[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux is preventing /usr/sbin/cupsd "ipc_lock" access.



On 01/04/2010 12:52 PM, Paolo Galtieri wrote:
> I've started seeing this selinux alert
> 
> SELinux is preventing /usr/sbin/cupsd "ipc_lock" access.
> 
> [cupsd has a permissive type (cupsd_t). This access was not denied.]SELinux
> denied access requested by cupsd. It is not expected that this access is
> required by cupsd and this access may signal an intrusion attempt. It is
> also possible that the specific version or configuration of the application
> is causing it to require additional access
> 
> Is this something I should be concerned about?
THis is something new and will be allowed in the next policy update.  Not really something to be concerned about.
> 
> I'm also seeing this alert
> 
> SELinux is preventing /usr/bin/gok "getattr" access on /var/mail.
> 
> SELinux denied access requested by gok. It is not expected that this access
> is required by gok and this access may signal an intrusion attempt. It is
> also possible that the specific version or configuration of the application
> is causing it to require additional access.
> 
> I don't use gok so I'm not sure why I'm getting these alerts.
> 
gok is doing a getattr on all mounted file systems, which is probably causing this avc.  It will also be allowed in next release.

Fixed in selinux-policy-3.6.32-66.fc12.noarch
> Paolo
> 
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]