[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Stuff I found in my log?



>On 5/23/06, Knute Johnson <knute frazmtn com> wrote:
>> I found some interesting things in my 'messages' log today.  I'm not
>> sure what they mean and would appreciate any information.
>>
>> This one is the most bothersome.  It appears that 'useradd' was
>> prevented from running this morning only I didn't run it.  Would any
>> other programs run 'useradd' and what would cause it to be denied?
>>
>> May 23 05:11:49 rabbitbrush kernel: audit(1148386309.877:556): avc:
>> denied  { write } for  pid=13906 comm="useradd" name="[1708464]"
>> dev=pipefs ino=1708464 scontext=user_u:system_r:useradd_t:s0
>> tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file
>>
>
>Need some more information to help on this:
>
>What is your OS and its version?
>What is your selinux set to?
>When was the last time you updated your system to?

FC5.  Kernel 2.6.16-1.2111_FC5.

I assume you mean by to, is it enforcing and targeted?  It is.

May 15 04:18:39 Updated: selinux-policy.noarch 2.2.38-1.fc5
May 15 04:20:24 Updated: selinux-policy-targeted.noarch 2.2.38-1.fc5

/etc/selinux/conf

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=enforcing
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

Thanks very much,


-- 
Knute Johnson
Molon Labe...



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]