new avcs from setroubleshoot browser
Antonio Olivares
olivares14031 at yahoo.com
Wed Sep 26 23:42:20 UTC 2007
Dear all,
New avcs have appeared:
Summary
SELinux is preventing /sbin/ip (ifconfig_t) "write" to pipe (unconfined_t).
Detailed Description
SELinux denied access requested by /sbin/ip. It is not expected that this
access is required by /sbin/ip and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of
the application is causing it to require additional access.
Allowing Access
You can generate a local policy module to allow this access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable
SELinux protection altogether. Disabling SELinux protection is not
recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.
Additional Information
Source Context system_u:system_r:ifconfig_t
Target Context system_u:system_r:unconfined_t
Target Objects pipe [ fifo_file ]
Affected RPM Packages iproute-2.6.22-2.fc8 [application]
Policy RPM selinux-policy-3.0.8-13.fc8
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall
Host Name localhost.localdomain
Platform Linux localhost.localdomain 2.6.23-0.202.rc8.fc8
#1 SMP Mon Sep 24 22:09:05 EDT 2007 i686 i686
Alert Count 3
First Seen Wed 26 Sep 2007 06:34:54 PM CDT
Last Seen Wed 26 Sep 2007 06:34:54 PM CDT
Local ID d0527712-8653-4588-9f61-e20604d839bf
Line Numbers
Raw Audit Messages
avc: denied { write } for comm=ip dev=pipefs egid=0 euid=0 exe=/sbin/ip exit=0
fsgid=0 fsuid=0 gid=0 items=0 path=pipe:[11604] pid=3103
scontext=system_u:system_r:ifconfig_t:s0 sgid=0
subj=system_u:system_r:ifconfig_t:s0 suid=0 tclass=fifo_file
tcontext=system_u:system_r:unconfined_t:s0 tty=(none) uid=0
Summary
SELinux is preventing consoletype (consoletype_t) "read" to pipe
(unconfined_t).
Detailed Description
SELinux denied access requested by consoletype. It is not expected that this
access is required by consoletype and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of
the application is causing it to require additional access.
Allowing Access
You can generate a local policy module to allow this access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable
SELinux protection altogether. Disabling SELinux protection is not
recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.
Additional Information
Source Context system_u:system_r:consoletype_t
Target Context system_u:system_r:unconfined_t
Target Objects pipe [ fifo_file ]
Affected RPM Packages
Policy RPM selinux-policy-3.0.8-13.fc8
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall
Host Name localhost.localdomain
Platform Linux localhost.localdomain 2.6.23-0.202.rc8.fc8
#1 SMP Mon Sep 24 22:09:05 EDT 2007 i686 i686
Alert Count 2
First Seen Wed 26 Sep 2007 06:34:54 PM CDT
Last Seen Wed 26 Sep 2007 06:34:54 PM CDT
Local ID 8b0eaa38-b9e4-4472-9cd0-ddd5b686793e
Line Numbers
Raw Audit Messages
avc: denied { read } for comm=consoletype dev=pipefs path=pipe:[11541] pid=3036
scontext=system_u:system_r:consoletype_t:s0 tclass=fifo_file
tcontext=system_u:system_r:unconfined_t:s0
How do I deal with these. I am seeing this only on one of the machines. On the other two are fine. Crossing my fingers.
Thanks,
Antonio
____________________________________________________________________________________
Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online.
http://smallbusiness.yahoo.com/webhosting
More information about the fedora-test-list
mailing list