Selinux alerts
Dominick Grift
domg472 at gmail.com
Sun Jan 10 12:44:04 UTC 2010
On 01/10/2010 12:32 PM, Jouni Viikari wrote:
> I wonder why I started to get tons of this kind of *warnings*:
Can you attach the actual AVC denial line. It is on the bottom of the
report.
Thank you
> SELinux is preventing /usr/lib/nagios/plugins/check_http "create"
> access.
>
> Detailed Description
> [check_imap has a permissive type (nagios_system_plugin_t). This access
> was not denied.]
>
> SELinux denied access requested by check_http. It is not expected that
> this access is required by check_http and this access may signal an
> intrusion attempt. It is also possible that the specific version or
> configuration of the application is causing it to require additional
> access.
>
> If I remember correctly this started when I did
> #restorecon /usr/lib/nagios/plugins
>
> BR,
>
> Jouni
>
> #rpm -qi selinux-policy
> Name : selinux-policy
> Version : 3.6.32
> Release : 66.fc12
> ...
>
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20100110/46e81a90/attachment.bin
More information about the selinux
mailing list