SELinux is preventing /usr/sbin/semodule (semanage_t) "getattr" to / (security_t).

Antonio Olivares olivares14031 at yahoo.com
Thu Apr 19 23:24:14 UTC 2007 

Dear list(s),

currently running Rawhide and setroubleshoot browser
fires up with a denial

Summary
    SELinux is preventing /usr/sbin/semodule
(semanage_t) "getattr" to /
    (security_t).

Detailed Description
    SELinux denied access requested by
/usr/sbin/semodule. It is not expected
    that this access is required by /usr/sbin/semodule
and this access may
    signal an intrusion attempt. It is also possible
that the specific version
    or configuration of the application is causing it
to require additional
    access.

Allowing Access
    You can generate a local policy module to allow
this access - see
   
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385
Or you can disable
    SELinux protection altogether. Disabling SELinux
protection is not
    recommended. Please file a
http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
    against this package.

Additional Information        

Source Context               
user_u:system_r:semanage_t
Target Context               
system_u:object_r:security_t
Target Objects                / [ filesystem ]
Affected RPM Packages        
policycoreutils-2.0.2-3.fc7
                             
[application]filesystem-2.4.2-1.fc7 [target]
Policy RPM                   
selinux-policy-2.5.4-1.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.catchall
Host Name                     localhost
Platform                      Linux localhost
2.6.20-1.2949.fc7 #1 SMP Mon Feb
                              26 18:37:35 EST 2007
i686 athlon
Alert Count                   1
First Seen                    Wed 04 Apr 2007 06:46:19
AM CDT
Last Seen                     Wed 04 Apr 2007 06:46:19
AM CDT
Local ID                     
32e2ac76-301c-4f3f-b971-e8b7da4fff73
Line Numbers                  

Raw Audit Messages            

avc: denied { getattr } for comm="semodule"
dev=selinuxfs egid=0 euid=0
exe="/usr/sbin/semodule" exit=-13 fsgid=0 fsuid=0
gid=0 items=0 name="/"
pid=8883 scontext=user_u:system_r:semanage_t:s0 sgid=0
subj=user_u:system_r:semanage_t:s0 suid=0
tclass=filesystem
tcontext=system_u:object_r:security_t:s0 tty=pts1
uid=0



Summary
    SELinux is preventing /usr/sbin/useradd
(useradd_t) "read write" to faillog
    (var_log_t).

Detailed Description
    SELinux denied access requested by
/usr/sbin/useradd. It is not expected
    that this access is required by /usr/sbin/useradd
and this access may signal
    an intrusion attempt. It is also possible that the
specific version or
    configuration of the application is causing it to
require additional access.

Allowing Access
    Sometimes labeling problems can cause SELinux
denials.  You could try to
    restore the default system file context for
faillog, restorecon -v faillog
    If this does not work, there is currently no
automatic way to allow this
    access. Instead,  you can generate a local policy
module to allow this
    access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385
Or you
    can disable SELinux protection altogether.
Disabling SELinux protection is
    not recommended. Please file a
    http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.

Additional Information        

Source Context               
user_u:system_r:useradd_t
Target Context               
system_u:object_r:var_log_t
Target Objects                faillog [ file ]
Affected RPM Packages        
shadow-utils-4.0.18.1-13.fc7 [application]
Policy RPM                   
selinux-policy-2.5.12-5.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.catchall_file
Host Name                     localhost
Platform                      Linux localhost
2.6.20-1.3088.fc7 #1 SMP Wed Apr
                              18 15:12:44 EDT 2007
i686 athlon
Alert Count                   1
First Seen                    Thu 19 Apr 2007 06:19:42
PM CDT
Last Seen                     Thu 19 Apr 2007 06:19:42
PM CDT
Local ID                     
2eacf14b-bf35-4d12-bb8e-13e35aeaaf6a
Line Numbers                  

Raw Audit Messages            

avc: denied { read, write } for comm="useradd"
dev=dm-0 egid=0 euid=0
exe="/usr/sbin/useradd" exit=-13 fsgid=0 fsuid=0 gid=0
items=0 name="faillog"
pid=3370 scontext=user_u:system_r:useradd_t:s0 sgid=0
subj=user_u:system_r:useradd_t:s0 suid=0 tclass=file
tcontext=system_u:object_r:var_log_t:s0 tty=pts0 uid=0

Thanks for any help/suggestions on this.  

Regards,

Antonio 

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

More information about the fedora-test-list mailing list