): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.740:26): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.760:27): avc: denied { read write } for
pid=2196 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.760:27): arch=40000003 syscall=11
success=yes exit=0 a0=8a60a58 a1=8a608a0 a2=8a55b90 a3=8a612e8 items=2
pid=2196 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.760:27): path="socket:[7118]"
type=CWD msg=audit(1144449057.760:27): cwd="/"
type=PATH msg=audit(1144449057.760:27): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.760:27): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.772:28): avc: denied { read write } for
pid=2197 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.772:28): arch=40000003 syscall=11
success=yes exit=0 a0=8a61fa0 a1=8a608a0 a2=8a55b90 a3=8a612b8 items=2
pid=2197 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.772:28): path="socket:[7118]"
type=CWD msg=audit(1144449057.772:28): cwd="/"
type=PATH msg=audit(1144449057.772:28): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.772:28): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.772:29): avc: denied { read write } for
pid=2198 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.772:29): arch=40000003 syscall=11
success=yes exit=0 a0=8a61f68 a1=8a50318 a2=8a55b90 a3=8a61288 items=2
pid=2198 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.772:29): path="socket:[7118]"
type=CWD msg=audit(1144449057.772:29): cwd="/"
type=PATH msg=audit(1144449057.772:29): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.772:29): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.772:30): avc: denied { read write } for
pid=2199 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.772:30): arch=40000003 syscall=11
success=yes exit=0 a0=8a621d0 a1=8a608a0 a2=8a55b90 a3=8a61228 items=2
pid=2199 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.772:30): path="socket:[7118]"
type=CWD msg=audit(1144449057.772:30): cwd="/"
type=PATH msg=audit(1144449057.772:30): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.772:30): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.780:31): avc: denied { read write } for
pid=2200 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.780:31): arch=40000003 syscall=11
success=yes exit=0 a0=8a62178 a1=8a61368 a2=8a55b90 a3=8a61600 items=2
pid=2200 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.780:31): path="socket:[7118]"
type=CWD msg=audit(1144449057.780:31): cwd="/"
type=PATH msg=audit(1144449057.780:31): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.780:31): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.792:32): avc: denied { read write } for
pid=2201 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.792:32): arch=40000003 syscall=11
success=yes exit=0 a0=8a621f0 a1=8a50318 a2=8a55b90 a3=8a61198 items=2
pid=2201 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.792:32): path="socket:[7118]"
type=CWD msg=audit(1144449057.792:32): cwd="/"
type=PATH msg=audit(1144449057.792:32): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.792:32): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.812:33): avc: denied { read write } for
pid=2205 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.812:33): arch=40000003 syscall=11
success=yes exit=0 a0=8a60f18 a1=8a61b60 a2=8a55b90 a3=8a61138 items=2
pid=2205 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.812:33): path="socket:[7118]"
type=CWD msg=audit(1144449057.812:33): cwd="/"
type=PATH msg=audit(1144449057.812:33): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.812:33): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.812:34): avc: denied { read write } for
pid=2206 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.812:34): arch=40000003 syscall=11
success=yes exit=0 a0=8a61798 a1=8a61b60 a2=8a55b90 a3=8a61788 items=2
pid=2206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.812:34): path="socket:[7118]"
type=CWD msg=audit(1144449057.812:34): cwd="/"
type=PATH msg=audit(1144449057.812:34): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.812:34): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.820:35): avc: denied { read write } for
pid=2207 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.820:35): arch=40000003 syscall=11
success=yes exit=0 a0=8a611f8 a1=8a61b60 a2=8a55b90 a3=8a61040 items=2
pid=2207 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449057.820:35): path="socket:[7118]"
type=CWD msg=audit(1144449057.820:35): cwd="/"
type=PATH msg=audit(1144449057.820:35): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.820:35): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449057.864:36): avc: denied { read write } for
pid=2209 comm="ifconfig" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449057.864:36): arch=40000003 syscall=11
success=yes exit=0 a0=8a61fe8 a1=8a61558 a2=8a55b90 a3=8a62398 items=2
pid=2209 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifconfig" exe="/sbin/ifconfig"
type=AVC_PATH msg=audit(1144449057.864:36): path="socket:[7118]"
type=CWD msg=audit(1144449057.864:36): cwd="/"
type=PATH msg=audit(1144449057.864:36): item=0 name="/sbin/ifconfig"
flags=101 inode=102062 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449057.864:36): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.020:37): avc: denied { read write } for
pid=2241 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.020:37): arch=40000003 syscall=11
success=yes exit=0 a0=98b0180 a1=988cf58 a2=988b760 a3=98b0080 items=2
pid=2241 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.020:37): path="socket:[7118]"
type=CWD msg=audit(1144449058.020:37):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.020:37): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.020:37): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.040:38): avc: denied { read write } for
pid=2247 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.040:38): arch=40000003 syscall=11
success=yes exit=0 a0=98ae860 a1=988cf58 a2=988b810 a3=98ae598 items=2
pid=2247 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.040:38): path="socket:[7118]"
type=CWD msg=audit(1144449058.040:38):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.040:38): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.040:38): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.052:39): avc: denied { read write } for
pid=2249 comm="iwconfig" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.052:39): arch=40000003 syscall=11
success=yes exit=0 a0=98a95d8 a1=98aca10 a2=988b760 a3=98ab010 items=2
pid=2249 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="iwconfig" exe="/sbin/iwconfig"
type=AVC_PATH msg=audit(1144449058.052:39): path="socket:[7118]"
type=CWD msg=audit(1144449058.052:39):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.052:39): item=0 name="/sbin/iwconfig"
flags=101 inode=102068 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.052:39): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.072:40): avc: denied { read write } for
pid=2251 comm="ethtool" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.072:40): arch=40000003 syscall=11
success=yes exit=0 a0=988a6a0 a1=988e7c8 a2=988a9a8 a3=98ae9c8 items=2
pid=2251 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ethtool" exe="/sbin/ethtool"
type=AVC_PATH msg=audit(1144449058.072:40): path="socket:[7118]"
type=CWD msg=audit(1144449058.072:40):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.072:40): item=0 name="/sbin/ethtool"
flags=101 inode=102186 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.072:40): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.080:41): avc: denied { read write } for
pid=2254 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.080:41): arch=40000003 syscall=11
success=yes exit=0 a0=98b4628 a1=98871a0 a2=988a9a8 a3=98b3a10 items=2
pid=2254 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.080:41): path="socket:[7118]"
type=CWD msg=audit(1144449058.080:41):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.080:41): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.080:41): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.092:42): avc: denied { read write } for
pid=2255 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.092:42): arch=40000003 syscall=11
success=yes exit=0 a0=98b3a10 a1=98b4190 a2=9887310 a3=98b3ab0 items=2
pid=2255 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.092:42): path="socket:[7118]"
type=CWD msg=audit(1144449058.092:42):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.092:42): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.092:42): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.100:43): avc: denied { getattr } for
pid=2214 comm="ifup-eth" name="arping" dev=hda2 ino=99965
scontext=system_u:system_r:xend_t:s0
tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1144449058.100:43): arch=40000003 syscall=195
success=no exit=-13 a0=988a498 a1=bf874d10 a2=5fdff4 a3=988a498 items=1
pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifup-eth" exe="/bin/bash"
type=AVC_PATH msg=audit(1144449058.100:43): path="/sbin/arping"
type=CWD msg=audit(1144449058.100:43):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.100:43): item=0 name="/sbin/arping"
flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.100:44): avc: denied { getattr } for
pid=2214 comm="ifup-eth" name="arping" dev=hda2 ino=99965
scontext=system_u:system_r:xend_t:s0
tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1144449058.100:44): arch=40000003 syscall=195
success=no exit=-13 a0=988a498 a1=bf874d10 a2=5fdff4 a3=988a498 items=1
pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifup-eth" exe="/bin/bash"
type=AVC_PATH msg=audit(1144449058.100:44): path="/sbin/arping"
type=CWD msg=audit(1144449058.100:44):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.100:44): item=0 name="/usr/sbin/arping"
flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.120:45): avc: denied { read write } for
pid=2262 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.120:45): arch=40000003 syscall=11
success=yes exit=0 a0=98b4070 a1=98871a0 a2=988a9a8 a3=98b4060 items=2
pid=2262 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.120:45): path="socket:[7118]"
type=CWD msg=audit(1144449058.120:45):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.120:45): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.120:45): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.120:46): avc: denied { read write } for
pid=2263 comm="ethtool" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.120:46): arch=40000003 syscall=11
success=yes exit=0 a0=9889960 a1=98b27d0 a2=988a9a8 a3=98b3398 items=2
pid=2263 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ethtool" exe="/sbin/ethtool"
type=AVC_PATH msg=audit(1144449058.120:46): path="socket:[7118]"
type=CWD msg=audit(1144449058.120:46):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.120:46): item=0 name="/sbin/ethtool"
flags=101 inode=102186 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.120:46): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.132:47): avc: denied { read write } for
pid=2265 comm="ip" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.132:47): arch=40000003 syscall=11
success=yes exit=0 a0=98b36a8 a1=98871a0 a2=988a9a8 a3=98b3658 items=2
pid=2265 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ip" exe="/sbin/ip"
type=AVC_PATH msg=audit(1144449058.132:47): path="socket:[7118]"
type=CWD msg=audit(1144449058.132:47):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.132:47): item=0 name="/sbin/ip" flags=101
inode=102202 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.132:47): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449058.200:48): avc: denied { read write } for
pid=2279 comm="ifconfig" name="[7118]" dev=sockfs ino=7118
scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:system_r:xend_t:s0 tclass=unix_stream_socket
type=SYSCALL msg=audit(1144449058.200:48): arch=40000003 syscall=11
success=yes exit=0 a0=9c020b8 a1=9c01618 a2=9beea80 a3=9c014f8 items=2
pid=2279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifconfig" exe="/sbin/ifconfig"
type=AVC_PATH msg=audit(1144449058.200:48): path="socket:[7118]"
type=CWD msg=audit(1144449058.200:48):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449058.200:48): item=0 name="/sbin/ifconfig"
flags=101 inode=102062 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=PATH msg=audit(1144449058.200:48): item=1 flags=101 inode=1298196
dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449060.120:49): avc: denied { getattr } for
pid=2258 comm="ifup-eth" name="arping" dev=hda2 ino=99965
scontext=system_u:system_r:xend_t:s0
tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1144449060.120:49): arch=40000003 syscall=195
success=no exit=-13 a0=988a498 a1=bf874a90 a2=5fdff4 a3=988a498 items=1
pid=2258 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifup-eth" exe="/bin/bash"
type=AVC_PATH msg=audit(1144449060.120:49): path="/sbin/arping"
type=CWD msg=audit(1144449060.120:49):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449060.120:49): item=0 name="/sbin/arping"
flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
type=AVC msg=audit(1144449060.120:50): avc: denied { getattr } for
pid=2258 comm="ifup-eth" name="arping" dev=hda2 ino=99965
scontext=system_u:system_r:xend_t:s0
tcontext=system_u:object_r:netutils_exec_t:s0 tclass=file
type=SYSCALL msg=audit(1144449060.120:50): arch=40000003 syscall=195
success=no exit=-13 a0=988a498 a1=bf874a90 a2=5fdff4 a3=988a498 items=1
pid=2258 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 comm="ifup-eth" exe="/bin/bash"
type=AVC_PATH msg=audit(1144449060.120:50): path="/sbin/arping"
type=CWD msg=audit(1144449060.120:50):
cwd="/etc/sysconfig/network-scripts"
type=PATH msg=audit(1144449060.120:50): item=0 name="/usr/sbin/arping"
flags=1 inode=99965 dev=03:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
Bob
--
Bob Kashani
http://www.gnome.org/~bobk/
16 years, 12 months
proftpd logs
by Paul Howarth
proftpd likes to handle its own logging, and needs the following before
it will work:
module proftpd 0.2;
require {
class dir { getattr search };
type ftpd_t;
type xferlog_t;
};
allow ftpd_t xferlog_t:dir { getattr search };
This is for the following proftpd log setup:
ExtendedLog /var/log/proftpd/access.log WRITE,READ default
ExtendedLog /var/log/proftpd/auth.log AUTH auth
This is the default in the Extras package if you uncomment the anonymous
ftp server bits from the included configuration file:
http://cvs.fedora.redhat.com/viewcvs/devel/proftpd/proftpd.conf?root=extr...
Paul.
16 years, 12 months
[FC5] Samba and SELinux
by Dan Thurman
Folks,
What is the procedure for creating Samba shares and
getting around the SELinux issues?
Samba by default no longer works with shares such
as [homes] and any other added shares without administrator
intervention to add SELinux labels on share directories.
Please direct me to the FAQ for Samba & SELinux or
please tell me what I have to do to get samba shares
working.
In my case - I am getting permission denied in the audit
logs and in the message logs for nmbd, I am getting
directories do not exists errors (when they actually
do!).
Kind regards,
Dan
16 years, 12 months
Selinux & httpd in FC5
by Jouni Viikari
Hi,
I just noticed that I was able to run cgi-scripts on apache which type was
bin_t instead of httpd_sys_script_exec_t. Is this expected nowadays? I
am using FC5 with the latest updates
(selinux-policy-targeted-2.2.25-3.fc5)
Also this bin_t script was able to read files which were by accident
httpd_sys_script_exec_t type.
My booleans:
# getsebool -a | grep httpd
allow_httpd_anon_write --> off
allow_httpd_sys_script_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_network_connect --> on
httpd_can_network_connect_db --> off
httpd_can_network_relay --> off
httpd_disable_trans --> off
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> on
httpd_ssi_exec --> on
httpd_suexec_disable_trans --> off
httpd_tty_comm --> off
httpd_unified --> off
BTW, is there a way or tools to find out what e.g. httpd_exec_t program is
allowed to do (and what do the booleans really affect) on currently active
policy?
Best regards,
Jouni
16 years, 12 months