SELinux advisory

Paolo Galtieri pgaltieri at gmail.com
Fri Jun 26 15:20:24 UTC 2009 

I keep getting the following SELinux alert. 

  SELinux is preventing hostname (hostname_t) "read" security_t

The alert data is shown below.  I'm not sure what I might have changed 
to cause this.

Paolo

Summary:

SELinux is preventing hostname (hostname_t) "read" security_t.

Detailed Description:

SELinux denied access requested by hostname. It is not expected that 
this access
is required by hostname and this access may signal an intrusion attempt. 
It is
also possible that the specific version or configuration of the 
application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can 
disable
SELinux protection altogether. Disabling SELinux protection is not 
recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:hostname_t:s0
Target Context                system_u:object_r:security_t:s0
Target Objects                mls [ file ]
Source                        hostname
Source Path                   /bin/hostname
Port                          <Unknown>
Host                          peglaptop10
Source RPM Packages           net-tools-1.60-92.fc11
Target RPM Packages          
Policy RPM                    selinux-policy-3.6.12-50.fc11
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     peglaptop10
Platform                      Linux peglaptop10 2.6.29.5-191.fc11.x86_64 
#1 SMP
                              Tue Jun 16 23:23:21 EDT 2009 x86_64 x86_64
Alert Count                   108
First Seen                    Fri 19 Jun 2009 06:33:48 PM MST
Last Seen                     Fri 26 Jun 2009 07:31:49 AM MST
Local ID                      2bc187c8-f1ab-4a44-8c0b-cc092191743b
Line Numbers                 

Raw Audit Messages           

node=peglaptop10 type=AVC msg=audit(1246026709.145:1331): avc:  denied  
{ read } for  pid=14213 comm="hostname" name="mls" dev=selinuxfs ino=12 
scontext=system_u:system_r:hostname_t:s0 
tcontext=system_u:object_r:security_t:s0 tclass=file

node=peglaptop10 type=SYSCALL msg=audit(1246026709.145:1331): 
arch=c000003e syscall=2 success=no exit=-13 a0=7fff3f294550 a1=0 
a2=7fff3f29455c a3=fffffff8 items=0 ppid=14200 pid=14213 auid=4294967295 
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) 
ses=4294967295 comm="hostname" exe="/bin/hostname" 
subj=system_u:system_r:hostname_t:s0 key=(null)

More information about the fedora-list mailing list