Selinux and kernel-2.6.12-1.1381 Fedora Core 3

Antonio Olivares olivares14031 at yahoo.com
Sat Nov 5 04:09:00 UTC 2005 


--- Rahul Sundaram <sundaram at redhat.com> wrote:

> Antonio Olivares wrote:
> 
> >Dear Kind Folks,
> >   I recently updated one of my machines at work
> which
> >was running Fedora Core 3 to kernel-2.6.12-1.1381
> via
> >yum.  When I rebooted and booted to the new kernel,
> I
> >fired up firefox and could not load yahoo webpage. 
> I
> >tried google, Fedorafaq, Distrowatch and nothing. 
> I
> >suspected Selinux could be the culprit, so I did:
> >Hat -> System Settings -> Security Level and
> disabled
> >selinux.  Rebooted with new settings and viola I
> could
> >see yahoo, distrowatch, google, etc.  I went to
> >terminal fired up yum and yum update selinux and
> gave
> >me error message.  I tried again this time with
> >selinux-targetpolicy? (not to sure) but it went
> >through.  I reenabled selinux, and rebooted and
> could
> >not view any webpages again.  I will get back to
> the
> >machine on Monday, and it makes me wonder about
> what
> >do I need to do, which updates I need to run.  
> >
> >kernel installed ->	[kernel-2.6.12-1.1381_FC3.i686]
> >
> >I read very carefully the FAQ for SELinux from 
> >http://www.nsa.gov/selinux/info/faq.cfm
> >but I am still clueless.  I would like to keep
> selinux
> >enabled and still view webpages.  How can I still
> do
> >that?  
> >  
> >
> post to the fedora-selinux list with the AVC denied
> messages in 
> /var/log/messages. Fedora SELinux FAQ is available
> from
> 
> http://fedoraproject.org/wiki/Communicate
> http://fedora.redhat.com/docs/selinux-faq/
> 
> regards
> Rahul
> 
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe:
> https://www.redhat.com/mailman/listinfo/fedora-list
> 

I'll do that come Monday, thanks for helping.  In any
case, at home same thing happened, here are some avc
messages

audit(1131052412.181:2): avc:  denied  { name_connect
} for  pid=4314 comm="gkrellm" dest=7634
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:port_t tclass=tcp_socket
audit(1131052412.349:3): avc:  denied  { name_connect
} for  pid=4317 comm="eggcups" dest=631
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:reserved_port_t
tclass=tcp_socket
audit(1131052412.349:4): avc:  denied  { name_connect
} for  pid=4317 comm="eggcups" dest=631
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:reserved_port_t
tclass=tcp_socket
CSLIP: code copyright 1989 Regents of the University
of California
PPP generic driver version 2.4.2
PPP Deflate Compression module registered
audit(1131052690.058:5): avc:  denied  { name_connect
} for  pid=4602 comm="firefox-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052692.227:6): avc:  denied  { name_connect
} for  pid=4602 comm="firefox-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052699.727:7): avc:  denied  { name_connect
} for  pid=4602 comm="firefox-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052702.155:8): avc:  denied  { name_connect
} for  pid=4602 comm="firefox-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052713.032:9): avc:  denied  { name_connect
} for  pid=4602 comm="firefox-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052718.472:10): avc:  denied  { name_connect
} for  pid=4602 comm="firefox-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052726.685:11): avc:  denied  { name_connect
} for  pid=4602 comm="firefox-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052730.917:12): avc:  denied  { name_connect
} for  pid=4602 comm="firefox-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052743.510:13): avc:  denied  { name_connect
} for  pid=4617 comm="mozilla-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052746.942:14): avc:  denied  { name_connect
} for  pid=4617 comm="mozilla-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052843.092:15): avc:  denied  { name_connect
} for  pid=4692 comm="mozilla-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
audit(1131052848.928:16): avc:  denied  { name_connect
} for  pid=4692 comm="mozilla-bin" dest=443
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
[root at localhost ~]#  

[root at localhost ~]# tail /var/log/messages
Nov  3 21:20:37 localhost pppd[4658]: local  IP
address 66.201.8.152
Nov  3 21:20:37 localhost pppd[4658]: remote IP
address 66.201.8.6
Nov  3 21:20:37 localhost pppd[4658]: primary   DNS
address 168.215.176.2
Nov  3 21:20:37 localhost pppd[4658]: secondary DNS
address 12.176.80.9
Nov  3 21:20:43 localhost kernel:
audit(1131052843.092:15): avc:  denied  { name_connect
} for  pid=4692 comm="mozilla-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
Nov  3 21:20:48 localhost kernel:
audit(1131052848.928:16): avc:  denied  { name_connect
} for  pid=4692 comm="mozilla-bin" dest=443
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
Nov  3 21:23:01 localhost kernel:
audit(1131052981.865:17): avc:  denied  { name_connect
} for  pid=4692 comm="mozilla-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
Nov  3 21:23:03 localhost kernel:
audit(1131052983.717:18): avc:  denied  { name_connect
} for  pid=4692 comm="mozilla-bin" dest=80
scontext=user_u:system_r:unconfined_t
tcontext=system_u:object_r:http_port_t
tclass=tcp_socket
Nov  3 21:25:01 localhost crond(pam_unix)[4703]:
session opened for user root by (uid=0)
Nov  3 21:25:02 localhost crond(pam_unix)[4703]:
session closed for user root

Regards,

Antonio



		
__________________________________ 
Start your day with Yahoo! - Make it your home page! 
http://www.yahoo.com/r/hs

More information about the fedora-list mailing list