Red Hat Bugzilla – Bug 228938
mii-tool denied access to wcstatus.log by SELinux
Last modified: 2007-11-30 17:11:57 EST
Description of problem:SELinux is blocking access from /sbin/mii-tool to
Version-Release number of selected component (if applicable): 1.60
Steps to Reproduce:
SELinux denied access requested by /sbin/mii-tool. It is not expected that this
access is required by /sbin/mii-tool and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
Source Context: system_u:system_r:ifconfig_t
Target Context: user_u:object_r:var_log_t
Target Objects: /var/log/wcstatus.log [ file ]
Affected RPM Packages: net-tools-1.60-73 [application]
Policy RPM: selinux-policy-2.4.6-35.fc6
Selinux Enabled: True
Policy Type: targeted
MLS Enabled: TrueE
nforcing Mode: Enforcing
Plugin Name: plugins.catchall_file
Host Name: baldy
Platform: Linux baldy 2.6.19-1.2911.fc6 #1 SMP Sat Feb 10 15:16:31 EST 2007
x86_64 x86_64Alert Count: 39762Line Numbers: Raw Audit Messages :
Reassigning to selinux-policy. Anyway I would strongly suggest to use ethtool
instaed of mii-tool.
Here are the version of selinux packages I have installed.
I just saw today that there is a selinux update available (-37) I'll update to
that when I get home and let you know if the error message still exists.
This looks like a local customization. Why is mii-tool writing to a log
If you need this you can add customized local policy.
audit2allow -M mymiipolicy < /var/log/audit/audit.log