This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 438145 - Unresolved action name in SELinux messages
Unresolved action name in SELinux messages
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: setroubleshoot (Show other bugs)
8
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-03-19 08:42 EDT by Milos Malik
Modified: 2008-09-09 14:49 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-09-09 14:49:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
output of sealert (2.64 KB, text/plain)
2008-03-19 09:42 EDT, Milos Malik
no flags Details
output of sealert in enforcing mode (2.53 KB, text/plain)
2008-03-19 09:54 EDT, Milos Malik
no flags Details

  None (edit)
Description Milos Malik 2008-03-19 08:42:52 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; cs-CZ; rv:1.8.1.12) Gecko/20080208 Fedora/2.0.0.12-1.fc8 Firefox/2.0.0.12

Description of problem:
The action which was prevented by SELinux is called "unknown" in SELinux messages.

The faulty dhclient utility comes from dhclient-3.0.6-12 package.

Version-Release number of selected component (if applicable):
setroubleshoot-2.0.5-2

How reproducible:
Always


Steps to Reproduce:
Following steps will probably disconnect you from your network!!!

1. setenforce 1
2. dhclient -p 65537
3. look at the end of /var/log/messages
4. search for the latest SELinux message


Actual Results:
Following message appeared in /var/log/messages:

setroubleshoot: SELinux is preventing dhclient (dhcpc_t) "name_bind" to <Neznámé> (inetd_child_port_t). For complete SELinux messages. run sealert -l eed0b691-8a90-4068-bb23-2dda1a2a177c


Expected Results:
Following message appeared in /var/log/messages:

setroubleshoot: SELinux is preventing the dhclient (dhcpc_t) from binding to port 1. For complete SELinux messages. run sealert -l 619ad5f5-dea3-49a9-8b7f-6844a587b5b5

Additional info:
Comment 1 John Dennis 2008-03-19 09:20:08 EDT
To diagnose this I need the full alert information.

Please open the sealert browser, select the alert this message came from, from
the edit menu choose "Copy Alert" and paste the contents into this bug report.
Or, the same data can be obtained from the command line via the instructions in
the syslog message by running sealert -l <id>. Thank you.
Comment 2 Milos Malik 2008-03-19 09:42:26 EDT
Created attachment 298509 [details]
output of sealert

I'm sorry I don't know how to change the language in log messages.

The czech word "Neznámé" has the same meaning as english word "Unknown".
Comment 3 Milos Malik 2008-03-19 09:54:42 EDT
Created attachment 298512 [details]
output of sealert in enforcing mode

Previous output of sealert comes from permissive mode. Current output of
sealert comes from enforcing mode.
Comment 4 John Dennis 2008-03-19 10:49:43 EDT
Dan, we need to remove $TARGET_PATH from the catchall plugin, a socket does not
have a path, it was $TARGET_PATH which was causing the <Unknown> to show up in
the summary.

We also need plugins for name bind and name connect on a defined port.
Comment 5 Daniel Walsh 2008-03-29 11:06:55 EDT
John I added the plugins to the source pool but intltool seems to be broken on
my machine right now.


Note You need to log in before you can comment on or make changes to this bug.