[Bug 561383] SELinux is preventing /usr/bin/perl "search" access on /var/named/master.

bugzilla at redhat.com bugzilla at redhat.com
Mon Feb 8 17:51:02 UTC 2010 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=561383

--- Comment #10 from John Griffiths <fedora03 at grifent.com> 2010-02-08 12:50:57 EST ---
Got this additional AVC.


Summary:

SELinux is preventing /usr/bin/uptime "lock" access on /var/run/utmp.

Detailed Description:

[uptime has a permissive type (amavis_t). This access was not denied.]

SELinux denied access requested by uptime. It is not expected that this access
is required by uptime and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:amavis_t:SystemLow
Target Context                system_u:object_r:initrc_var_run_t:SystemLow
Target Objects                /var/run/utmp [ file ]
Source                        uptime
Source Path                   /usr/bin/uptime
Port                          <Unknown>
Host                          elijah.suretrak21.net
Source RPM Packages           procps-3.2.8-3.fc12
Target RPM Packages           initscripts-9.02.1-1
Policy RPM                    selinux-policy-3.6.32-78.fc12
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     elijah.suretrak21.net
Platform                      Linux elijah.suretrak21.net
                              2.6.31.12-174.2.3.fc12.i686.PAE #1 SMP Mon Jan 18
                              20:06:44 UTC 2010 i686 i686
Alert Count                   1
First Seen                    Mon 08 Feb 2010 12:46:38 PM EST
Last Seen                     Mon 08 Feb 2010 12:46:38 PM EST
Local ID                      88d6cf24-88b4-44d1-bf50-b580b0d5f87b
Line Numbers                  

Raw Audit Messages            

node=elijah.suretrak21.net type=AVC msg=audit(1265651198.531:104053): avc: 
denied  { lock } for  pid=13786 comm="uptime" path="/var/run/utmp" dev=dm-1
ino=5242995 scontext=unconfined_u:system_r:amavis_t:s0
tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file

node=elijah.suretrak21.net type=SYSCALL msg=audit(1265651198.531:104053):
arch=40000003 syscall=221 success=yes exit=0 a0=4 a1=7 a2=bfa03aa0 a3=0 items=0
ppid=13785 pid=13786 auid=500 uid=487 gid=468 euid=487 suid=487 fsuid=487
egid=468 sgid=468 fsgid=468 tty=pts0 ses=14830 comm="uptime"
exe="/usr/bin/uptime" subj=unconfined_u:system_r:amavis_t:s0 key=(null)

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the perl-devel mailing list