squirrelmail gpg plugin and selinux problem

George Avrunin avrunin at math.umass.edu
Wed Apr 11 13:46:57 UTC 2007 

On Tue, 10 Apr 2007 16:37:49 -0400, Daniel J Walsh <dwalsh at redhat.com>
wrote:

> Daniel J Walsh wrote:

> Could you attempt this in permissive mode to see what avc's are generated.
> 

Here's what I get:

type=MAC_STATUS msg=audit(1176298839.401:39085): enforcing=0 old_enforcing=1 auid=0
type=SYSCALL msg=audit(1176298839.401:39085): arch=40000003 syscall=4 success=yes exit=1 a0=3 a1=bfb40c84 a2=1 a3=bfb40c84 items=0 ppid=5011 pid=5101 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 comm="setenforce" exe="/usr/sbin/setenforce" subj=root:system_r:unconfined_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1176298889.184:39086): avc:  denied  { read } for  pid=5123 comm="sh" name="[3258105]" dev=eventpollfs ino=3258105 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=root:system_r:httpd_t:s0 tclass=file
type=SYSCALL msg=audit(1176298889.184:39086): arch=40000003 syscall=11 success=yes exit=0 a0=33c4bd a1=bf97df1c a2=823e2858 a3=400 items=0 ppid=29389 pid=5123 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) comm="sh" exe="/bin/bash" subj=root:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC_PATH msg=audit(1176298889.184:39086):  path="eventpoll:[3258105]"
type=AVC msg=audit(1176298889.431:39087): avc:  denied  { setrlimit } for  pid=5125 comm="gpg" scontext=root:system_r:httpd_sys_script_t:s0 tcontext=root:system_r:httpd_sys_script_t:s0 tclass=process
type=SYSCALL msg=audit(1176298889.431:39087): arch=40000003 syscall=75 success=yes exit=0 a0=4 a1=bff9bd0c a2=25fff4 a3=800c0cbb items=0 ppid=5123 pid=5125 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) comm="gpg" exe="/usr/bin/gpg" subj=root:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1176298889.499:39088): avc:  denied  { search } for  pid=5125 comm="gpg" name="prefs" dev=hda1 ino=3957656 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:httpd_squirrelmail_t:s0 tclass=dir
type=AVC msg=audit(1176298889.499:39088): avc:  denied  { search } for  pid=5125 comm="gpg" name="avrunin.gnupg" dev=hda1 ino=4674917 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=root:object_r:httpd_squirrelmail_t:s0 tclass=dir
type=SYSCALL msg=audit(1176298889.499:39088): arch=40000003 syscall=33 success=no exit=-2 a0=8154c8a8 a1=4 a2=800edbbc a3=8154c890 items=0 ppid=5123 pid=5125 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) comm="gpg" exe="/usr/bin/gpg" subj=root:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1176298889.500:39089): avc:  denied  { getattr } for  pid=5125 comm="gpg" name="avrunin.gnupg" dev=hda1 ino=4674917 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=root:object_r:httpd_squirrelmail_t:s0 tclass=dir
type=SYSCALL msg=audit(1176298889.500:39089): arch=40000003 syscall=195 success=yes exit=0 a0=8154c920 a1=bff9bcdc a2=25fff4 a3=bff9df10 items=0 ppid=5123 pid=5125 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) comm="gpg" exe="/usr/bin/gpg" subj=root:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC_PATH msg=audit(1176298889.500:39089):  path="/var/lib/squirrelmail/prefs/avrunin.gnupg"
type=AVC msg=audit(1176298889.500:39090): avc:  denied  { getattr } for  pid=5125 comm="gpg" name="prefs" dev=hda1 ino=3957656 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:httpd_squirrelmail_t:s0 tclass=dir
type=SYSCALL msg=audit(1176298889.500:39090): arch=40000003 syscall=195 success=yes exit=0 a0=8154c950 a1=bff9bc7c a2=25fff4 a3=8154c950 items=0 ppid=5123 pid=5125 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) comm="gpg" exe="/usr/bin/gpg" subj=root:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC_PATH msg=audit(1176298889.500:39090):  path="/var/lib/squirrelmail/prefs"
type=AVC msg=audit(1176298889.513:39091): avc:  denied  { getattr } for  pid=5125 comm="gpg" name="secring.gpg" dev=hda1 ino=4674923 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=root:object_r:httpd_squirrelmail_t:s0 tclass=file
type=SYSCALL msg=audit(1176298889.513:39091): arch=40000003 syscall=197 success=yes exit=0 a0=3 a1=bff9bc0c a2=25fff4 a3=8154cab8 items=0 ppid=5123 pid=5125 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) comm="gpg" exe="/usr/bin/gpg" subj=root:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC_PATH msg=audit(1176298889.513:39091):  path="/var/lib/squirrelmail/prefs/avrunin.gnupg/secring.gpg"
type=AVC msg=audit(1176298889.531:39092): avc:  denied  { lock } for  pid=5125 comm="gpg" name="random_seed" dev=hda1 ino=4674920 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=root:object_r:httpd_squirrelmail_t:s0 tclass=file
type=SYSCALL msg=audit(1176298889.531:39092): arch=40000003 syscall=221 success=yes exit=0 a0=14 a1=d a2=bff9b5ec a3=bff9b5ec items=0 ppid=5123 pid=5125 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) comm="gpg" exe="/usr/bin/gpg" subj=root:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC_PATH msg=audit(1176298889.531:39092):  path="/var/lib/squirrelmail/prefs/avrunin.gnupg/random_seed"
type=AVC msg=audit(1176298889.563:39093): avc:  denied  { write } for  pid=5125 comm="gpg" name="random_seed" dev=hda1 ino=4674920 scontext=root:system_r:httpd_sys_script_t:s0 tcontext=root:object_r:httpd_squirrelmail_t:s0 tclass=file
type=SYSCALL msg=audit(1176298889.563:39093): arch=40000003 syscall=5 success=yes exit=21 a0=8154ca78 a1=8041 a2=180 a3=8041 items=0 ppid=5123 pid=5125 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) comm="gpg" exe="/usr/bin/gpg" subj=root:system_r:httpd_sys_script_t:s0 key=(null)
type=AVC msg=audit(1176298890.303:39094): avc:  denied  { read } for  pid=5129 comm="sendmail" name="[3258102]" dev=eventpollfs ino=3258102 scontext=root:system_r:system_mail_t:s0 tcontext=root:system_r:httpd_t:s0 tclass=file
type=SYSCALL msg=audit(1176298890.303:39094): arch=40000003 syscall=11 success=yes exit=0 a0=8c61a18 a1=8c61ce0 a2=8c61b18 a3=8c617f0 items=0 ppid=29385 pid=5129 auid=0 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=51 sgid=51 fsgid=51 tty=(none) comm="sendmail" exe="/usr/sbin/sendmail.sendmail" subj=root:system_r:system_mail_t:s0 key=(null)
type=AVC_PATH msg=audit(1176298890.303:39094):  path="eventpoll:[3258102]"
type=USER_AUTH msg=audit(1176298890.742:39095): user pid=5133 uid=0 auid=0 subj=root:system_r:dovecot_auth_t:s0 msg='PAM: authentication acct=avrunin : exe="/usr/libexec/dovecot/dovecot-auth" (hostname=127.0.0.1, addr=127.0.0.1, terminal=dovecot res=success)'
type=USER_ACCT msg=audit(1176298890.743:39096): user pid=5133 uid=0 auid=0 subj=root:system_r:dovecot_auth_t:s0 msg='PAM: accounting acct=avrunin : exe="/usr/libexec/dovecot/dovecot-auth" (hostname=127.0.0.1, addr=127.0.0.1, terminal=dovecot res=success)'
type=USER_AUTH msg=audit(1176298891.181:39097): user pid=5136 uid=0 auid=0 subj=root:system_r:dovecot_auth_t:s0 msg='PAM: authentication acct=avrunin : exe="/usr/libexec/dovecot/dovecot-auth" (hostname=127.0.0.1, addr=127.0.0.1, terminal=dovecot res=success)'
type=USER_ACCT msg=audit(1176298891.182:39098): user pid=5136 uid=0 auid=0 subj=root:system_r:dovecot_auth_t:s0 msg='PAM: accounting acct=avrunin : exe="/usr/libexec/dovecot/dovecot-auth" (hostname=127.0.0.1, addr=127.0.0.1, terminal=dovecot res=success)'

  George


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20070411/53283f2b/attachment-0001.sig>

More information about the fedora-list mailing list