Selinux alerts
Miroslav Grepl
mgrepl at redhat.com
Mon Jan 11 10:18:59 UTC 2010
On 01/10/2010 12:32 PM, Jouni Viikari wrote:
> I wonder why I started to get tons of this kind of *warnings*:
>
>
We have added a new policy for nagios plugins. All domains created by this policy are "permissive domains". So
AVC messages are reported, but access is allowed.
> SELinux is preventing /usr/lib/nagios/plugins/check_http "create"
> access.
>
> Detailed Description
> [check_imap has a permissive type (nagios_system_plugin_t). This access
> was not denied.]
>
> SELinux denied access requested by check_http. It is not expected that
> this access is required by check_http and this access may signal an
> intrusion attempt. It is also possible that the specific version or
> configuration of the application is causing it to require additional
> access.
>
> If I remember correctly this started when I did
> #restorecon /usr/lib/nagios/plugins
>
> BR,
>
> Jouni
>
> #rpm -qi selinux-policy
> Name : selinux-policy
> Version : 3.6.32
> Release : 66.fc12
> ...
>
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Could you send me your '/var/log/audit/audit.log' at mgrepl at redhat.com
Regards,
Miroslav
More information about the selinux
mailing list