radiusd and selinux
by selinux@lucullo.it
hi...
i don't understand very well this log:
Mar 1 16:07:29 francesca kernel: audit(1172761649.659:16):
avc: denied { read } for pid=2843 comm="radiusd"
name="unexpected.tdb" dev=hda3 ino=9886366
scontext=system_u:system_r:radiusd_t:s0
tcontext=system_u:object_r:samba_var_t:s0 tclass=file
Mar 1 16:07:29 francesca kernel: audit(1172761649.703:17):
avc: denied { create } for pid=2843 comm="radiusd"
scontext=system_u:system_r:radiusd_t:s0
tcontext=system_u:system_r:radiusd_t:s0
tclass=netlink_route_socket
thank you in advance for the help.
vittorio
17 years, 1 month
AVCs with rawhide policy....
by Tom London
Running latest rawhide, targeted/enforcing.
Get these on boot in /var/log/messages:
Feb 28 18:03:58 localhost kernel: audit(1172714587.604:4): avc:
denied { getattr } for pid=436 comm="mount" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
and
Feb 28 18:03:58 localhost kernel: loop: loaded (max 8 devices)
Feb 28 18:03:58 localhost kernel: audit(1172714600.629:6): avc:
denied { getattr } for pid=1719 comm="fsck" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:fsadm_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Feb 28 18:03:58 localhost kernel: audit(1172714600.923:7): avc:
denied { getattr } for pid=1724 comm="mount" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Feb 28 18:03:58 localhost kernel: EXT3 FS on dm-0, internal journal
Feb 28 18:03:58 localhost kernel: audit(1172714601.074:8): avc:
denied { getattr } for pid=1728 comm="mount" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Feb 28 18:03:58 localhost kernel: audit(1172714601.078:9): avc:
denied { getattr } for pid=1729 comm="mount" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Feb 28 18:03:58 localhost kernel: audit(1172714601.082:10): avc:
denied { getattr } for pid=1730 comm="mount" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Feb 28 18:03:58 localhost kernel: audit(1172714601.086:11): avc:
denied { getattr } for pid=1731 comm="mount" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Feb 28 18:03:58 localhost kernel: audit(1172714601.089:12): avc:
denied { getattr } for pid=1732 comm="mount" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:mount_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
and
Feb 28 18:03:58 localhost kernel: audit(1172714602.004:14): avc:
denied { getattr } for pid=1787 comm="swapon" name="/" dev=selinuxfs
ino=540 scontext=system_u:system_r:fsadm_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
and
Feb 28 18:03:58 localhost kernel: audit(1172714603.821:16): avc:
denied { getattr } for pid=1904 comm="iptables-restor" name="/"
dev=selinuxfs ino=540 scontext=system_u:system_r:iptables_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
and
Feb 28 18:03:58 localhost kernel: audit(1172714605.500:17): avc:
denied { getattr } for pid=2092 comm="ifconfig" name="/"
dev=selinuxfs ino=540 scontext=system_u:system_r:ifconfig_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=filesystem
I attach audit.log.
tom
--
Tom London
17 years, 1 month