SELinux is preventing perl (logwatch_t) "execute" to ./ifconfig (ifconfig_exec_t).

Frank Murphy frankly3d at gmail.com
Sun Nov 9 10:26:18 UTC 2008


restorecon\Full\fixfiles: relabel not removed avc.
---------------------------

Summary:

SELinux is preventing perl (logwatch_t) "execute" to ./ifconfig
(ifconfig_exec_t).

Detailed Description:

SELinux denied access requested by perl. It is not expected that this
access is
required by perl and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

Sometimes labeling problems can cause SELinux denials. You could try to
restore
the default system file context for ./ifconfig,

restorecon -v './ifconfig'

If this does not work, there is currently no automatic way to allow this
access.
Instead, you can generate a local policy module to allow this access -
see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can
disable
SELinux protection altogether. Disabling SELinux protection is not
recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:logwatch_t:s0
Target Context                system_u:object_r:ifconfig_exec_t:s0
Target Objects                ./ifconfig [ file ]
Source                        perl
Source Path                   /usr/bin/perl
Port                          <Unknown>
Host                          frank-01
Source RPM Packages           perl-5.10.0-49.fc10
Target RPM Packages
Policy RPM                    selinux-policy-3.5.13-11.fc10
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall_file
Host Name                     frank-01
Platform                      Linux frank-01 2.6.27.4-79.fc10.i686 #1
SMP Tue
                              Nov 4 21:56:37 EST 2008 i686 i686
Alert Count                   1
First Seen                    Sun 09 Nov 2008 10:10:33 GMT
Last Seen                     Sun 09 Nov 2008 10:10:33 GMT
Local ID                      e3112123-9c28-4417-ba5e-71236aa7b429
Line Numbers

Raw Audit Messages

node=frank-01 type=AVC msg=audit(1226225433.356:75): avc:  denied  {
execute } for  pid=24728 comm="perl" name="ifconfig" dev=dm-0 ino=4322
scontext=system_u:system_r:logwatch_t:s0
tcontext=system_u:object_r:ifconfig_exec_t:s0 tclass=file

node=frank-01 type=SYSCALL msg=audit(1226225433.356:75): arch=40000003
syscall=11 success=no exit=-13 a0=9ed4ebc a1=9f7d2a4 a2=bfce9130
a3=bfce8ac8 items=0 ppid=24727 pid=24728 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="perl" exe="/usr/bin/perl" subj=system_u:system_r:logwatch_t:s0
key=(null)


-- 
gpg id EB547226 Revoked Forgot Password :(
aMSN: Frankly3D
http://www.frankly3d.com




More information about the selinux mailing list