Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 296969 Details for
Bug 436233
setroubleshoot generated AVC, exiting to avoid recursion
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
audit_listener_database.xml
audit_listener_database.xml (text/xml), 32.03 KB, created by
Andrew Farris
on 2008-03-06 00:37:08 UTC
(
hide
)
Description:
audit_listener_database.xml
Filename:
MIME Type:
Creator:
Andrew Farris
Created:
2008-03-06 00:37:08 UTC
Size:
32.03 KB
patch
obsolete
><?xml version="1.0" encoding="utf-8"?> ><sigs version="3.0"> > <signature_list> > <siginfo> > <analysis_id>file</analysis_id> > <audit_event> > <event_id host="cirithungol" milli="53" seconds="1204689737" serial="325"/> > <records> > <audit_record record_type="AVC"> > <body_text>avc: denied { read } for pid=16233 comm="ck-get-x11-serv" name=".Xauthority" dev=sdb2 ino=3742 scontext=system_u:system_r:consolekit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file</body_text> > <event_id host="cirithungol" milli="53" seconds="1204689737" serial="325"/> > </audit_record> > <audit_record record_type="SYSCALL"> > <body_text>arch=40000003 syscall=33 success=no exit=-13 a0=bfd33fa6 a1=4 a2=b1d9f0 a3=bfd33fa6 items=0 ppid=16232 pid=16233 auid=4294967295 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="ck-get-x11-serv" exe="/usr/libexec/ck-get-x11-server-pid" subj=system_u:system_r:consolekit_t:s0-s0:c0.c1023 key=(null)</body_text> > <event_id host="cirithungol" milli="53" seconds="1204689737" serial="325"/> > </audit_record> > </records> > </audit_event> > <category>File Label</category> > <environment version="1.0"> > <enforce>Enforcing</enforce> > <hostname>cirithungol</hostname> > <kernel>2.6.25-0.82.rc3.git2.fc9 i686</kernel> > <platform>Fedora release 8.90 (Rawhide)</platform> > <policy_rpm>selinux-policy-3.3.1-9.fc9</policy_rpm> > <policy_type>targeted</policy_type> > <policyvers>22</policyvers> > <selinux_enabled>True</selinux_enabled> > <selinux_mls_enabled>True</selinux_mls_enabled> > <uname>Linux cirithungol 2.6.25-0.82.rc3.git2.fc9 #1 SMP Sun Mar 2 23:05:25 EST 2008 i686 i686</uname> > </environment> > <first_seen_date>2008-03-05T04:02:17Z</first_seen_date> > <host>cirithungol</host> > <last_seen_date>2008-03-05T04:02:17Z</last_seen_date> > <local_id>4808f0ac-1ee1-4f84-a284-46d10c3c8993</local_id> > <report_count>1</report_count> > <scontext mls="s0-s0:c0.c1023" role="system_r" type="consolekit_t" user="system_u"/> > <sig version="3.0"> > <access> > <operation>read</operation> > </access> > <analysis_id>file</analysis_id> > <host>cirithungol</host> > <scontext mls="s0-s0:c0.c1023" role="system_r" type="consolekit_t" user="system_u"/> > <tclass>file</tclass> > <tcontext mls="s0" role="object_r" type="file_t" user="system_u"/> > <tpath>./.Xauthority</tpath> > </sig> > <solution version="1.0"> > <fix_cmd></fix_cmd> > <fix_description><![CDATA[ > You can execute the following command as root to relabel your > computer system: "touch /.autorelabel; reboot" > ]]></fix_description> > <problem_description><![CDATA[ > SELinux permission checks on files labeled file_t are being > denied. file_t is the context the SELinux kernel gives to files > that do not have a label. This indicates a serious labeling > problem. No files on an SELinux box should ever be labeled file_t. > If you have just added a new disk drive to the system you can > relabel it using the restorecon command. Otherwise you should > relabel the entire files system. > ]]></problem_description> > <summary><![CDATA[ > SELinux is preventing access to files with the label, file_t. > ]]></summary> > </solution> > <source>ck-get-x11-serv</source> > <spath>/usr/libexec/ck-get-x11-server-pid</spath> > <src_rpm_list> > <rpm>ConsoleKit-x11-0.2.10-1.fc9</rpm> > </src_rpm_list> > <tclass>file</tclass> > <tcontext mls="s0" role="object_r" type="file_t" user="system_u"/> > <tpath>./.Xauthority</tpath> > <users> > <user delete_flag="False" seen_flag="True" username="lordmorgul"> > <filter> > <count>0</count> > <filter_type>0</filter_type> > </filter> > </user> > </users> > </siginfo> > <siginfo> > <analysis_id>file</analysis_id> > <audit_event> > <event_id host="cirithungol" milli="416" seconds="1204690113" serial="341"/> > <records> > <audit_record record_type="AVC"> > <body_text>avc: denied { read } for pid=16945 comm="npviewer.bin" name=".Xauthority" dev=sdb2 ino=3742 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file</body_text> > <event_id host="cirithungol" milli="416" seconds="1204690113" serial="341"/> > </audit_record> > <audit_record record_type="SYSCALL"> > <body_text>arch=40000003 syscall=33 success=no exit=-13 a0=bfa3afb9 a1=4 a2=b1d9f0 a3=bfa3afb9 items=0 ppid=16931 pid=16945 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 key=(null)</body_text> > <event_id host="cirithungol" milli="416" seconds="1204690113" serial="341"/> > </audit_record> > </records> > </audit_event> > <category>File Label</category> > <environment version="1.0"> > <enforce>Enforcing</enforce> > <hostname>cirithungol</hostname> > <kernel>2.6.25-0.82.rc3.git2.fc9 i686</kernel> > <platform>Fedora release 8.90 (Rawhide)</platform> > <policy_rpm>selinux-policy-3.3.1-9.fc9</policy_rpm> > <policy_type>targeted</policy_type> > <policyvers>22</policyvers> > <selinux_enabled>True</selinux_enabled> > <selinux_mls_enabled>True</selinux_mls_enabled> > <uname>Linux cirithungol 2.6.25-0.82.rc3.git2.fc9 #1 SMP Sun Mar 2 23:05:25 EST 2008 i686 i686</uname> > </environment> > <first_seen_date>2008-03-05T04:08:32Z</first_seen_date> > <host>cirithungol</host> > <last_seen_date>2008-03-05T04:08:33Z</last_seen_date> > <local_id>d82d38cd-e097-452a-bcdc-cefe620fe11b</local_id> > <report_count>6</report_count> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="nsplugin_t" user="unconfined_u"/> > <sig version="3.0"> > <access> > <operation>read</operation> > </access> > <analysis_id>file</analysis_id> > <host>cirithungol</host> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="nsplugin_t" user="unconfined_u"/> > <tclass>file</tclass> > <tcontext mls="s0" role="object_r" type="file_t" user="system_u"/> > <tpath>./.Xauthority</tpath> > </sig> > <solution version="1.0"> > <fix_cmd></fix_cmd> > <fix_description><![CDATA[ > You can execute the following command as root to relabel your > computer system: "touch /.autorelabel; reboot" > ]]></fix_description> > <problem_description><![CDATA[ > SELinux permission checks on files labeled file_t are being > denied. file_t is the context the SELinux kernel gives to files > that do not have a label. This indicates a serious labeling > problem. No files on an SELinux box should ever be labeled file_t. > If you have just added a new disk drive to the system you can > relabel it using the restorecon command. Otherwise you should > relabel the entire files system. > ]]></problem_description> > <summary><![CDATA[ > SELinux is preventing access to files with the label, file_t. > ]]></summary> > </solution> > <source>npviewer.bin</source> > <spath>/usr/lib/nspluginwrapper/npviewer.bin</spath> > <src_rpm_list> > <rpm>nspluginwrapper-0.9.91.5-23.fc9</rpm> > </src_rpm_list> > <tclass>file</tclass> > <tcontext mls="s0" role="object_r" type="file_t" user="system_u"/> > <tpath>./.Xauthority</tpath> > <users> > <user delete_flag="False" seen_flag="True" username="lordmorgul"> > <filter> > <count>6</count> > <filter_type>0</filter_type> > </filter> > </user> > </users> > </siginfo> > <siginfo> > <analysis_id>file</analysis_id> > <audit_event> > <event_id host="cirithungol" milli="756" seconds="1204720360" serial="1855"/> > <records> > <audit_record record_type="AVC"> > <body_text>avc: denied { read } for pid=10793 comm="tmpwatch" name="kdecache-lordmorgul" dev=sdb3 ino=347111 scontext=system_u:system_r:tmpreaper_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=dir</body_text> > <event_id host="cirithungol" milli="756" seconds="1204720360" serial="1855"/> > </audit_record> > <audit_record record_type="SYSCALL"> > <body_text>arch=40000003 syscall=5 success=no exit=-13 a0=804ac62 a1=98800 a2=0 a3=0 items=0 ppid=10790 pid=10793 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="tmpwatch" exe="/usr/sbin/tmpwatch" subj=system_u:system_r:tmpreaper_t:s0-s0:c0.c1023 key=(null)</body_text> > <event_id host="cirithungol" milli="756" seconds="1204720360" serial="1855"/> > </audit_record> > </records> > </audit_event> > <category>File Label</category> > <environment version="1.0"> > <enforce>Enforcing</enforce> > <hostname>cirithungol</hostname> > <kernel>2.6.25-0.82.rc3.git2.fc9 i686</kernel> > <platform>Fedora release 8.90 (Rawhide)</platform> > <policy_rpm>selinux-policy-3.3.1-9.fc9</policy_rpm> > <policy_type>targeted</policy_type> > <policyvers>22</policyvers> > <selinux_enabled>True</selinux_enabled> > <selinux_mls_enabled>True</selinux_mls_enabled> > <uname>Linux cirithungol 2.6.25-0.82.rc3.git2.fc9 #1 SMP Sun Mar 2 23:05:25 EST 2008 i686 i686</uname> > </environment> > <first_seen_date>2008-03-05T12:32:40Z</first_seen_date> > <host>cirithungol</host> > <last_seen_date>2008-03-05T12:32:40Z</last_seen_date> > <local_id>2ae4b32e-65a8-4dbf-a2f6-f899aad7079d</local_id> > <report_count>1</report_count> > <scontext mls="s0-s0:c0.c1023" role="system_r" type="tmpreaper_t" user="system_u"/> > <sig version="3.0"> > <access> > <operation>read</operation> > </access> > <analysis_id>file</analysis_id> > <host>cirithungol</host> > <scontext mls="s0-s0:c0.c1023" role="system_r" type="tmpreaper_t" user="system_u"/> > <tclass>dir</tclass> > <tcontext mls="s0" role="object_r" type="file_t" user="system_u"/> > <tpath>./kdecache-lordmorgul</tpath> > </sig> > <solution version="1.0"> > <fix_cmd></fix_cmd> > <fix_description><![CDATA[ > You can execute the following command as root to relabel your > computer system: "touch /.autorelabel; reboot" > ]]></fix_description> > <problem_description><![CDATA[ > SELinux permission checks on files labeled file_t are being > denied. file_t is the context the SELinux kernel gives to files > that do not have a label. This indicates a serious labeling > problem. No files on an SELinux box should ever be labeled file_t. > If you have just added a new disk drive to the system you can > relabel it using the restorecon command. Otherwise you should > relabel the entire files system. > ]]></problem_description> > <summary><![CDATA[ > SELinux is preventing access to files with the label, file_t. > ]]></summary> > </solution> > <source>tmpwatch</source> > <spath>/usr/sbin/tmpwatch</spath> > <src_rpm_list> > <rpm>tmpwatch-2.9.13-2</rpm> > </src_rpm_list> > <tclass>dir</tclass> > <tcontext mls="s0" role="object_r" type="file_t" user="system_u"/> > <tpath>./kdecache-lordmorgul</tpath> > <users> > <user delete_flag="False" seen_flag="True" username="lordmorgul"> > <filter> > <count>1</count> > <filter_type>0</filter_type> > </filter> > </user> > </users> > </siginfo> > <siginfo> > <analysis_id>home_tmp_bad_labels</analysis_id> > <audit_event> > <event_id host="cirithungol" milli="618" seconds="1204751403" serial="1934"/> > <records> > <audit_record record_type="AVC"> > <body_text>avc: denied { write } for pid=12708 comm="npviewer.bin" name=".pulse-cookie" dev=sdb2 ino=139 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file</body_text> > <event_id host="cirithungol" milli="618" seconds="1204751403" serial="1934"/> > </audit_record> > <audit_record record_type="SYSCALL"> > <body_text>arch=40000003 syscall=5 success=no exit=-13 a0=bfbb4f78 a1=8142 a2=180 a3=8142 items=0 ppid=12635 pid=12708 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 key=(null)</body_text> > <event_id host="cirithungol" milli="618" seconds="1204751403" serial="1934"/> > </audit_record> > </records> > </audit_event> > <category>File Label</category> > <environment version="1.0"> > <enforce>Enforcing</enforce> > <hostname>cirithungol</hostname> > <kernel>2.6.25-0.82.rc3.git2.fc9 i686</kernel> > <platform>Fedora release 8.90 (Rawhide)</platform> > <policy_rpm>selinux-policy-3.3.1-9.fc9</policy_rpm> > <policy_type>targeted</policy_type> > <policyvers>22</policyvers> > <selinux_enabled>True</selinux_enabled> > <selinux_mls_enabled>True</selinux_mls_enabled> > <uname>Linux cirithungol 2.6.25-0.82.rc3.git2.fc9 #1 SMP Sun Mar 2 23:05:25 EST 2008 i686 i686</uname> > </environment> > <first_seen_date>2008-03-05T21:10:03Z</first_seen_date> > <host>cirithungol</host> > <last_seen_date>2008-03-05T21:10:03Z</last_seen_date> > <local_id>83d43afd-fc3d-4d4a-ab47-1248b0ca4a96</local_id> > <report_count>1</report_count> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="nsplugin_t" user="unconfined_u"/> > <sig version="3.0"> > <access> > <operation>write</operation> > </access> > <analysis_id>home_tmp_bad_labels</analysis_id> > <host>cirithungol</host> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="nsplugin_t" user="unconfined_u"/> > <tclass>file</tclass> > <tcontext mls="s0" role="object_r" type="user_home_t" user="unconfined_u"/> > <tpath>./.pulse-cookie</tpath> > </sig> > <solution version="1.0"> > <fix_cmd></fix_cmd> > <fix_description><![CDATA[ > If you want npviewer.bin to access this files, you need to > relabel them using restorecon -v './.pulse-cookie'. You might want to > relabel the entire directory using restorecon -R -v '.'. > ]]></fix_description> > <problem_description><![CDATA[ > SELinux has denied npviewer.bin access to potentially > mislabeled file(s) (./.pulse-cookie). This means that SELinux will not > allow npviewer.bin to use these files. It is common for users to edit > files in their home directory or tmp directories and then move > (mv) them to system directories. The problem is that the files > end up with the wrong file context which confined applications are not allowed to access. > ]]></problem_description> > <summary><![CDATA[ > SELinux is preventing the npviewer.bin from using potentially mislabeled files (./.pulse-cookie). > ]]></summary> > </solution> > <source>npviewer.bin</source> > <spath>/usr/lib/nspluginwrapper/npviewer.bin</spath> > <src_rpm_list> > <rpm>nspluginwrapper-0.9.91.5-23.fc9</rpm> > </src_rpm_list> > <tclass>file</tclass> > <tcontext mls="s0" role="object_r" type="user_home_t" user="unconfined_u"/> > <tpath>./.pulse-cookie</tpath> > <users> > <user delete_flag="False" seen_flag="True" username="lordmorgul"> > <filter> > <count>1</count> > <filter_type>0</filter_type> > </filter> > </user> > </users> > </siginfo> > <siginfo> > <analysis_id>home_tmp_bad_labels</analysis_id> > <audit_event> > <event_id host="cirithungol" milli="619" seconds="1204751403" serial="1935"/> > <records> > <audit_record record_type="AVC"> > <body_text>avc: denied { read } for pid=12708 comm="npviewer.bin" name=".Xauthority" dev=sdb2 ino=3742 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_u:object_r:user_xauth_home_t:s0 tclass=file</body_text> > <event_id host="cirithungol" milli="619" seconds="1204751403" serial="1935"/> > </audit_record> > <audit_record record_type="SYSCALL"> > <body_text>arch=40000003 syscall=33 success=no exit=-13 a0=bfbb8fb9 a1=4 a2=b1d9f0 a3=bfbb8fb9 items=0 ppid=12635 pid=12708 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 key=(null)</body_text> > <event_id host="cirithungol" milli="619" seconds="1204751403" serial="1935"/> > </audit_record> > </records> > </audit_event> > <category>File Label</category> > <environment version="1.0"> > <enforce>Enforcing</enforce> > <hostname>cirithungol</hostname> > <kernel>2.6.25-0.82.rc3.git2.fc9 i686</kernel> > <platform>Fedora release 8.90 (Rawhide)</platform> > <policy_rpm>selinux-policy-3.3.1-9.fc9</policy_rpm> > <policy_type>targeted</policy_type> > <policyvers>22</policyvers> > <selinux_enabled>True</selinux_enabled> > <selinux_mls_enabled>True</selinux_mls_enabled> > <uname>Linux cirithungol 2.6.25-0.82.rc3.git2.fc9 #1 SMP Sun Mar 2 23:05:25 EST 2008 i686 i686</uname> > </environment> > <first_seen_date>2008-03-05T21:05:54Z</first_seen_date> > <host>cirithungol</host> > <last_seen_date>2008-03-05T21:10:03Z</last_seen_date> > <local_id>516bc49e-b20d-4f2a-8e24-e860e5d1e402</local_id> > <report_count>7</report_count> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="nsplugin_t" user="unconfined_u"/> > <sig version="3.0"> > <access> > <operation>read</operation> > </access> > <analysis_id>home_tmp_bad_labels</analysis_id> > <host>cirithungol</host> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="nsplugin_t" user="unconfined_u"/> > <tclass>file</tclass> > <tcontext mls="s0" role="object_r" type="user_xauth_home_t" user="system_u"/> > <tpath>./.Xauthority</tpath> > </sig> > <solution version="1.0"> > <fix_cmd></fix_cmd> > <fix_description><![CDATA[ > If you want npviewer.bin to access this files, you need to > relabel them using restorecon -v './.Xauthority'. You might want to > relabel the entire directory using restorecon -R -v '.'. > ]]></fix_description> > <problem_description><![CDATA[ > SELinux has denied npviewer.bin access to potentially > mislabeled file(s) (./.Xauthority). This means that SELinux will not > allow npviewer.bin to use these files. It is common for users to edit > files in their home directory or tmp directories and then move > (mv) them to system directories. The problem is that the files > end up with the wrong file context which confined applications are not allowed to access. > ]]></problem_description> > <summary><![CDATA[ > SELinux is preventing the npviewer.bin from using potentially mislabeled files (./.Xauthority). > ]]></summary> > </solution> > <source>npviewer.bin</source> > <spath>/usr/lib/nspluginwrapper/npviewer.bin</spath> > <src_rpm_list> > <rpm>nspluginwrapper-0.9.91.5-23.fc9</rpm> > </src_rpm_list> > <tclass>file</tclass> > <tcontext mls="s0" role="object_r" type="user_xauth_home_t" user="system_u"/> > <tpath>./.Xauthority</tpath> > <users> > <user delete_flag="False" seen_flag="True" username="lordmorgul"> > <filter> > <count>7</count> > <filter_type>0</filter_type> > </filter> > </user> > </users> > </siginfo> > <siginfo> > <analysis_id>catchall</analysis_id> > <audit_event> > <event_id host="cirithungol" milli="638" seconds="1204751403" serial="1936"/> > <records> > <audit_record record_type="AVC"> > <body_text>avc: denied { signull } for pid=12708 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process</body_text> > <event_id host="cirithungol" milli="638" seconds="1204751403" serial="1936"/> > </audit_record> > <audit_record record_type="SYSCALL"> > <body_text>arch=40000003 syscall=37 success=no exit=-13 a0=c5b a1=0 a2=47f5e0 a3=bfbb5efc items=0 ppid=12635 pid=12708 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 key=(null)</body_text> > <event_id host="cirithungol" milli="638" seconds="1204751403" serial="1936"/> > </audit_record> > </records> > </audit_event> > <environment version="1.0"> > <enforce>Enforcing</enforce> > <hostname>cirithungol</hostname> > <kernel>2.6.25-0.82.rc3.git2.fc9 i686</kernel> > <platform>Fedora release 8.90 (Rawhide)</platform> > <policy_rpm>selinux-policy-3.3.1-9.fc9</policy_rpm> > <policy_type>targeted</policy_type> > <policyvers>22</policyvers> > <selinux_enabled>True</selinux_enabled> > <selinux_mls_enabled>True</selinux_mls_enabled> > <uname>Linux cirithungol 2.6.25-0.82.rc3.git2.fc9 #1 SMP Sun Mar 2 23:05:25 EST 2008 i686 i686</uname> > </environment> > <first_seen_date>2008-03-05T21:10:03Z</first_seen_date> > <host>cirithungol</host> > <last_seen_date>2008-03-05T21:10:03Z</last_seen_date> > <local_id>2147b9e3-8bc5-44ce-84f4-693eff3f9607</local_id> > <report_count>1</report_count> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="nsplugin_t" user="unconfined_u"/> > <sig version="3.0"> > <access> > <operation>signull</operation> > </access> > <analysis_id>catchall</analysis_id> > <host>cirithungol</host> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="nsplugin_t" user="unconfined_u"/> > <tclass>process</tclass> > <tcontext mls="s0-s0:c0.c1023" role="unconfined_r" type="unconfined_t" user="unconfined_u"/> > </sig> > <solution version="1.0"> > <fix_cmd></fix_cmd> > <fix_description><![CDATA[ > You can generate a local policy module to allow this > access - see <a href="http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385">FAQ</a> > Or you can disable SELinux protection altogether. Disabling > SELinux protection is not recommended. > Please file a <a href="http://bugzilla.redhat.com/bugzilla/enter_bug.cgi">bug report</a> > against this package. > ]]></fix_description> > <problem_description><![CDATA[ > > SELinux denied access requested by npviewer.bin. It is not > expected that this access is required by npviewer.bin and this access > may signal an intrusion attempt. It is also possible that the specific > version or configuration of the application is causing it to require > additional access. > > ]]></problem_description> > <summary><![CDATA[ > SELinux is preventing npviewer.bin (nsplugin_t) "signull" to <Unknown> (unconfined_t). > ]]></summary> > </solution> > <source>npviewer.bin</source> > <spath>/usr/lib/nspluginwrapper/npviewer.bin</spath> > <src_rpm_list> > <rpm>nspluginwrapper-0.9.91.5-23.fc9</rpm> > </src_rpm_list> > <tclass>process</tclass> > <tcontext mls="s0-s0:c0.c1023" role="unconfined_r" type="unconfined_t" user="unconfined_u"/> > <users> > <user delete_flag="False" seen_flag="True" username="lordmorgul"> > <filter> > <count>1</count> > <filter_type>0</filter_type> > </filter> > </user> > </users> > </siginfo> > <siginfo> > <analysis_id>allow_daemons_use_tty</analysis_id> > <audit_event> > <event_id host="cirithungol" milli="279" seconds="1204758977" serial="22"/> > <records> > <audit_record record_type="AVC"> > <body_text>avc: denied { read write } for pid=3026 comm="dbus-daemon" path="/dev/tty1" dev=tmpfs ino=1803 scontext=unconfined_u:unconfined_r:unconfined_dbusd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:unconfined_tty_device_t:s0 tclass=chr_file</body_text> > <event_id host="cirithungol" milli="279" seconds="1204758977" serial="22"/> > </audit_record> > <audit_record record_type="SYSCALL"> > <body_text>arch=40000003 syscall=11 success=yes exit=0 a0=804c908 a1=bfe524ec a2=bfe53914 a3=7 items=0 ppid=3025 pid=3026 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="dbus-daemon" exe="/bin/dbus-daemon" subj=unconfined_u:unconfined_r:unconfined_dbusd_t:s0-s0:c0.c1023 key=(null)</body_text> > <event_id host="cirithungol" milli="279" seconds="1204758977" serial="22"/> > </audit_record> > </records> > </audit_event> > <environment version="1.0"> > <enforce>Enforcing</enforce> > <hostname>cirithungol</hostname> > <kernel>2.6.25-0.82.rc3.git2.fc9 i686</kernel> > <platform>Fedora release 8.90 (Rawhide)</platform> > <policy_rpm>selinux-policy-3.3.1-9.fc9</policy_rpm> > <policy_type>targeted</policy_type> > <policyvers>22</policyvers> > <selinux_enabled>True</selinux_enabled> > <selinux_mls_enabled>True</selinux_mls_enabled> > <uname>Linux cirithungol 2.6.25-0.82.rc3.git2.fc9 #1 SMP Sun Mar 2 23:05:25 EST 2008 i686 i686</uname> > </environment> > <first_seen_date>2008-03-05T04:02:10Z</first_seen_date> > <host>cirithungol</host> > <last_seen_date>2008-03-05T23:16:17Z</last_seen_date> > <local_id>ffceb425-d299-4b21-997a-aa9bb7b74610</local_id> > <report_count>3</report_count> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="unconfined_dbusd_t" user="unconfined_u"/> > <sig version="3.0"> > <access> > <operation>read</operation> > <operation>write</operation> > </access> > <analysis_id>allow_daemons_use_tty</analysis_id> > <host>cirithungol</host> > <scontext mls="s0-s0:c0.c1023" role="unconfined_r" type="unconfined_dbusd_t" user="unconfined_u"/> > <tclass>chr_file</tclass> > <tcontext mls="s0" role="object_r" type="unconfined_tty_device_t" user="unconfined_u"/> > <tpath>/dev/tty1</tpath> > </sig> > <solution version="1.0"> > <fix_cmd>setsebool -P allow_daemons_use_tty=1</fix_cmd> > <fix_description><![CDATA[ > Changing the "allow_daemons_use_tty" boolean to true will allow this access: > "setsebool -P allow_daemons_use_tty=1." > ]]></fix_description> > <problem_description><![CDATA[ > SELinux prevented dbus-daemon from using the terminal /dev/tty1. > In most cases daemons do not need to interact with the terminal, usually > these avc messages can be ignored. All of the confined daemons should > have dontaudit rules around using the terminal. Please file a <a > href="http://bugzilla.redhat.com/bugzilla/enter_bug.cgi">bug > report</a> against this selinux-policy. If you would like to allow all > daemons to interact with the terminal, you can turn on the allow_daemons_use_tty boolean. > ]]></problem_description> > <summary><![CDATA[ > SELinux prevented dbus-daemon from using the terminal /dev/tty1. > ]]></summary> > </solution> > <source>dbus-daemon</source> > <spath>/bin/dbus-daemon</spath> > <src_rpm_list> > <rpm>dbus-1.1.20-1.fc9</rpm> > </src_rpm_list> > <tclass>chr_file</tclass> > <tcontext mls="s0" role="object_r" type="unconfined_tty_device_t" user="unconfined_u"/> > <tpath>/dev/tty1</tpath> > <users> > <user delete_flag="False" seen_flag="True" username="lordmorgul"> > <filter> > <count>0</count> > <filter_type>0</filter_type> > </filter> > </user> > </users> > </siginfo> > <siginfo> > <analysis_id>catchall</analysis_id> > <audit_event> > <event_id host="cirithungol" milli="446" seconds="1204762118" serial="60"/> > <records> > <audit_record record_type="AVC"> > <body_text>avc: denied { sys_resource } for pid=2620 comm="nmbd" capability=24 scontext=system_u:system_r:nmbd_t:s0 tcontext=system_u:system_r:nmbd_t:s0 tclass=capability</body_text> > <event_id host="cirithungol" milli="446" seconds="1204762118" serial="60"/> > </audit_record> > <audit_record record_type="SYSCALL"> > <body_text>arch=40000003 syscall=4 success=yes exit=315 a0=10 a1=b8b1e2d0 a2=13b a3=b8b19298 items=0 ppid=1 pid=2620 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="nmbd" exe="/usr/sbin/nmbd" subj=system_u:system_r:nmbd_t:s0 key=(null)</body_text> > <event_id host="cirithungol" milli="446" seconds="1204762118" serial="60"/> > </audit_record> > </records> > </audit_event> > <environment version="1.0"> > <enforce>Enforcing</enforce> > <hostname>cirithungol</hostname> > <kernel>2.6.25-0.82.rc3.git2.fc9 i686</kernel> > <platform>Fedora release 8.90 (Rawhide)</platform> > <policy_rpm>selinux-policy-3.3.1-9.fc9</policy_rpm> > <policy_type>targeted</policy_type> > <policyvers>22</policyvers> > <selinux_enabled>True</selinux_enabled> > <selinux_mls_enabled>True</selinux_mls_enabled> > <uname>Linux cirithungol 2.6.25-0.82.rc3.git2.fc9 #1 SMP Sun Mar 2 23:05:25 EST 2008 i686 i686</uname> > </environment> > <first_seen_date>2008-03-06T00:08:38Z</first_seen_date> > <host>cirithungol</host> > <last_seen_date>2008-03-06T00:08:38Z</last_seen_date> > <local_id>f27e6364-5635-4f02-944b-6631e336ea89</local_id> > <report_count>1</report_count> > <scontext mls="s0" role="system_r" type="nmbd_t" user="system_u"/> > <sig version="3.0"> > <access> > <operation>sys_resource</operation> > </access> > <analysis_id>catchall</analysis_id> > <host>cirithungol</host> > <scontext mls="s0" role="system_r" type="nmbd_t" user="system_u"/> > <tclass>capability</tclass> > <tcontext mls="s0" role="system_r" type="nmbd_t" user="system_u"/> > </sig> > <solution version="1.0"> > <fix_cmd></fix_cmd> > <fix_description><![CDATA[ > You can generate a local policy module to allow this > access - see <a href="http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385">FAQ</a> > Or you can disable SELinux protection altogether. Disabling > SELinux protection is not recommended. > Please file a <a href="http://bugzilla.redhat.com/bugzilla/enter_bug.cgi">bug report</a> > against this package. > ]]></fix_description> > <problem_description><![CDATA[ > > SELinux denied access requested by nmbd. It is not > expected that this access is required by nmbd and this access > may signal an intrusion attempt. It is also possible that the specific > version or configuration of the application is causing it to require > additional access. > > ]]></problem_description> > <summary><![CDATA[ > SELinux is preventing nmbd (nmbd_t) "sys_resource" to <Unknown> (nmbd_t). > ]]></summary> > </solution> > <source>nmbd</source> > <spath>/usr/sbin/nmbd</spath> > <src_rpm_list> > <rpm>samba-3.2.0-1.pre1.3.fc9</rpm> > </src_rpm_list> > <tclass>capability</tclass> > <tcontext mls="s0" role="system_r" type="nmbd_t" user="system_u"/> > <users> > <user delete_flag="False" seen_flag="True" username="lordmorgul"> > <filter> > <count>1</count> > <filter_type>0</filter_type> > </filter> > </user> > </users> > </siginfo> > </signature_list> > <users version="1.0"> > <user_list> > <user username="lordmorgul" version="1.0"> > <email_alert>False</email_alert> > </user> > </user_list> > </users> ></sigs>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=296969">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 436233
:
296968
| 296969 |
296970