[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Two SELinux AVC denials running with yesterday's rawhide updates -- /usr/bin/updatedb and /sbin/dhcdbd



Summary
   SELinux is preventing /usr/bin/updatedb (locate_t) "search" to / (dosfs_t).

Detailed Description
   SELinux denied access requested by /usr/bin/updatedb. It is not expected
   that this access is required by /usr/bin/updatedb and this access may signal
   an intrusion attempt. It is also possible that the specific version or
   configuration of the application is causing it to require additional access.

Allowing Access
   Sometimes labeling problems can cause SELinux denials.  You could try to
   restore the default system file context for /, restorecon -v / If this does
   not work, there is currently no automatic way to allow this access. Instead,
   you can generate a local policy module to allow this access - see
   http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable
   SELinux protection altogether. Disabling SELinux protection is not
   recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
   against this package.

Additional Information

Source Context                system_u:system_r:locate_t
Target Context                system_u:object_r:dosfs_t
Target Objects                / [ dir ]
Affected RPM Packages         mlocate-0.16-1 [application]filesystem-2.4.6-1.fc7
                             [target]
Policy RPM                    selinux-policy-2.6.1-1.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.catchall_file
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.21-1.3116.fc7 #1
                             SMP Thu Apr 26 10:36:44 EDT 2007 i686 athlon
Alert Count                   2
First Seen                    Wed 02 May 2007 02:24:50 PM PDT
Last Seen                     Sun 13 May 2007 10:23:40 PM PDT
Local ID                      6e0c127c-8364-4122-ad26-27684542b5e0
Line Numbers

Raw Audit Messages

avc: denied { search } for comm="updatedb" dev=sda6 egid=0 euid=0
exe="/usr/bin/updatedb" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="/" pid=7589
scontext=system_u:system_r:locate_t:s0 sgid=0 subj=system_u:system_r:locate_t:s0
suid=0 tclass=dir tcontext=system_u:object_r:dosfs_t:s0 tty=(none) uid=0

---------------------------------------------------------------------

Summary
   SELinux is preventing /sbin/dhcdbd (dhcpc_t) "read" to /etc/dbus-1/system.d
   (dbusd_etc_t).

Detailed Description
   SELinux denied access requested by /sbin/dhcdbd. It is not expected that
   this access is required by /sbin/dhcdbd and this access may signal an
   intrusion attempt. It is also possible that the specific version or
   configuration of the application is causing it to require additional access.

Allowing Access
   Sometimes labeling problems can cause SELinux denials.  You could try to
   restore the default system file context for /etc/dbus-1/system.d, restorecon
   -v /etc/dbus-1/system.d If this does not work, there is currently no
   automatic way to allow this access. Instead,  you can generate a local
   policy module to allow this access - see http://fedora.redhat.com/docs
   /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection
   altogether. Disabling SELinux protection is not recommended. Please file a
   http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.

Additional Information

Source Context                system_u:system_r:dhcpc_t
Target Context                system_u:object_r:dbusd_etc_t
Target Objects                /etc/dbus-1/system.d [ dir ]
Affected RPM Packages         dhcdbd-2.7-4.fc7 [application]dbus-1.0.2-4.fc7
                             [target]
Policy RPM                    selinux-policy-2.6.1-1.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.catchall_file
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.21-1.3116.fc7 #1
                             SMP Thu Apr 26 10:36:44 EDT 2007 i686 athlon
Alert Count                   1
First Seen                    Sun 13 May 2007 09:59:39 PM PDT
Last Seen                     Sun 13 May 2007 09:59:39 PM PDT
Local ID                      82e7ce83-8b5c-40c5-906e-2873db2c0c18
Line Numbers

Raw Audit Messages

avc: denied { read } for comm="dhcdbd" dev=sda5 egid=81 euid=81
exe="/sbin/dhcdbd" exit=0 fsgid=81 fsuid=81 gid=81 items=0 name="system.d"
path="/etc/dbus-1/system.d" pid=5960 scontext=system_u:system_r:dhcpc_t:s0
sgid=81 subj=system_u:system_r:dhcpc_t:s0 suid=81 tclass=dir
tcontext=system_u:object_r:dbusd_etc_t:s0 tty=(none) uid=81


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]