selinux alerts consoletype (consoletype_t) "read" to pipe
Antonio Olivares
olivares14031 at yahoo.com
Sun Oct 7 14:02:25 UTC 2007
(unconfined_t).
To: fedora-test-list at redhat.com
Cc: fedora-selinux-list at redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Message-ID: <292321.49938.qm at web52609.mail.re2.yahoo.com>
Dear all,
I am getting new alerts on the laptop, on the other
computers the following alerts do not appear. I did
not have the setroubleshooter working on the laptop,
but all of a sudden because of the updates, it and the
system updater started working.
Should I dismiss these as not important?
Thanks,
Antonio
Summary
SELinux is preventing consoletype (consoletype_t)
"read" to pipe
(unconfined_t).
Detailed Description
SELinux denied access requested by consoletype. It
is not expected that this
access is required by consoletype and this access
may signal an intrusion
attempt. It is also possible that the specific
version or configuration of
the application is causing it to require
additional access.
Allowing Access
You can generate a local policy module to allow
this access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385
Or you can disable
SELinux protection altogether. Disabling SELinux
protection is not
recommended. Please file a
http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.
Additional Information
Source Context
system_u:system_r:consoletype_t
Target Context
system_u:system_r:unconfined_t
Target Objects pipe [ fifo_file ]
Affected RPM Packages
Policy RPM
selinux-policy-3.0.8-17.fc8
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall
Host Name localhost.localdomain
Platform Linux
localhost.localdomain
2.6.23-0.217.rc9.git1.fc8 #1 SMP Tue Oct 2
21:38:47 EDT 2007 i686
i686
Alert Count 17
First Seen Wed 26 Sep 2007 06:34:54
PM CDT
Last Seen Sun 07 Oct 2007 08:56:57
AM CDT
Local ID
8b0eaa38-b9e4-4472-9cd0-ddd5b686793e
Line Numbers
Raw Audit Messages
avc: denied { read } for comm=consoletype dev=pipefs
path=pipe:[12036] pid=3102
scontext=system_u:system_r:consoletype_t:s0
tclass=fifo_file
tcontext=system_u:system_r:unconfined_t:s0
Summary
SELinux is preventing consoletype (consoletype_t)
"write" to pipe
(unconfined_t).
Detailed Description
SELinux denied access requested by consoletype. It
is not expected that this
access is required by consoletype and this access
may signal an intrusion
attempt. It is also possible that the specific
version or configuration of
the application is causing it to require
additional access.
Allowing Access
You can generate a local policy module to allow
this access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385
Or you can disable
SELinux protection altogether. Disabling SELinux
protection is not
recommended. Please file a
http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.
Additional Information
Source Context
system_u:system_r:consoletype_t
Target Context
system_u:system_r:unconfined_t
Target Objects pipe [ fifo_file ]
Affected RPM Packages
Policy RPM
selinux-policy-3.0.8-17.fc8
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall
Host Name localhost.localdomain
Platform Linux
localhost.localdomain
2.6.23-0.217.rc9.git1.fc8 #1 SMP Tue Oct 2
21:38:47 EDT 2007 i686
i686
Alert Count 31
First Seen Wed 26 Sep 2007 06:34:54
PM CDT
Last Seen Sun 07 Oct 2007 08:56:57
AM CDT
Local ID
a29d7946-1930-4194-8c71-7edfbf95f972
Line Numbers
Raw Audit Messages
avc: denied { write } for comm=consoletype dev=pipefs
path=pipe:[12036] pid=3104
scontext=system_u:system_r:consoletype_t:s0
tclass=fifo_file
tcontext=system_u:system_r:unconfined_t:s0
____________________________________________________________________________________
Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out.
http://answers.yahoo.com/dir/?link=list&sid=396545469
More information about the fedora-test-list
mailing list