selinux and ppp

bastard operater bofh1234 at hotmail.com
Wed Apr 7 22:05:13 UTC 2004 

Thank you all for your suggestions. When I setenforce=0 I can connect to the 
internet. For those interested in messages here they are. I am using 
policy-1.9.2-9.

Apr 4 09:31:39 excalibur kernel: audit(1081089099.311:0): avc: granted { 
setenforce } for pid=1782 exe=/usr/bin/setenforce 
scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t 
tclass=security
Apr 4 09:31:44 excalibur kernel: audit(1081089104.072:0): avc: denied { 
getattr } for pid=1783 exe=/usr/sbin/pppd path=/dev/tty1 dev=sdb2 ino=870615 
scontext=root:system_r:pppd_t tcontext=root:object_r:sysadm_tty_device_t 
tclass=chr_file
Apr 4 09:31:44 excalibur pppd[1784]: pppd 2.4.1 started by root, uid 0
Apr 4 09:31:45 excalibur kernel: audit(1081089105.077:0): avc: denied { 
append } for pid=1785 exe=/usr/sbin/pppd name=connect-errors dev=sdb2 
ino=32552 scontext=root:system_r:pppd_t 
tcontext=system_u:object_r:pppd_etc_t tclass=file
Apr 4 09:31:45 excalibur kernel: audit(1081089105.081:0): avc: denied { 
execute } for pid=1785 exe=/bin/bash name=ppp-on-dialer dev=sdb2 ino=32702 
scontext=root:system_r:pppd_t tcontext=system_u:object_r:pppd_etc_rw_t 
tclass=file
Apr 4 09:31:45 excalibur kernel: audit(1081089105.081:0): avc: denied { 
execute_no_trans } for pid=1785 exe=/bin/bash path=/etc/ppp/ppp-on-dialer 
dev=sdb2 ino=32702 scontext=root:system_r:pppd_t 
tcontext=system_u:object_r:pppd_etc_rw_t tclass=file

The connect script runs and connects to the internet.

Apr 4 09:32:24 excalibur kernel: audit(1081089144.819:0): avc: denied { 
execute } for pid=1805 exe=/usr/sbin/pppd name=ip-up dev=sdb2 ino=32586 
scontext=root:system_r:pppd_t tcontext=system_u:object_r:pppd_etc_t 
tclass=file
Apr 4 09:32:24 excalibur kernel: audit(1081089144.819:0): avc: denied { 
execute_no_trans } for pid=1805 exe=/usr/sbin/pppd path=/etc/ppp/ip-up 
dev=sdb2 ino=32586 scontext=root:system_r:pppd_t 
tcontext=system_u:object_r:pppd_etc_t tclass=file

Thank you for help.

Jason

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar – get it now! 
http://toolbar.msn.com/go/onm00200415ave/direct/01/

More information about the fedora-test-list mailing list