[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
updatedb alert
- From: "Valent Turkovic" <valent turkovic gmail com>
- To: fedora-selinux-list redhat com
- Subject: updatedb alert
- Date: Mon, 17 Mar 2008 10:18:37 +0100
Here a few alerts I got when updatedb got started by cron.
Valent.
--
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic
Sažetak:
SELinux is preventing updatedb (locate_t) "read" to / (unlabeled_t).
Detaljan opis:
[SELinux is in permissive mode, the operation would have been denied but was
permitted due to permissive mode.]
SELinux denied access requested by updatedb. It is not expected that this access
is required by updatedb and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Dopuštanje pristupa:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /,
restorecon -v '/'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Dodatni podaci:
Izvorni kontekst system_u:system_r:locate_t:s0
Ciljani kontekst system_u:object_r:unlabeled_t:s0
Ciljani objekti / [ dir ]
Source updatedb
Source Path /usr/bin/updatedb
Port <Nepoznato>
Host valent.oswireless
Source RPM Packages mlocate-0.18-1
Target RPM Packages filesystem-2.4.11-1.fc8
RPM pravila selinux-policy-3.0.8-93.fc8
Selinux je omoguÄen True
Vrsta pravila targeted
MLS je omoguÄen True
NaÄin prisile Permissive
Naziv dodatka catchall_file
Naziv raÄunala valent.oswireless
Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed
Mar 12 18:17:20 EDT 2008 i686 i686
Broj uzbuna 1
First Seen Pon 17 Ožu 2008 10:15:48
Last Seen Pon 17 Ožu 2008 10:15:48
Local ID 7991dc61-e67b-4a09-8782-a5d2d38a8fe6
Brojevi redaka
Sirova poruke revizije
host=valent.oswireless type=AVC msg=audit(1205745348.737:60): avc: denied { read } for pid=11206 comm="updatedb" name="/" dev=loop0 ino=2 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir
host=valent.oswireless type=SYSCALL msg=audit(1205745348.737:60): arch=40000003 syscall=5 success=yes exit=9 a0=804e2e9 a1=58000 a2=0 a3=58000 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak:
SELinux is preventing updatedb (locate_t) "search" to / (unlabeled_t).
Detaljan opis:
[SELinux is in permissive mode, the operation would have been denied but was
permitted due to permissive mode.]
SELinux denied access requested by updatedb. It is not expected that this access
is required by updatedb and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Dopuštanje pristupa:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /,
restorecon -v '/'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Dodatni podaci:
Izvorni kontekst system_u:system_r:locate_t:s0
Ciljani kontekst system_u:object_r:unlabeled_t:s0
Ciljani objekti / [ dir ]
Source updatedb
Source Path /usr/bin/updatedb
Port <Nepoznato>
Host valent.oswireless
Source RPM Packages mlocate-0.18-1
Target RPM Packages filesystem-2.4.11-1.fc8
RPM pravila selinux-policy-3.0.8-93.fc8
Selinux je omoguÄen True
Vrsta pravila targeted
MLS je omoguÄen True
NaÄin prisile Permissive
Naziv dodatka catchall_file
Naziv raÄunala valent.oswireless
Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed
Mar 12 18:17:20 EDT 2008 i686 i686
Broj uzbuna 1
First Seen Pon 17 Ožu 2008 10:15:48
Last Seen Pon 17 Ožu 2008 10:15:48
Local ID 10c13adf-7cc2-4be6-a443-a32cabfffa96
Brojevi redaka
Sirova poruke revizije
host=valent.oswireless type=AVC msg=audit(1205745348.737:58): avc: denied { search } for pid=11206 comm="updatedb" name="/" dev=loop0 ino=2 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir
host=valent.oswireless type=SYSCALL msg=audit(1205745348.737:58): arch=40000003 syscall=12 success=yes exit=0 a0=87b8d31 a1=8000 a2=bfedcb40 a3=87b8d31 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak:
SELinux is preventing updatedb (locate_t) "getattr" to /mnt/test1 (unlabeled_t).
Detaljan opis:
[SELinux is in permissive mode, the operation would have been denied but was
permitted due to permissive mode.]
SELinux denied access requested by updatedb. It is not expected that this access
is required by updatedb and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Dopuštanje pristupa:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /mnt/test1,
restorecon -v '/mnt/test1'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Dodatni podaci:
Izvorni kontekst system_u:system_r:locate_t:s0
Ciljani kontekst system_u:object_r:unlabeled_t:s0
Ciljani objekti /mnt/test1 [ dir ]
Source updatedb
Source Path /usr/bin/updatedb
Port <Nepoznato>
Host valent.oswireless
Source RPM Packages mlocate-0.18-1
Target RPM Packages
RPM pravila selinux-policy-3.0.8-93.fc8
Selinux je omoguÄen True
Vrsta pravila targeted
MLS je omoguÄen True
NaÄin prisile Permissive
Naziv dodatka catchall_file
Naziv raÄunala valent.oswireless
Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed
Mar 12 18:17:20 EDT 2008 i686 i686
Broj uzbuna 1
First Seen Pon 17 Ožu 2008 10:15:48
Last Seen Pon 17 Ožu 2008 10:15:48
Local ID b3d8abd6-0553-4722-b027-bffa8e8c6504
Brojevi redaka
Sirova poruke revizije
host=valent.oswireless type=AVC msg=audit(1205745348.737:59): avc: denied { getattr } for pid=11206 comm="updatedb" path="/mnt/test1" dev=loop0 ino=2 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir
host=valent.oswireless type=SYSCALL msg=audit(1205745348.737:59): arch=40000003 syscall=196 success=yes exit=0 a0=804e2e9 a1=bfedc7fc a2=d33ff4 a3=87b8d31 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak:
SELinux is preventing updatedb (locate_t) "read" to ./Cache (unlabeled_t).
Detaljan opis:
[SELinux is in permissive mode, the operation would have been denied but was
permitted due to permissive mode.]
SELinux denied access requested by updatedb. It is not expected that this access
is required by updatedb and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Dopuštanje pristupa:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for ./Cache,
restorecon -v './Cache'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Dodatni podaci:
Izvorni kontekst system_u:system_r:locate_t:s0
Ciljani kontekst system_u:object_r:unlabeled_t:s0
Ciljani objekti ./Cache [ dir ]
Source updatedb
Source Path /usr/bin/updatedb
Port <Nepoznato>
Host valent.oswireless
Source RPM Packages mlocate-0.18-1
Target RPM Packages
RPM pravila selinux-policy-3.0.8-93.fc8
Selinux je omoguÄen True
Vrsta pravila targeted
MLS je omoguÄen True
NaÄin prisile Permissive
Naziv dodatka catchall_file
Naziv raÄunala valent.oswireless
Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed
Mar 12 18:17:20 EDT 2008 i686 i686
Broj uzbuna 1
First Seen Pon 17 Ožu 2008 10:15:34
Last Seen Pon 17 Ožu 2008 10:15:34
Local ID b8c9f0cc-561b-4c1f-8049-7171d68d3d33
Brojevi redaka
Sirova poruke revizije
host=valent.oswireless type=AVC msg=audit(1205745334.473:57): avc: denied { read } for pid=11206 comm="updatedb" name="Cache" dev=sda13 ino=2097606 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir
host=valent.oswireless type=SYSCALL msg=audit(1205745334.473:57): arch=40000003 syscall=5 success=yes exit=13 a0=804e2e9 a1=58000 a2=0 a3=58000 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak:
SELinux is preventing updatedb (locate_t) "search" to ./Cache (unlabeled_t).
Detaljan opis:
[SELinux is in permissive mode, the operation would have been denied but was
permitted due to permissive mode.]
SELinux denied access requested by updatedb. It is not expected that this access
is required by updatedb and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Dopuštanje pristupa:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for ./Cache,
restorecon -v './Cache'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Dodatni podaci:
Izvorni kontekst system_u:system_r:locate_t:s0
Ciljani kontekst system_u:object_r:unlabeled_t:s0
Ciljani objekti ./Cache [ dir ]
Source updatedb
Source Path /usr/bin/updatedb
Port <Nepoznato>
Host valent.oswireless
Source RPM Packages mlocate-0.18-1
Target RPM Packages
RPM pravila selinux-policy-3.0.8-93.fc8
Selinux je omoguÄen True
Vrsta pravila targeted
MLS je omoguÄen True
NaÄin prisile Permissive
Naziv dodatka catchall_file
Naziv raÄunala valent.oswireless
Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed
Mar 12 18:17:20 EDT 2008 i686 i686
Broj uzbuna 1
First Seen Pon 17 Ožu 2008 10:15:34
Last Seen Pon 17 Ožu 2008 10:15:34
Local ID 9cb1a545-ff01-4357-a893-3c8778f91e6c
Brojevi redaka
Sirova poruke revizije
host=valent.oswireless type=AVC msg=audit(1205745334.473:56): avc: denied { search } for pid=11206 comm="updatedb" name="Cache" dev=sda13 ino=2097606 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir
host=valent.oswireless type=SYSCALL msg=audit(1205745334.473:56): arch=40000003 syscall=12 success=yes exit=0 a0=87bbe4d a1=8000 a2=bfedc540 a3=87bbe4d items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak:
SELinux is preventing updatedb (locate_t) "getattr" to
/home/valentt/.mozilla/firefox/q71tjyey.default/Cache (unlabeled_t).
Detaljan opis:
[SELinux is in permissive mode, the operation would have been denied but was
permitted due to permissive mode.]
SELinux denied access requested by updatedb. It is not expected that this access
is required by updatedb and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Dopuštanje pristupa:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for
/home/valentt/.mozilla/firefox/q71tjyey.default/Cache,
restorecon -v '/home/valentt/.mozilla/firefox/q71tjyey.default/Cache'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Dodatni podaci:
Izvorni kontekst system_u:system_r:locate_t:s0
Ciljani kontekst system_u:object_r:unlabeled_t:s0
Ciljani objekti /home/valentt/.mozilla/firefox/q71tjyey.default/Ca
che [ dir ]
Source updatedb
Source Path /usr/bin/updatedb
Port <Nepoznato>
Host valent.oswireless
Source RPM Packages mlocate-0.18-1
Target RPM Packages
RPM pravila selinux-policy-3.0.8-93.fc8
Selinux je omoguÄen True
Vrsta pravila targeted
MLS je omoguÄen True
NaÄin prisile Permissive
Naziv dodatka catchall_file
Naziv raÄunala valent.oswireless
Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed
Mar 12 18:17:20 EDT 2008 i686 i686
Broj uzbuna 1
First Seen Pon 17 Ožu 2008 10:15:34
Last Seen Pon 17 Ožu 2008 10:15:34
Local ID ced0ea51-8cb1-4cc8-ab49-8db43e3ac01c
Brojevi redaka
Sirova poruke revizije
host=valent.oswireless type=AVC msg=audit(1205745334.472:55): avc: denied { getattr } for pid=11206 comm="updatedb" path="/home/valentt/.mozilla/firefox/q71tjyey.default/Cache" dev=sda13 ino=2097606 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir
host=valent.oswireless type=SYSCALL msg=audit(1205745334.472:55): arch=40000003 syscall=196 success=yes exit=0 a0=87bbe4d a1=bfedc338 a2=d33ff4 a3=bfedc4b8 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]