SELinux alert

Dan Mashal dan.mashal at gmail.com
Thu Apr 19 16:43:36 UTC 2012


No, but report a bug on it and include relevant details as to what you were
doing that triggered this.

Dan

On Thu, Apr 19, 2012 at 9:36 AM, Fernando Cassia <fcassia at gmail.com> wrote:

> Should I be worried about this?
>
> SELinux is preventing useradd from write access on the directory /run.
>
> *****  Plugin catchall (100. confidence) suggests
> ***************************
>
> If you believe that useradd should be allowed write access on the run
> directory by default.
> Then you should report this as a bug.
> You can generate a local policy module to allow this access.
> Do
> allow this access for now by executing:
> # grep useradd /var/log/audit/audit.log | audit2allow -M mypol
> # semodule -i mypol.pp
>
> Additional Information:
> Source Context
> unconfined_u:system_r:useradd_t:s0-s0:c0.c1023
> Target Context                system_u:object_r:var_run_t:s0
> Target Objects                /run [ dir ]
> Source                        useradd
> Source Path                   useradd
> Port                          <Unknown>
> Host                          2cabezas
> Source RPM Packages
> Target RPM Packages           filesystem-3-2.fc17.i686
> Policy RPM                    selinux-policy-3.10.0-114.fc17.noarch
> Selinux Enabled               True
> Policy Type                   targeted
> Enforcing Mode                Enforcing
> Host Name                     2cabezas
> Platform                      Linux 2cabezas 3.3.2-1.fc17.i686 #1 SMP Fri
> Apr 13
>                               21:06:40 UTC 2012 i686 i686
> Alert Count                   1
> First Seen                    mié 18 abr 2012 13:13:48 ART
> Last Seen                     mié 18 abr 2012 13:13:48 ART
> Local ID                      2926be04-b387-449b-bbd3-90440403cb11
>
> Raw Audit Messages
> type=AVC msg=audit(1334765628.677:275): avc:  denied  { write } for
> pid=1331 comm="useradd" name="/" dev="tmpfs" ino=6961
> scontext=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:var_run_t:s0 tclass=dir
>
>
> Hash: useradd,useradd_t,var_run_t,dir,write
>
> audit2allowunable to open /sys/fs/selinux/policy:  Permission denied
>
>
> audit2allow -Runable to open /sys/fs/selinux/policy:  Permission denied
>
>
>
> --
> test mailing list
> test at lists.fedoraproject.org
> To unsubscribe:
> https://admin.fedoraproject.org/mailman/listinfo/test
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/test/attachments/20120419/ceffa14f/attachment.html>


More information about the test mailing list