SELinux is preventing rsyslogd (syslogd_t) "read" to ./System.map-2.6.25-0.95.rc4.fc9 (system_map_t).
Antonio Olivares
olivares14031 at yahoo.com
Sat Mar 8 19:25:06 UTC 2008
Dear all,
Upon installing the updates of rawhide Report
20080308, I got the following from setroubleshooter.
Suggestions/Comments are welcome.
Regards,
Antonio
Summary:
SELinux is preventing rsyslogd (syslogd_t) "read" to
./System.map-2.6.25-0.95.rc4.fc9 (system_map_t).
Detailed Description:
SELinux denied access requested by rsyslogd. It is not
expected that this access
is required by rsyslogd and this access may signal an
intrusion attempt. It is
also possible that the specific version or
configuration of the application is
causing it to require additional access.
Allowing Access:
Sometimes labeling problems can cause SELinux denials.
You could try to restore
the default system file context for
./System.map-2.6.25-0.95.rc4.fc9,
restorecon -v './System.map-2.6.25-0.95.rc4.fc9'
If this does not work, there is currently no automatic
way to allow this access.
Instead, you can generate a local policy module to
allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385)
Or you can disable
SELinux protection altogether. Disabling SELinux
protection is not recommended.
Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context
unconfined_u:system_r:syslogd_t
Target Context
system_u:object_r:system_map_t
Target Objects
./System.map-2.6.25-0.95.rc4.fc9 [ file ]
Source rsyslogd
Source Path /sbin/rsyslogd
Port <Unknown>
Host localhost
Source RPM Packages rsyslog-2.0.2-1.fc9
Target RPM Packages
Policy RPM
selinux-policy-3.3.1-12.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall_file
Host Name localhost
Platform Linux localhost
2.6.25-0.95.rc4.fc9 #1 SMP Thu Mar
6 01:17:49 EST 2008 i686
athlon
Alert Count 1
First Seen Sat 08 Mar 2008 07:58:10
AM CST
Last Seen Sat 08 Mar 2008 07:58:10
AM CST
Local ID
b9ac46d0-bfde-485c-8cec-2547c11a4daf
Line Numbers
Raw Audit Messages
host=localhost type=AVC msg=audit(1204984690.594:21):
avc: denied { read } for pid=2913 comm="rsyslogd"
name="System.map-2.6.25-0.95.rc4.fc9" dev=sda3
ino=6052 scontext=unconfined_u:system_r:syslogd_t:s0
tcontext=system_u:object_r:system_map_t:s0 tclass=file
host=localhost type=SYSCALL
msg=audit(1204984690.594:21): arch=40000003 syscall=5
success=no exit=-13 a0=1357c0 a1=0 a2=1b6 a3=0 items=0
ppid=2912 pid=2913 auid=500 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1
comm="rsyslogd" exe="/sbin/rsyslogd"
subj=unconfined_u:system_r:syslogd_t:s0 key=(null)
____________________________________________________________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs
More information about the fedora-test-list
mailing list