[Bug 561383] SELinux is preventing /usr/bin/perl "search" access on /var/named/master.
bugzilla at redhat.com
bugzilla at redhat.com
Mon Feb 8 17:51:02 UTC 2010
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=561383
--- Comment #10 from John Griffiths <fedora03 at grifent.com> 2010-02-08 12:50:57 EST ---
Got this additional AVC.
Summary:
SELinux is preventing /usr/bin/uptime "lock" access on /var/run/utmp.
Detailed Description:
[uptime has a permissive type (amavis_t). This access was not denied.]
SELinux denied access requested by uptime. It is not expected that this access
is required by uptime and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.
Additional Information:
Source Context unconfined_u:system_r:amavis_t:SystemLow
Target Context system_u:object_r:initrc_var_run_t:SystemLow
Target Objects /var/run/utmp [ file ]
Source uptime
Source Path /usr/bin/uptime
Port <Unknown>
Host elijah.suretrak21.net
Source RPM Packages procps-3.2.8-3.fc12
Target RPM Packages initscripts-9.02.1-1
Policy RPM selinux-policy-3.6.32-78.fc12
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name catchall
Host Name elijah.suretrak21.net
Platform Linux elijah.suretrak21.net
2.6.31.12-174.2.3.fc12.i686.PAE #1 SMP Mon Jan 18
20:06:44 UTC 2010 i686 i686
Alert Count 1
First Seen Mon 08 Feb 2010 12:46:38 PM EST
Last Seen Mon 08 Feb 2010 12:46:38 PM EST
Local ID 88d6cf24-88b4-44d1-bf50-b580b0d5f87b
Line Numbers
Raw Audit Messages
node=elijah.suretrak21.net type=AVC msg=audit(1265651198.531:104053): avc:
denied { lock } for pid=13786 comm="uptime" path="/var/run/utmp" dev=dm-1
ino=5242995 scontext=unconfined_u:system_r:amavis_t:s0
tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file
node=elijah.suretrak21.net type=SYSCALL msg=audit(1265651198.531:104053):
arch=40000003 syscall=221 success=yes exit=0 a0=4 a1=7 a2=bfa03aa0 a3=0 items=0
ppid=13785 pid=13786 auid=500 uid=487 gid=468 euid=487 suid=487 fsuid=487
egid=468 sgid=468 fsgid=468 tty=pts0 ses=14830 comm="uptime"
exe="/usr/bin/uptime" subj=unconfined_u:system_r:amavis_t:s0 key=(null)
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the perl-devel
mailing list