Souhrn:

SELinux is preventing pt_chown (unconfined_t) "mmap_zero" to <Unknown>
(unconfined_t).

Podrobný popis:

SELinux denied access requested by pt_chown. The current boolean settings do not
allow this access. If you have not setup pt_chown to require this access this
may signal an intrusion attempt. If you do intend this access you need to change
the booleans on this system to allow the access.

Povolení přístupu:

Confined processes can be configured to to run requiring different access,
SELinux provides booleans to allow you to turn on/off access as needed. The
boolean allow_unconfined_mmap_low is set incorrectly.
Boolean Description:
Allow unconfined domain to map low memory in the kernel


Příkaz pro opravu:

# setsebool -P allow_unconfined_mmap_low 1

Další informace:

Kontext zdroje                unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
                              023
Kontext cíle                 unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
                              023
Objekty cíle                 None [ memprotect ]
Zdroj                         pt_chown
Cesta zdroje                  /usr/libexec/pt_chown
Port                          <Neznámé>
Počítač                    (removed)
RPM balíčky zdroje          glibc-common-2.10.1-4
RPM balíčky cíle           
RPM politiky                  selinux-policy-3.6.12-80.fc11
Selinux povolen               True
Typ politiky                  targeted
Vynucovací režim            Enforcing
Název zásuvného modulu     catchall_boolean
Název počítače            (removed)
Platforma                     Linux (removed)
                              2.6.29.6-217.2.16.fc11.x86_64 #1 SMP Mon Aug 24
                              17:17:40 EDT 2009 x86_64 x86_64
Počet upozornění           3
Poprvé viděno               Út 1. září 2009, 09:03:12 CEST
Naposledy viděno             Út 1. září 2009, 09:03:12 CEST
Místní ID                   cfd337e8-a401-4e90-8d55-446de83a379c
Čísla řádků              

Původní zprávy auditu      

node=(removed) type=AVC msg=audit(1251788592.162:34): avc:  denied  { mmap_zero } for  pid=2591 comm="pt_chown" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=memprotect

node=(removed) type=AVC msg=audit(1251788592.162:34): avc:  denied  { mmap_zero } for  pid=2591 comm="pt_chown" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=memprotect

node=(removed) type=AVC msg=audit(1251788592.162:34): avc:  denied  { mmap_zero } for  pid=2591 comm="pt_chown" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=memprotect

node=(removed) type=SYSCALL msg=audit(1251788592.162:34): arch=c000003e syscall=125 success=no exit=1737998296 a0=7fff43a22014 a1=0 a2=7fff423aee80 a3=7fff014392f0 items=0 ppid=2589 pid=2591 auid=500 uid=500 gid=500 euid=0 suid=0 fsuid=0 egid=500 sgid=500 fsgid=500 tty=pts0 ses=1 comm="pt_chown" exe="/usr/libexec/pt_chown" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)



Hash String generated from  selinux-policy-3.6.12-80.fc11,catchall_boolean,pt_chown,unconfined_t,unconfined_t,memprotect,mmap_zero
audit2allow suggests:

#============= unconfined_t ==============
allow unconfined_t self:memprotect mmap_zero;