selinux and ppp

bastard operater bofh1234 at hotmail.com
Sun Apr 4 16:27:35 UTC 2004


Thank you all for your suggestions.  When I setenforce=0 I can connect to 
the internet.  For those interested in messages here they are.  I am using  
policy-1.9.2-9.

Apr  4 09:31:39 excalibur kernel: audit(1081089099.311:0): avc:  granted  { 
setenforce } for  pid=1782 exe=/usr/bin/setenforce 
scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t 
tclass=security
Apr  4 09:31:44 excalibur kernel: audit(1081089104.072:0): avc:  denied  { 
getattr } for  pid=1783 exe=/usr/sbin/pppd path=/dev/tty1 dev=sdb2 
ino=870615 scontext=root:system_r:pppd_t 
tcontext=root:object_r:sysadm_tty_device_t tclass=chr_file
Apr  4 09:31:44 excalibur pppd[1784]: pppd 2.4.1 started by root, uid 0
Apr  4 09:31:45 excalibur kernel: audit(1081089105.077:0): avc:  denied  { 
append } for  pid=1785 exe=/usr/sbin/pppd name=connect-errors dev=sdb2 
ino=32552 scontext=root:system_r:pppd_t 
tcontext=system_u:object_r:pppd_etc_t tclass=file
Apr  4 09:31:45 excalibur kernel: audit(1081089105.081:0): avc:  denied  { 
execute } for  pid=1785 exe=/bin/bash name=ppp-on-dialer dev=sdb2 ino=32702 
scontext=root:system_r:pppd_t tcontext=system_u:object_r:pppd_etc_rw_t 
tclass=file
Apr  4 09:31:45 excalibur kernel: audit(1081089105.081:0): avc:  denied  { 
execute_no_trans } for  pid=1785 exe=/bin/bash path=/etc/ppp/ppp-on-dialer 
dev=sdb2 ino=32702 scontext=root:system_r:pppd_t 
tcontext=system_u:object_r:pppd_etc_rw_t tclass=file

The connect script runs and connects to the internet.

Apr  4 09:32:24 excalibur kernel: audit(1081089144.819:0): avc:  denied  { 
execute } for  pid=1805 exe=/usr/sbin/pppd name=ip-up dev=sdb2 ino=32586 
scontext=root:system_r:pppd_t tcontext=system_u:object_r:pppd_etc_t 
tclass=file
Apr  4 09:32:24 excalibur kernel: audit(1081089144.819:0): avc:  denied  { 
execute_no_trans } for  pid=1805 exe=/usr/sbin/pppd path=/etc/ppp/ip-up 
dev=sdb2 ino=32586 scontext=root:system_r:pppd_t 
tcontext=system_u:object_r:pppd_etc_t tclass=file

Thank you for help.

Jason

_________________________________________________________________
Limited-time offer: Fast, reliable MSN 9 Dial-up Internet access FREE for 2 
months! 
http://join.msn.com/?page=dept/dialup&pgmarket=en-us&ST=1/go/onm00200361ave/direct/01/





More information about the fedora-test-list mailing list