SELinux is preventing rsyslogd (syslogd_t) "read" to ./System.map-2.6.25-0.95.rc4.fc9 (system_map_t).

Antonio Olivares olivares14031 at yahoo.com
Sat Mar 8 19:25:06 UTC 2008 

Dear all, 

Upon installing the updates of rawhide Report
20080308, I got the following from setroubleshooter.  

Suggestions/Comments are welcome.

Regards,

Antonio 


Summary:

SELinux is preventing rsyslogd (syslogd_t) "read" to
./System.map-2.6.25-0.95.rc4.fc9 (system_map_t).

Detailed Description:

SELinux denied access requested by rsyslogd. It is not
expected that this access
is required by rsyslogd and this access may signal an
intrusion attempt. It is
also possible that the specific version or
configuration of the application is
causing it to require additional access.

Allowing Access:

Sometimes labeling problems can cause SELinux denials.
You could try to restore
the default system file context for
./System.map-2.6.25-0.95.rc4.fc9,

restorecon -v './System.map-2.6.25-0.95.rc4.fc9'

If this does not work, there is currently no automatic
way to allow this access.
Instead, you can generate a local policy module to
allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385)
Or you can disable
SELinux protection altogether. Disabling SELinux
protection is not recommended.
Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context               
unconfined_u:system_r:syslogd_t
Target Context               
system_u:object_r:system_map_t
Target Objects               
./System.map-2.6.25-0.95.rc4.fc9 [ file ]
Source                        rsyslogd
Source Path                   /sbin/rsyslogd
Port                          <Unknown>
Host                          localhost
Source RPM Packages           rsyslog-2.0.2-1.fc9
Target RPM Packages           
Policy RPM                   
selinux-policy-3.3.1-12.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall_file
Host Name                     localhost
Platform                      Linux localhost
2.6.25-0.95.rc4.fc9 #1 SMP Thu Mar
                              6 01:17:49 EST 2008 i686
athlon
Alert Count                   1
First Seen                    Sat 08 Mar 2008 07:58:10
AM CST
Last Seen                     Sat 08 Mar 2008 07:58:10
AM CST
Local ID                     
b9ac46d0-bfde-485c-8cec-2547c11a4daf
Line Numbers                  

Raw Audit Messages            

host=localhost type=AVC msg=audit(1204984690.594:21):
avc:  denied  { read } for  pid=2913 comm="rsyslogd"
name="System.map-2.6.25-0.95.rc4.fc9" dev=sda3
ino=6052 scontext=unconfined_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:system_map_t:s0 tclass=file

host=localhost type=SYSCALL
msg=audit(1204984690.594:21): arch=40000003 syscall=5
success=no exit=-13 a0=1357c0 a1=0 a2=1b6 a3=0 items=0
ppid=2912 pid=2913 auid=500 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1
comm="rsyslogd" exe="/sbin/rsyslogd"
subj=unconfined_u:system_r:syslogd_t:s0 key=(null)





      ____________________________________________________________________________________
Never miss a thing.  Make Yahoo your home page. 
http://www.yahoo.com/r/hs

More information about the fedora-test-list mailing list