rawhide yum denied for transition bootloader_t, two alerts

Andrew Farris lordmorgul at gmail.com
Mon Mar 17 10:14:26 UTC 2008 

These happen on two machines during updates,  I'm also noticing many
%post scriptlets failing when these pop up, though I don't know if
they are related or not.

Summary:

SELinux is preventing yum (bootloader_t) "transition" to /sbin/ldconfig
(rpm_script_t).

Detailed Description:

SELinux denied access requested by yum. It is not expected that this access is
required by yum and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                user_u:system_r:bootloader_t:s0
Target Context                user_u:system_r:rpm_script_t:s0
Target Objects                /sbin/ldconfig [ process ]
Source                        yum
Source Path                   /usr/bin/python
Port                          <Unknown>
Host                          durthangnix
Source RPM Packages           python-2.5.1-23.fc9
Target RPM Packages           glibc-2.7.90-9
Policy RPM                    selinux-policy-3.3.1-14.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     durthangnix
Platform                      Linux durthangnix 2.6.25-0.105.rc5.fc9 #1 SMP Mon
                              Mar 10 20:59:23 EDT 2008 x86_64 x86_64
Alert Count                   35
First Seen                    Thu 13 Mar 2008 11:19:15 PM PDT
Last Seen                     Thu 13 Mar 2008 11:32:48 PM PDT
Local ID                      36d70abc-d12d-42f2-96bf-ab7250e29da1
Line Numbers

Raw Audit Messages

host=durthangnix type=AVC msg=audit(1205476368.460:1339): avc:  denied
 { transition } for  pid=28100 comm="yum" path="/sbin/ldconfig"
dev=sda3 ino=858775 scontext=user_u:system_r:bootloader_t:s0
tcontext=user_u:system_r:rpm_script_t:s0 tclass=process

host=durthangnix type=SYSCALL msg=audit(1205476368.460:1339):
arch=c000003e syscall=59 success=no exit=-13 a0=7ff2034c2aca
a1=7fff1bd22350 a2=7ff20aa927d0 a3=3b8896c9f0 items=0 ppid=27144
pid=28100 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts1 ses=4 comm="yum" exe="/usr/bin/python"
subj=user_u:system_r:bootloader_t:s0 key=(null)



Summary:

SELinux is preventing yum (bootloader_t) "transition" to /bin/bash
(rpm_script_t).

Detailed Description:

SELinux denied access requested by yum. It is not expected that this access is
required by yum and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                user_u:system_r:bootloader_t:s0
Target Context                user_u:system_r:rpm_script_t:s0
Target Objects                /bin/bash [ process ]
Source                        rpm
Source Path                   /bin/rpm
Port                          <Unknown>
Host                          durthangnix
Source RPM Packages           python-2.5.1-23.fc9
Target RPM Packages           bash-3.2-21.fc9
Policy RPM                    selinux-policy-3.3.1-14.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     durthangnix
Platform                      Linux durthangnix 2.6.25-0.105.rc5.fc9 #1 SMP Mon
                              Mar 10 20:59:23 EDT 2008 x86_64 x86_64
Alert Count                   48
First Seen                    Thu 13 Mar 2008 10:00:05 AM PDT
Last Seen                     Thu 13 Mar 2008 11:32:48 PM PDT
Local ID                      75a34bf7-d467-444b-bfb4-9a931b3af238
Line Numbers

Raw Audit Messages

host=durthangnix type=AVC msg=audit(1205476368.64:1338): avc:  denied
{ transition } for  pid=28099 comm="yum" path="/bin/bash" dev=sda3
ino=835647 scontext=user_u:system_r:bootloader_t:s0
tcontext=user_u:system_r:rpm_script_t:s0 tclass=process

host=durthangnix type=SYSCALL msg=audit(1205476368.64:1338):
arch=c000003e syscall=59 success=no exit=-13 a0=7ff20063e90d
a1=7fff1bd22350 a2=7ff20aa927d0 a3=3b8896c9f0 items=0 ppid=27144
pid=28099 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts1 ses=4 comm="yum" exe="/usr/bin/python"
subj=user_u:system_r:bootloader_t:s0 key=(null)



-- 
-- 
Andrew Farris <lordmorgul at gmail.com> www.lordmorgul.net
 gpg 0xC99B1DF3 fingerprint CDEC 6FAD BA27 40DF 707E A2E0 F0F6 E622 C99B 1DF3
No one now has, and no one will ever again get, the big picture. - Daniel Geer
---- ----

More information about the fedora-selinux-list mailing list