[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: SELinux is preventing /usr/sbin/cupsd "ipc_lock" access.
- From: Daniel J Walsh <dwalsh redhat com>
- To: "Community assistance, encouragement, and advice for using Fedora." <fedora-list redhat com>
- Subject: Re: SELinux is preventing /usr/sbin/cupsd "ipc_lock" access.
- Date: Mon, 04 Jan 2010 13:03:05 -0500
On 01/04/2010 12:52 PM, Paolo Galtieri wrote:
> I've started seeing this selinux alert
>
> SELinux is preventing /usr/sbin/cupsd "ipc_lock" access.
>
> [cupsd has a permissive type (cupsd_t). This access was not denied.]SELinux
> denied access requested by cupsd. It is not expected that this access is
> required by cupsd and this access may signal an intrusion attempt. It is
> also possible that the specific version or configuration of the application
> is causing it to require additional access
>
> Is this something I should be concerned about?
THis is something new and will be allowed in the next policy update. Not really something to be concerned about.
>
> I'm also seeing this alert
>
> SELinux is preventing /usr/bin/gok "getattr" access on /var/mail.
>
> SELinux denied access requested by gok. It is not expected that this access
> is required by gok and this access may signal an intrusion attempt. It is
> also possible that the specific version or configuration of the application
> is causing it to require additional access.
>
> I don't use gok so I'm not sure why I'm getting these alerts.
>
gok is doing a getattr on all mounted file systems, which is probably causing this avc. It will also be allowed in next release.
Fixed in selinux-policy-3.6.32-66.fc12.noarch
> Paolo
>
>
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]