Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 682635 Details for
Bug 901661
Summary: SELinux is preventing ip6tables-resto (iptables_t) "read write" to socket (firstboot_t). Detailed Description: SELinux denied access requested by ip6tables-resto
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
SELinux denied access requested by ip6tables-resto. It is not expected that this access is required by ip6tables-resto and this access may signal an intrusion attempt. It is also possible that the spe
file_901661.txt (text/plain), 1.44 KB, created by
Martino Foschi
on 2013-01-18 18:30:52 UTC
(
hide
)
Description:
SELinux denied access requested by ip6tables-resto. It is not expected that this access is required by ip6tables-resto and this access may signal an intrusion attempt. It is also possible that the spe
Filename:
MIME Type:
Creator:
Martino Foschi
Created:
2013-01-18 18:30:52 UTC
Size:
1.44 KB
patch
obsolete
>Source Context:Â Â system_u:system_r:iptables_tTarget Context:Â Â system_u:system_r:firstboot_tTarget Objects:Â Â socket [ netlink_route_socket ]Source:Â Â iptablesSource Path:Â Â /sbin/iptablesPort:Â Â <Unknown>Host:Â Â localhost.localdomainSource RPM Packages:Â Â iptables-ipv6-1.3.5-9.2.el5_8Target RPM Packages:Â Â Policy RPM:Â Â selinux-policy-2.4.6-338.el5Selinux Enabled:Â Â TruePolicy Type:Â Â targetedMLS Enabled:Â Â TrueEnforcing Mode:Â Â EnforcingPlugin Name:Â Â catchallHost Name:Â Â localhost.localdomainPlatform:Â Â Linux localhost.localdomain 2.6.18-348.el5 #1 SMP Wed Nov 28 21:25:39 EST 2012 i686 i686Alert Count:Â Â 14First Seen:Â Â Tue 15 Jan 2013 09:53:41 PM GMTLast Seen:Â Â Tue 15 Jan 2013 09:53:42 PM GMTLocal ID:Â Â 5b7d293d-5ba5-4db1-b25a-c932f5c3895bLine Numbers:Â Â Raw Audit Messages :host=localhost.localdomain type=AVC msg=audit(1358286822.420:19): avc: denied { read write } for pid=3056 comm="ip6tables-resto" path="socket:[11851]" dev=sockfs ino=11851 scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:system_r:firstboot_t:s0 tclass=netlink_route_socket host=localhost.localdomain type=SYSCALL msg=audit(1358286822.420:19): arch=40000003 syscall=11 success=yes exit=0 a0=9054b70 a1=9058148 a2=9030d48 a3=0 items=0 ppid=3016 pid=3056 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables-resto" exe="/sbin/ip6tables-restore" subj=system_u:system_r:iptables_t:s0 key=(null)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=682635">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 901661
: 682635