[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Stuff I found in my log?

>On 5/23/06, Knute Johnson <knute frazmtn com> wrote:
>> I found some interesting things in my 'messages' log today.  I'm not
>> sure what they mean and would appreciate any information.
>> This one is the most bothersome.  It appears that 'useradd' was
>> prevented from running this morning only I didn't run it.  Would any
>> other programs run 'useradd' and what would cause it to be denied?
>> May 23 05:11:49 rabbitbrush kernel: audit(1148386309.877:556): avc:
>> denied  { write } for  pid=13906 comm="useradd" name="[1708464]"
>> dev=pipefs ino=1708464 scontext=user_u:system_r:useradd_t:s0
>> tcontext=user_u:system_r:unconfined_t:s0 tclass=fifo_file
>Need some more information to help on this:
>What is your OS and its version?
>What is your selinux set to?
>When was the last time you updated your system to?

FC5.  Kernel 2.6.16-1.2111_FC5.

I assume you mean by to, is it enforcing and targeted?  It is.

May 15 04:18:39 Updated: selinux-policy.noarch 2.2.38-1.fc5
May 15 04:20:24 Updated: selinux-policy-targeted.noarch 2.2.38-1.fc5


# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.

# SETLOCALDEFS= Check local definition changes

Thanks very much,

Knute Johnson
Molon Labe...

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]