Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 297643 Details for
Bug 376621
selinux prevents squid from accessing pam
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
Selinux alerts
selinux_alert.txt (text/plain), 5.43 KB, created by
Martin Nagy
on 2008-03-11 16:53:08 UTC
(
hide
)
Description:
Selinux alerts
Filename:
MIME Type:
Creator:
Martin Nagy
Created:
2008-03-11 16:53:08 UTC
Size:
5.43 KB
patch
obsolete
> >Summary: > >SELinux is preventing pam_auth (squid_t) "create" to <Unknown> (squid_t). > >Detailed Description: > >SELinux denied access requested by pam_auth. It is not expected that this access >is required by pam_auth and this access may signal an intrusion attempt. It is >also possible that the specific version or configuration of the application is >causing it to require additional access. > >Allowing Access: > >You can generate a local policy module to allow this access - see FAQ >(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable >SELinux protection altogether. Disabling SELinux protection is not recommended. >Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) >against this package. > >Additional Information: > >Source Context unconfined_u:system_r:squid_t:s0 >Target Context unconfined_u:system_r:squid_t:s0 >Target Objects None [ netlink_audit_socket ] >Source pam_auth >Source Path /usr/lib/squid/pam_auth >Port <Unknown> >Host wolverine.englab.brq.redhat.com >Source RPM Packages squid-2.6.STABLE17-1.fc8 >Target RPM Packages >Policy RPM selinux-policy-3.0.8-87.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name catchall >Host Name wolverine.englab.brq.redhat.com >Platform Linux wolverine.englab.brq.redhat.com > 2.6.21.7-2.fc8xen #1 SMP Fri Feb 15 12:39:36 EST > 2008 i686 i686 >Alert Count 6 >First Seen Tue 11 Mar 2008 04:44:43 PM CET >Last Seen Tue 11 Mar 2008 04:49:05 PM CET >Local ID b568588e-2122-4b33-ac49-f2a358cb0a22 >Line Numbers > >Raw Audit Messages > >host=wolverine.englab.brq.redhat.com type=AVC msg=audit(1205250545.132:355): avc: denied { create } for pid=18863 comm="pam_auth" scontext=unconfined_u:system_r:squid_t:s0 tcontext=unconfined_u:system_r:squid_t:s0 tclass=netlink_audit_socket > >host=wolverine.englab.brq.redhat.com type=SYSCALL msg=audit(1205250545.132:355): arch=40000003 syscall=102 success=no exit=-13 a0=1 a1=bfb87080 a2=287ff4 a3=9bc2008 items=0 ppid=18861 pid=18863 auid=500 uid=23 gid=23 euid=0 suid=0 fsuid=0 egid=23 sgid=23 fsgid=23 tty=(none) comm="pam_auth" exe="/usr/lib/squid/pam_auth" subj=unconfined_u:system_r:squid_t:s0 key=(null) > > > > >Summary: > >SELinux is preventing pam_auth (squid_t) "execute" to ./unix_chkpwd >(chkpwd_exec_t). > >Detailed Description: > >SELinux denied access requested by pam_auth. It is not expected that this access >is required by pam_auth and this access may signal an intrusion attempt. It is >also possible that the specific version or configuration of the application is >causing it to require additional access. > >Allowing Access: > >Sometimes labeling problems can cause SELinux denials. You could try to restore >the default system file context for ./unix_chkpwd, > >restorecon -v './unix_chkpwd' > >If this does not work, there is currently no automatic way to allow this access. >Instead, you can generate a local policy module to allow this access - see FAQ >(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable >SELinux protection altogether. Disabling SELinux protection is not recommended. >Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) >against this package. > >Additional Information: > >Source Context unconfined_u:system_r:squid_t:s0 >Target Context system_u:object_r:chkpwd_exec_t:s0 >Target Objects ./unix_chkpwd [ file ] >Source pam_auth >Source Path /usr/lib/squid/pam_auth >Port <Unknown> >Host wolverine.englab.brq.redhat.com >Source RPM Packages squid-2.6.STABLE17-1.fc8 >Target RPM Packages >Policy RPM selinux-policy-3.0.8-87.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name catchall_file >Host Name wolverine.englab.brq.redhat.com >Platform Linux wolverine.englab.brq.redhat.com > 2.6.21.7-2.fc8xen #1 SMP Fri Feb 15 12:39:36 EST > 2008 i686 i686 >Alert Count 6 >First Seen Tue 11 Mar 2008 04:44:42 PM CET >Last Seen Tue 11 Mar 2008 04:49:03 PM CET >Local ID b135fa39-eb44-42f8-8dee-489650c8b0e3 >Line Numbers > >Raw Audit Messages > >host=wolverine.englab.brq.redhat.com type=AVC msg=audit(1205250543.28:354): avc: denied { execute } for pid=18902 comm="pam_auth" name="unix_chkpwd" dev=dm-0 ino=31817947 scontext=unconfined_u:system_r:squid_t:s0 tcontext=system_u:object_r:chkpwd_exec_t:s0 tclass=file > >host=wolverine.englab.brq.redhat.com type=SYSCALL msg=audit(1205250543.28:354): arch=40000003 syscall=11 success=no exit=-13 a0=1194d8 a1=bfb86f90 a2=11ff64 a3=9bc20d0 items=0 ppid=18863 pid=18902 auid=500 uid=0 gid=23 euid=0 suid=0 fsuid=0 egid=23 sgid=23 fsgid=23 tty=(none) comm="pam_auth" exe="/usr/lib/squid/pam_auth" subj=unconfined_u:system_r:squid_t:s0 key=(null) > >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=297643">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 376621
:
258061
|
297620
|
297622
| 297643 |
297782