dbus and kerneloops with selinux avc

Daniel J Walsh dwalsh at redhat.com
Thu Mar 5 14:11:41 UTC 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Antonio Olivares wrote:
> Dear all, 
> 
> after applying the updates, I encountered the following avc courtesy of setroubleshooter:
> 
> 
> Summary:
> 
> SELinux is preventing dbus-daemon-lau (system_dbusd_t) "execute"
> kerneloops_exec_t.
> 
> Detailed Description:
> 
> SELinux denied access requested by dbus-daemon-lau. It is not expected that this
> access is required by dbus-daemon-lau and this access may signal an intrusion
> attempt. It is also possible that the specific version or configuration of the
> application is causing it to require additional access.
> 
> Allowing Access:
> 
> You can generate a local policy module to allow this access - see FAQ
> (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
> SELinux protection altogether. Disabling SELinux protection is not recommended.
> Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
> against this package.
> 
> Additional Information:
> 
> Source Context                system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
> Target Context                system_u:object_r:kerneloops_exec_t:s0
> Target Objects                kerneloops [ file ]
> Source                        dbus-daemon-lau
> Source Path                   /lib/dbus-1/dbus-daemon-launch-helper
> Port                          <Unknown>
> Host                          riohigh
> Source RPM Packages           dbus-1.2.4.4permissive-4.fc11
> Target RPM Packages           
> Policy RPM                    selinux-policy-3.6.7-1.fc11
> Selinux Enabled               True
> Policy Type                   targeted
> MLS Enabled                   True
> Enforcing Mode                Enforcing
> Plugin Name                   catchall
> Host Name                     riohigh
> Platform                      Linux riohigh 2.6.29-0.197.rc7.fc11.i586 #1 SMP
>                               Tue Mar 3 23:01:11 EST 2009 i686 athlon
> Alert Count                   1
> First Seen                    Wed 04 Mar 2009 07:46:21 PM CST
> Last Seen                     Wed 04 Mar 2009 07:46:21 PM CST
> Local ID                      71016152-e696-4ba1-af79-497748fd156b
> Line Numbers                  
> 
> Raw Audit Messages            
> 
> node=riohigh type=AVC msg=audit(1236217581.391:21): avc:  denied  { execute } for  pid=3241 comm="dbus-daemon-lau" name="kerneloops" dev=sda5 ino=8699 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:kerneloops_exec_t:s0 tclass=file
> 
> node=riohigh type=SYSCALL msg=audit(1236217581.391:21): arch=40000003 syscall=11 success=no exit=-13 a0=9c95e20 a1=9c95de8 a2=9c95008 a3=9c98368 items=0 ppid=3240 pid=3241 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="dbus-daemon-lau" exe="/lib/dbus-1/dbus-daemon-launch-helper" subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 key=(null)
> 
> 
> 
> 
> Thanks,
> 
> Antonio 
> 
> 
>       
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Should be fixed in todays policy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmv3Z0ACgkQrlYvE4MpobMpHACgoI4FTsH8DgETgfi6zJvXYzFx
lGoAn2JLlGadrNoJt3MAP5td51oVqcGC
=1hRl
-----END PGP SIGNATURE-----

More information about the fedora-selinux-list mailing list