F10 and synce selinux troubles.
Albert Bartoszko
al_bin at vp.pl
Mon Mar 23 20:57:05 UTC 2009
Hi all!
It's my first post.
I last try to connect Palm to computer with F10 using synce-hal.
I got several selinux alerts.
All files has default context, pppd works fine with command line.
SELinux is preventing pppd (hald_t) "read" ./options (pppd_etc_rw_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_etc_rw_t
Target Objects ./options [ file ]
Source pppd
Source Path /usr/sbin/pppd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ppp-2.4.4-8.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID 746a1a3e-6177-42e3-9a45-44beb2856c56
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.818:385): avc:
denied { read } for pid=11770 comm="pppd" name="options" dev=dm-0
ino=360195 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_etc_rw_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.818:385):
arch=40000003 syscall=5 success=yes exit=4 a0=a10303 a1=0 a2=1b6 a3=0
items=0 ppid=11756 pid=11770 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="pppd"
exe="/usr/sbin/pppd" subj=system_u:system_r:hald_t:s0 key=(null)
SELinux is preventing pppd (hald_t) "getattr" /etc/ppp/options
(pppd_etc_rw_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_etc_rw_t
Target Objects /etc/ppp/options [ file ]
Source pppd
Source Path /usr/sbin/pppd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ppp-2.4.4-8.fc10
Target RPM Packages ppp-2.4.4-8.fc10
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID c291b3a2-1c71-4baf-a2c5-f854f049f31a
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.818:386): avc:
denied { getattr } for pid=11770 comm="pppd" path="/etc/ppp/options"
dev=dm-0 ino=360195 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_etc_rw_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.818:386):
arch=40000003 syscall=197 success=yes exit=0 a0=4 a1=bfa6ee14 a2=40eff4
a3=e0e080 items=0 ppid=11756 pid=11770 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="pppd" exe="/usr/sbin/pppd" subj=system_u:system_r:hald_t:s0
key=(null)
SELinux is preventing pppd (hald_t) "read write" ./pppd2.tdb
(pppd_var_run_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_var_run_t
Target Objects ./pppd2.tdb [ file ]
Source pppd
Source Path /usr/sbin/pppd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ppp-2.4.4-8.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID 1bef60ad-3bca-46eb-bb03-64983c6e80e0
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.878:387): avc:
denied { read write } for pid=11770 comm="pppd" name="pppd2.tdb"
dev=dm-0 ino=5272278 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_var_run_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.878:387):
arch=40000003 syscall=5 success=yes exit=7 a0=a10333 a1=42 a2=1a4 a3=0
items=0 ppid=11756 pid=11770 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="pppd"
exe="/usr/sbin/pppd" subj=system_u:system_r:hald_t:s0 key=(null)
SELinux is preventing pppd (hald_t) "getattr" /var/run/pppd2.tdb
(pppd_var_run_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_var_run_t
Target Objects /var/run/pppd2.tdb [ file ]
Source pppd
Source Path /usr/sbin/pppd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ppp-2.4.4-8.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID 07544813-1176-427b-ab4a-dded6daaf56e
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.878:388): avc:
denied { getattr } for pid=11770 comm="pppd" path="/var/run/pppd2.tdb"
dev=dm-0 ino=5272278 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_var_run_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.878:388):
arch=40000003 syscall=197 success=yes exit=0 a0=7 a1=bfa6f674 a2=40eff4
a3=e10f98 items=0 ppid=11756 pid=11770 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="pppd" exe="/usr/sbin/pppd" subj=system_u:system_r:hald_t:s0
key=(null)
SELinux is preventing pppd (hald_t) "create" ./LCK..ttyUSB0
(var_lock_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:var_lock_t
Target Objects ./LCK..ttyUSB0 [ file ]
Source pppd
Source Path /usr/sbin/pppd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ppp-2.4.4-8.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID e59e15b8-a651-430a-9581-79bd1e36e4f7
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.879:389): avc:
denied { create } for pid=11771 comm="pppd" name="LCK..ttyUSB0"
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:var_lock_t:s0 tclass=file
node=localhost.localdomain type=AVC msg=audit(1237576627.879:389): avc:
denied { read write } for pid=11771 comm="pppd" name="LCK..ttyUSB0"
dev=dm-0 ino=5265361 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:var_lock_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.879:389):
arch=40000003 syscall=5 success=yes exit=8 a0=a27520 a1=c2 a2=1a4
a3=bfa6e6ec items=0 ppid=1 pid=11771 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="pppd" exe="/usr/sbin/pppd" subj=system_u:system_r:hald_t:s0
key=(null)
SELinux is preventing hal-dccm (hald_dccm_t) "getattr" hald_dccm_t.
Additional Information:
Source Context system_u:system_r:hald_dccm_t
Target Context system_u:system_r:hald_dccm_t
Target Objects pipe [ fifo_file ]
Source hal-dccm
Source Path /usr/libexec/hal-dccm
Port <Unknown>
Host localhost.localdomain
Source RPM Packages synce-hal-0.1-1.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID 03e073b1-7c9a-41d6-9eea-c736309b5f8f
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.903:390): avc:
denied { getattr } for pid=11756 comm="hal-dccm" path="pipe:[209228]"
dev=pipefs ino=209228 scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:system_r:hald_dccm_t:s0 tclass=fifo_file
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.903:390):
arch=40000003 syscall=197 success=yes exit=0 a0=5 a1=bfcb2aac a2=6aeff4
a3=5 items=0 ppid=2129 pid=11756 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="hal-dccm" exe="/usr/libexec/hal-dccm"
subj=system_u:system_r:hald_dccm_t:s0 key=(null)
SELinux is preventing hal-dccm (hald_dccm_t) "create" hald_dccm_t.
Additional Information:
Source Context system_u:system_r:hald_dccm_t
Target Context system_u:system_r:hald_dccm_t
Target Objects None [ unix_dgram_socket ]
Source hal-dccm
Source Path /usr/libexec/hal-dccm
Port <Unknown>
Host localhost.localdomain
Source RPM Packages synce-hal-0.1-1.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID c1f75682-ab61-46ea-85f2-3e081eedfc01
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.903:391): avc:
denied { create } for pid=11756 comm="hal-dccm"
scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:system_r:hald_dccm_t:s0 tclass=unix_dgram_socket
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.903:391):
arch=40000003 syscall=102 success=yes exit=0 a0=1 a1=bfcb2540 a2=6aeff4
a3=6b23cc items=0 ppid=2129 pid=11756 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="hal-dccm" exe="/usr/libexec/hal-dccm"
subj=system_u:system_r:hald_dccm_t:s0 key=(null)
SELinux is preventing hal-dccm (hald_dccm_t) "connect" hald_dccm_t.
Additional Information:
Source Context system_u:system_r:hald_dccm_t
Target Context system_u:system_r:hald_dccm_t
Target Objects None [ unix_dgram_socket ]
Source hal-dccm
Source Path /usr/libexec/hal-dccm
Port <Unknown>
Host localhost.localdomain
Source RPM Packages synce-hal-0.1-1.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID b2c25766-1a6d-4453-a81b-9a895be0a06b
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.903:392): avc:
denied { connect } for pid=11756 comm="hal-dccm"
scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:system_r:hald_dccm_t:s0 tclass=unix_dgram_socket
node=localhost.localdomain type=AVC msg=audit(1237576627.903:392): avc:
denied { write } for pid=11756 comm="hal-dccm" name="log" dev=tmpfs
ino=7412 scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:object_r:devlog_t:s0 tclass=sock_file
node=localhost.localdomain type=AVC msg=audit(1237576627.903:392): avc:
denied { sendto } for pid=11756 comm="hal-dccm" path="/dev/log"
scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:system_r:syslogd_t:s0 tclass=unix_dgram_socket
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.903:392):
arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=bfcb2540 a2=6aeff4
a3=0 items=0 ppid=2129 pid=11756 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="hal-dccm" exe="/usr/libexec/hal-dccm"
subj=system_u:system_r:hald_dccm_t:s0 key=(null)
SELinux is preventing hal-dccm (hald_dccm_t) "search" ./dbus
(system_dbusd_var_run_t).
Additional Information:
Source Context system_u:system_r:hald_dccm_t
Target Context system_u:object_r:system_dbusd_var_run_t
Target Objects ./dbus [ dir ]
Source hal-dccm
Source Path /usr/libexec/hal-dccm
Port <Unknown>
Host localhost.localdomain
Source RPM Packages synce-hal-0.1-1.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:17 2009
Last Seen Fri Mar 20 20:17:07 2009
Local ID 418b2252-1561-4209-ba8d-8ed9f4917c7b
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576627.907:393): avc:
denied { search } for pid=11756 comm="hal-dccm" name="dbus" dev=dm-0
ino=5265901 scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=dir
node=localhost.localdomain type=AVC msg=audit(1237576627.907:393): avc:
denied { write } for pid=11756 comm="hal-dccm"
name="system_bus_socket" dev=dm-0 ino=5265775
scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:object_r:system_dbusd_var_run_t:s0 tclass=sock_file
node=localhost.localdomain type=AVC msg=audit(1237576627.907:393): avc:
denied { connectto } for pid=11756 comm="hal-dccm"
path="/var/run/dbus/system_bus_socket"
scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
tclass=unix_stream_socket
node=localhost.localdomain type=SYSCALL msg=audit(1237576627.907:393):
arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=bfcb28a0 a2=87bff4
a3=1f items=0 ppid=2129 pid=11756 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="hal-dccm" exe="/usr/libexec/hal-dccm"
subj=system_u:system_r:hald_dccm_t:s0 key=(null)
SELinux is preventing pppd (hald_t) "read" ./pap-secrets
(pppd_secret_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_secret_t
Target Objects ./pap-secrets [ file ]
Source pppd
Source Path /usr/sbin/pppd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ppp-2.4.4-8.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 1
First Seen Fri Mar 20 20:17:08 2009
Last Seen Fri Mar 20 20:17:08 2009
Local ID 8790ca12-4cd3-468f-917b-b29956652895
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576628.453:394): avc:
denied { read } for pid=11771 comm="pppd" name="pap-secrets" dev=dm-0
ino=360200 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_secret_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576628.453:394):
arch=40000003 syscall=5 success=yes exit=11 a0=a135e5 a1=0 a2=1b6 a3=0
items=0 ppid=1 pid=11771 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyUSB0 ses=4294967295 comm="pppd"
exe="/usr/sbin/pppd" subj=system_u:system_r:hald_t:s0 key=(null)
SELinux is preventing pppd (hald_t) "getattr" /etc/ppp/pap-secrets
(pppd_secret_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_secret_t
Target Objects /etc/ppp/pap-secrets [ file ]
Source pppd
Source Path /usr/sbin/pppd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ppp-2.4.4-8.fc10
Target RPM Packages ppp-2.4.4-8.fc10
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 1
First Seen Fri Mar 20 20:17:08 2009
Last Seen Fri Mar 20 20:17:08 2009
Local ID a4d794e1-18d5-41fd-a755-2f68eb4aefc4
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576628.453:395): avc:
denied { getattr } for pid=11771 comm="pppd"
path="/etc/ppp/pap-secrets" dev=dm-0 ino=360200
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_secret_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576628.453:395):
arch=40000003 syscall=197 success=yes exit=0 a0=b a1=bfa6f1c4 a2=40eff4
a3=a135e5 items=0 ppid=1 pid=11771 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyUSB0 ses=4294967295
comm="pppd" exe="/usr/sbin/pppd" subj=system_u:system_r:hald_t:s0
key=(null)
SELinux is preventing pppd (hald_t) "getattr" /etc/ppp/ip-up
(pppd_initrc_exec_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_initrc_exec_t
Target Objects /etc/ppp/ip-up [ file ]
Source pppd
Source Path /usr/sbin/pppd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ppp-2.4.4-8.fc10
Target RPM Packages initscripts-8.86-1
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:18 2009
Last Seen Fri Mar 20 20:17:08 2009
Local ID 231cc7e5-6eb3-4cb8-8f3c-f901c9e464b8
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576628.498:396): avc:
denied { getattr } for pid=11771 comm="pppd" path="/etc/ppp/ip-up"
dev=dm-0 ino=361994 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_initrc_exec_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576628.498:396):
arch=40000003 syscall=195 success=yes exit=0 a0=a12036 a1=bfa6f584
a2=40eff4 a3=bfa6f6d8 items=0 ppid=1 pid=11771 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyUSB0
ses=4294967295 comm="pppd" exe="/usr/sbin/pppd"
subj=system_u:system_r:hald_t:s0 key=(null)
SELinux is preventing ip-up (hald_t) "execute" ./ip-up
(pppd_initrc_exec_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_initrc_exec_t
Target Objects ./ip-up [ file ]
Source ip-up
Source Path /bin/bash
Port <Unknown>
Host localhost.localdomain
Source RPM Packages bash-3.2-30.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:18 2009
Last Seen Fri Mar 20 20:17:08 2009
Local ID 9c0bf4d7-e98d-46b5-8e98-b727169803af
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576628.498:397): avc:
denied { execute } for pid=11784 comm="pppd" name="ip-up" dev=dm-0
ino=361994 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_initrc_exec_t:s0 tclass=file
node=localhost.localdomain type=AVC msg=audit(1237576628.498:397): avc:
denied { read } for pid=11784 comm="pppd" name="ip-up" dev=dm-0
ino=361994 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_initrc_exec_t:s0 tclass=file
node=localhost.localdomain type=AVC msg=audit(1237576628.498:397): avc:
denied { execute_no_trans } for pid=11784 comm="pppd"
path="/etc/ppp/ip-up" dev=dm-0 ino=361994
scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_initrc_exec_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576628.498:397):
arch=40000003 syscall=11 success=yes exit=0 a0=a12036 a1=bfa6f6b8
a2=e0e018 a3=0 items=0 ppid=11771 pid=11784 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="ip-up" exe="/bin/bash" subj=system_u:system_r:hald_t:s0 key=(null)
SELinux is preventing ip-up (hald_t) "ioctl" /etc/ppp/ip-up
(pppd_initrc_exec_t).
Additional Information:
Source Context system_u:system_r:hald_t
Target Context system_u:object_r:pppd_initrc_exec_t
Target Objects /etc/ppp/ip-up [ file ]
Source ip-up
Source Path /bin/bash
Port <Unknown>
Host localhost.localdomain
Source RPM Packages bash-3.2-30.fc10
Target RPM Packages initscripts-8.86-1
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 2
First Seen Fri Mar 20 19:13:18 2009
Last Seen Fri Mar 20 20:17:08 2009
Local ID 0ec7c0de-0086-4c13-b618-bf4858af6f41
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576628.500:398): avc:
denied { ioctl } for pid=11784 comm="ip-up" path="/etc/ppp/ip-up"
dev=dm-0 ino=361994 scontext=system_u:system_r:hald_t:s0
tcontext=system_u:object_r:pppd_initrc_exec_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1237576628.500:398):
arch=40000003 syscall=54 success=no exit=-25 a0=3 a1=5401 a2=bf832bd8
a3=bf832c18 items=0 ppid=11771 pid=11784 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="ip-up" exe="/bin/bash" subj=system_u:system_r:hald_t:s0 key=(null)
SELinux is preventing hal-dccm (hald_dccm_t) "write" hald_dccm_t.
Additional Information:
Source Context system_u:system_r:hald_dccm_t
Target Context system_u:system_r:hald_dccm_t
Target Objects None [ unix_dgram_socket ]
Source hal-dccm
Source Path /usr/libexec/hal-dccm
Port <Unknown>
Host localhost.localdomain
Source RPM Packages synce-hal-0.1-1.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-48.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.27.19-170.2.35.fc10.i686 #1 SMP Mon
Feb 23
13:21:22 EST 2009 i686 i686
Alert Count 3
First Seen Fri Mar 20 19:13:18 2009
Last Seen Fri Mar 20 20:17:08 2009
Local ID bc1a16c5-af3f-42c0-9563-62a8cdf9eb69
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1237576628.514:405): avc:
denied { write } for pid=11756 comm="hal-dccm"
scontext=system_u:system_r:hald_dccm_t:s0
tcontext=system_u:system_r:hald_dccm_t:s0 tclass=unix_dgram_socket
node=localhost.localdomain type=SYSCALL msg=audit(1237576628.514:405):
arch=40000003 syscall=102 success=yes exit=86 a0=9 a1=bfcb23f4 a2=6aeff4
a3=14 items=0 ppid=2129 pid=11756 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="hal-dccm" exe="/usr/libexec/hal-dccm"
subj=system_u:system_r:hald_dccm_t:s0 key=(null)
Albert
More information about the selinux
mailing list