selinux errors

Anne Wilson cannewilson at googlemail.com
Sat Apr 5 16:41:27 UTC 2008 

On Saturday 05 April 2008 01:38:12 pm Jóhann B. Guðmundsson wrote:
> I think it's better that you set selinux in permissive mode..
> ( take a look at /etc/selinux/config )
> and file a bug to each "report" you receive or compile a list, post it
> here and with selinux errors as a subject.
>
> We need to clean those selinux reports out for final..

I started to file a bug, but had problems with the component bit, so here is 
my first offering:

My wired, static connection disconnects briefly from time to time in rawhide 
(kde live cd updated).  At the same time I get an AVC:

SELinux is preventing 05-netfs (NetworkManager_t) "getattr" 
to /var/lock/subsys/netfs (var_lock_t). 

Source Context:  system_u:system_r:NetworkManager_t:s0
Target Context:  system_u:object_r:var_lock_t:s0
Target Objects:  /var/lock/subsys/netfs [ file ]
Source:  05-netfs
Source Path:  /bin/bash
Port:  <Unknown>
Host:  david.lydgate.lan
Source RPM Packages:  bash-3.2-22.fc9
Target RPM Packages:  
Policy RPM:  selinux-policy-3.3.1-26.fc9
Selinux Enabled:  TruePolicy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Permissive
Plugin Name:  catchall_fileHost Name:  
david.lydgate.lan
Platform:  Linux david.lydgate.lan 2.6.25-0.195.rc8.git1.fc9.i686 #1 SMP Thu 
Apr 3 09:42:34 EDT 2008 i686 athlon
Alert Count:  3
First Seen:  Sat 05 Apr 2008 05:08:15 PM BST
Last Seen:  Sat 05 Apr 2008 05:19:00 PM BST
Local ID:  4b47170f-7415-48c8-b97b-af8a88e1387a
Line Numbers:  
Raw Audit Messages :host=david.lydgate.lan type=AVC 
msg=audit(1207412340.566:54): avc: denied { getattr } for pid=3091 
comm="05-netfs" path="/var/lock/subsys/netfs" dev=dm-2 ino=82745 
scontext=system_u:system_r:NetworkManager_t:s0 
tcontext=system_u:object_r:var_lock_t:s0 tclass=file 

host=david.lydgate.lan type=SYSCALL msg=audit(1207412340.566:54): 
arch=40000003 syscall=195 success=yes exit=0 a0=98290a0 a1=bfd9acb0 a2=2a2ff4 
a3=98290a0 items=0 ppid=2326 pid=3091 auid=4294967295 uid=0 gid=0 euid=0 
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 
comm="05-netfs" exe="/bin/bash" subj=system_u:system_r:NetworkManager_t:s0 
key=(null) 

Anne

More information about the fedora-test-list mailing list