Resúmen: SELinux is preventing /usr/bin/python from connecting to port 18475. Descripción Detallada: SELinux has denied yum from connecting to a network port 18475 which does not have an SELinux type associated with it. If yum should be allowed to connect on 18475, use the semanage command to assign 18475 to a port type that abrt_t can connect to (http_port_t). If yum is not supposed to connect to 18475, this could signal a intrusion attempt. Permitiendo Acceso: If you want to allow yum to connect to 18475, you can execute semanage port -a -t PORT_TYPE -p tcp 18475 where PORT_TYPE is one of the following: http_port_t. Información Adicional: Contexto Fuente system_u:system_r:abrt_t:s0 Contexto Destino system_u:object_r:port_t:s0 Objetos Destino None [ tcp_socket ] Fuente yum Dirección de Fuente /usr/bin/python Puerto 18475 Nombre de Equipo (removed) Paquetes RPM Fuentes python-2.6.2-2.fc12 Paquetes RPM Destinos RPM de Políticas selinux-policy-3.6.32-41.fc12 SELinux Activado True Tipo de Política targeted MLS Activado True Modo Obediente Enforcing Nombre de Plugin connect_ports Nombre de Equipo (removed) Plataforma Linux (removed) 2.6.31.5-122.fc12.i686 #1 SMP Thu Nov 5 02:08:26 EST 2009 i686 i686 Cantidad de Alertas 1 Visto por Primera Vez dom 08 nov 2009 15:48:55 EST Visto por Última Vez dom 08 nov 2009 15:48:55 EST ID Local 3c128c85-8d31-4da3-b234-b897f74c62ef Números de Línea Mensajes de Auditoría Crudos node=(removed) type=AVC msg=audit(1257713335.746:31968): avc: denied { name_connect } for pid=2180 comm="yum" dest=18475 scontext=system_u:system_r:abrt_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket node=(removed) type=SYSCALL msg=audit(1257713335.746:31968): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=bfb37470 a2=f55f80 a3=bfb376dc items=0 ppid=2179 pid=2180 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="yum" exe="/usr/bin/python" subj=system_u:system_r:abrt_t:s0 key=(null) Hash String generated from selinux-policy-3.6.32-41.fc12,connect_ports,yum,abrt_t,port_t,tcp_socket,name_connect audit2allow suggests: #============= abrt_t ============== allow abrt_t port_t:tcp_socket name_connect;
Fixed in selinux-policy-3.6.32-42.fc12.noarch
Still ocurring with selinux-policy-3.6.32-44.fc12 after a full relabel. The only difference: in my system the port is *different*, namely 54769.
Did you also install selinux-policy-targeted ? rpm -q selinux-policy-targeted
Pedro, abrt is now allowed to connect to any port. If you execute the command given my Miroslav, then take your avc and pipe it through audit2why. It should say it would be allowed grep abrt /var/log/audit/audit.log | audit2why If not please attach the AVC the machine is reporting.
Created attachment 369729 [details] AVC errors related to abrt/abrtd
@Miroslav Yes, both are the same version. @Daniel I've attached the AVC log. The only unusual thing in the machine's setup is that I ran preupgrade on it to upgrade F11 to Rawhide two days after the release of the beta spin.
One thing you might want to try is clearing out your abrt database, since I have heard there is a corruption in there. I am adding attional abrt access in selinux-policy-3.6.32-46.fc12.noarch
Ahh, yes. Removing abrt's db helped a lot during the weekend. I'll keep my eyes on Koji to try out the new version and will report back here.
I'd say selinux-policy-3.6.32-46.fc12.noarch has fixed this issue for me. Now I have a different problem as reported in bug 537955.