Bug 462166

Summary: broadband connection
Product: [Fedora] Fedora Reporter: adrian_wwwa
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED CURRENTRELEASE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: 8   
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-11-17 22:05:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description adrian_wwwa 2008-09-13 08:40:55 UTC 
Description of problem:

Summary:

SELinux is preventing pppd (pppd_t) "kill" to <Unknown> (pppd_t).

Detailed Description:

SELinux denied access requested by pppd. It is not expected that this access is
required by pppd and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:pppd_t:s0
Target Context                system_u:system_r:pppd_t:s0
Target Objects                None [ capability ]
Source                        pppd
Source Path                   /usr/sbin/pppd
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           ppp-2.4.4-2
Target RPM Packages           
Policy RPM                    selinux-policy-3.0.8-109.fc8
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.25.4-10.fc8 #1 SMP
                              Thu May 22 22:58:37 EDT 2008 x86_64 x86_64
Alert Count                   34
First Seen                    Thu 24 Apr 2008 09:29:59 PM EEST
Last Seen                     Tue 02 Sep 2008 09:38:57 PM EEST
Local ID                      8d2a1eb0-b243-4663-aca0-da8fb8ec7c6c
Line Numbers                  

Raw Audit Messages            

host=localhost.localdomain type=AVC msg=audit(1220380737.970:22): avc:  denied  { kill } for  pid=3627 comm="pppd" capability=5 scontext=system_u:system_r:pppd_t:s0 tcontext=system_u:system_r:pppd_t:s0 tclass=capability

host=localhost.localdomain type=SYSCALL msg=audit(1220380737.970:22): arch=c000003e syscall=62 success=yes exit=0 a0=0 a1=f a2=0 a3=0 items=0 ppid=3603 pid=3627 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="pppd" exe="/usr/sbin/pppd" subj=system_u:system_r:pppd_t:s0 key=(null)




Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Daniel Walsh 2008-09-15 18:09:33 UTC 
fixed in selinux-policy-3.0.8-115.fc8
Comment 2 Daniel Walsh 2008-11-17 22:05:44 UTC 
Closing all bugs that have been in modified for over a month.  Please reopen if the bug is not actually fixed.