FC6T1 avc denied messages
Jay Cliburn
jacliburn at bellsouth.net
Sun Jun 25 18:19:58 UTC 2006
I installed FC6T1 in the last day or two, and I'm seeing lots of
avc:denied messages when something tries to access the network. The
common thread seems to be netif. SELinux is enforcing.
I relabeled with:
setfiles /etc/selinux/targeted/contexts/files/file_contexts /
but the problem persists.
[root at gadwall etc]# grep "avc: denied" /var/log/messages | more
Jun 25 04:12:39 gadwall kernel: audit(1151226759.322:28): avc: denied { send } for pid=4327 comm="local" saddr=127.0.0.1 src=32769 daddr=127.0.0.1 dest=512 netif=lo scontext=system_u:system_r:postfix_local_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 04:26:44 gadwall kernel: audit(1151227604.199:29): avc: denied { send } for pid=28419 comm="smtp" saddr=192.168.1.8 src=54461 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 04:26:47 gadwall kernel: audit(1151227607.199:30): avc: denied { send } for pid=28697 comm="makewhatis" saddr=192.168.1.8 src=54461 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 04:26:53 gadwall kernel: audit(1151227613.199:31): avc: denied { send } for pid=29189 comm="gawk" saddr=192.168.1.8 src=54461 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 04:27:05 gadwall kernel: audit(1151227625.200:32): avc: denied { send } for pid=30221 comm="gawk" saddr=192.168.1.8 src=54461 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 05:00:03 gadwall kernel: audit(1151229603.556:33): avc: denied { send } for pid=22871 comm="smtp" saddr=192.168.1.8 src=46979 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 05:00:06 gadwall kernel: audit(1151229606.556:34): avc: denied { send } for saddr=192.168.1.8 src=46979 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 05:00:12 gadwall kernel: audit(1151229612.556:35): avc: denied { send } for saddr=192.168.1.8 src=46979 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 05:00:24 gadwall kernel: audit(1151229624.557:36): avc: denied { send } for saddr=192.168.1.8 src=46979 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 06:06:43 gadwall kernel: audit(1151233603.890:37): avc: denied { send } for pid=22984 comm="smtp" saddr=192.168.1.8 src=46089 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 06:06:46 gadwall kernel: audit(1151233606.890:38): avc: denied { send } for saddr=192.168.1.8 src=46089 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 06:06:52 gadwall kernel: audit(1151233612.890:39): avc: denied { send } for saddr=192.168.1.8 src=46089 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 06:07:04 gadwall kernel: audit(1151233624.891:40): avc: denied { send } for saddr=192.168.1.8 src=46089 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 07:30:04 gadwall kernel: audit(1151238604.282:41): avc: denied { send } for pid=23122 comm="smtp" saddr=192.168.1.8 src=34065 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 07:30:07 gadwall kernel: audit(1151238607.283:42): avc: denied { send } for saddr=192.168.1.8 src=34065 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 07:30:13 gadwall kernel: audit(1151238613.283:43): avc: denied { send } for saddr=192.168.1.8 src=34065 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 07:30:25 gadwall kernel: audit(1151238625.284:44): avc: denied { send } for saddr=192.168.1.8 src=34065 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 08:53:25 gadwall kernel: audit(1151243605.259:45): avc: denied { send } for pid=23349 comm="smtp" saddr=192.168.1.8 src=33208 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 08:53:28 gadwall kernel: audit(1151243608.259:46): avc: denied { send } for saddr=192.168.1.8 src=33208 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 08:53:34 gadwall kernel: audit(1151243614.259:47): avc: denied { send } for saddr=192.168.1.8 src=33208 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 08:53:46 gadwall kernel: audit(1151243626.260:48): avc: denied { send } for saddr=192.168.1.8 src=33208 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 10:16:44 gadwall kernel: audit(1151248604.735:49): avc: denied { send } for pid=23490 comm="smtp" saddr=192.168.1.8 src=47209 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 10:16:47 gadwall kernel: audit(1151248607.736:50): avc: denied { send } for saddr=192.168.1.8 src=47209 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 10:16:53 gadwall kernel: audit(1151248613.736:51): avc: denied { send } for saddr=192.168.1.8 src=47209 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 10:17:05 gadwall kernel: audit(1151248625.737:52): avc: denied { send } for saddr=192.168.1.8 src=47209 daddr=192.168.1.3 dest=25 netif=eth0 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 11:25:07 gadwall kernel: audit(1151252707.572:53): avc: denied { send } for pid=23734 comm="ntpd" saddr=192.168.1.8 src=32771 daddr=4.2.2.1 dest=53 netif=eth0 scontext=user_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 11:25:07 gadwall kernel: audit(1151252707.572:54): avc: denied { send } for pid=23734 comm="ntpd" saddr=192.168.1.8 src=32771 daddr=4.2.2.2 dest=53 netif=eth0 scontext=user_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
Jun 25 11:25:07 gadwall kernel: audit(1151252707.572:55): avc: denied { send } for pid=23734 comm="ntpd" saddr=192.168.1.8 src=32771 daddr=4.2.2.1 dest=53 netif=eth0 scontext=user_u:system_r:ntpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=packet
More information about the fedora-selinux-list
mailing list