selinux and ppp
bastard operater
bofh1234 at hotmail.com
Sun Apr 4 16:27:35 UTC 2004
Thank you all for your suggestions. When I setenforce=0 I can connect to
the internet. For those interested in messages here they are. I am using
policy-1.9.2-9.
Apr 4 09:31:39 excalibur kernel: audit(1081089099.311:0): avc: granted {
setenforce } for pid=1782 exe=/usr/bin/setenforce
scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t
tclass=security
Apr 4 09:31:44 excalibur kernel: audit(1081089104.072:0): avc: denied {
getattr } for pid=1783 exe=/usr/sbin/pppd path=/dev/tty1 dev=sdb2
ino=870615 scontext=root:system_r:pppd_t
tcontext=root:object_r:sysadm_tty_device_t tclass=chr_file
Apr 4 09:31:44 excalibur pppd[1784]: pppd 2.4.1 started by root, uid 0
Apr 4 09:31:45 excalibur kernel: audit(1081089105.077:0): avc: denied {
append } for pid=1785 exe=/usr/sbin/pppd name=connect-errors dev=sdb2
ino=32552 scontext=root:system_r:pppd_t
tcontext=system_u:object_r:pppd_etc_t tclass=file
Apr 4 09:31:45 excalibur kernel: audit(1081089105.081:0): avc: denied {
execute } for pid=1785 exe=/bin/bash name=ppp-on-dialer dev=sdb2 ino=32702
scontext=root:system_r:pppd_t tcontext=system_u:object_r:pppd_etc_rw_t
tclass=file
Apr 4 09:31:45 excalibur kernel: audit(1081089105.081:0): avc: denied {
execute_no_trans } for pid=1785 exe=/bin/bash path=/etc/ppp/ppp-on-dialer
dev=sdb2 ino=32702 scontext=root:system_r:pppd_t
tcontext=system_u:object_r:pppd_etc_rw_t tclass=file
The connect script runs and connects to the internet.
Apr 4 09:32:24 excalibur kernel: audit(1081089144.819:0): avc: denied {
execute } for pid=1805 exe=/usr/sbin/pppd name=ip-up dev=sdb2 ino=32586
scontext=root:system_r:pppd_t tcontext=system_u:object_r:pppd_etc_t
tclass=file
Apr 4 09:32:24 excalibur kernel: audit(1081089144.819:0): avc: denied {
execute_no_trans } for pid=1805 exe=/usr/sbin/pppd path=/etc/ppp/ip-up
dev=sdb2 ino=32586 scontext=root:system_r:pppd_t
tcontext=system_u:object_r:pppd_etc_t tclass=file
Thank you for help.
Jason
_________________________________________________________________
Limited-time offer: Fast, reliable MSN 9 Dial-up Internet access FREE for 2
months!
http://join.msn.com/?page=dept/dialup&pgmarket=en-us&ST=1/go/onm00200361ave/direct/01/
More information about the fedora-test-list
mailing list