Alert from turning off/on wireless
Steven Stern
subscribed-lists at sterndata.com
Sun Mar 11 17:09:04 UTC 2012
On my (very old) laptop, I turned off the wireless (via the hardware
switch) then turned it back on, generating an alert. This action
should be allowed by the default policy. (Fedora 17)
SELinux is preventing NetworkManager from read access on the file
/etc/sysctl.conf.
***** Plugin catchall (100. confidence) suggests
***************************
If you believe that NetworkManager should be allowed read access on
the sysctl.conf file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep NetworkManager /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:object_r:system_conf_t:s0
Target Objects /etc/sysctl.conf [ file ]
Source NetworkManager
Source Path NetworkManager
Port <Unknown>
Host sdssony.sterndata.local
Source RPM Packages
Target RPM Packages initscripts-9.35-1.fc17.i686
Policy RPM selinux-policy-3.10.0-95.fc17.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name sdssony.sterndata.local
Platform Linux sdssony.sterndata.local
3.3.0-0.rc6.git0.2.fc17.i686.PAE #1 SMP
Mon Mar 5
17:02:45 UTC 2012 i686 i686
Alert Count 3
First Seen Sat 10 Mar 2012 05:46:38 PM CST
Last Seen Sun 11 Mar 2012 09:03:09 AM CDT
Local ID dcb10873-6853-4f15-b7ad-98be5dca0afb
Raw Audit Messages
type=AVC msg=audit(1331474589.552:82): avc: denied { read } for
pid=581 comm="NetworkManager" name="sysctl.conf" dev="sda5"
ino=2360124 scontext=system_u:system_r:NetworkManager_t:s0
tcontext=system_u:object_r:system_conf_t:s0 tclass=file
Hash: NetworkManager,NetworkManager_t,system_conf_t,file,read
audit2allowunable to open /sys/fs/selinux/policy: Permission denied
audit2allow -Runable to open /sys/fs/selinux/policy: Permission denied
More information about the test
mailing list