Bug 560412 - SELinux is preventing /usr/sbin/ulogd "module_request" access.
Summary: SELinux is preventing /usr/sbin/ulogd "module_request" access.
Status: CLOSED DUPLICATE of bug 487666
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 12
Hardware: x86_64
OS: Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
Whiteboard: setroubleshoot_trace_hash:7de18274d82...
Depends On:
TreeView+ depends on / blocked
Reported: 2010-01-31 15:52 UTC by fredouille
Modified: 2010-05-30 20:38 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-02-23 23:35:54 UTC

Attachments (Terms of Use)

Description fredouille 2010-01-31 15:52:59 UTC

SELinux is preventing /usr/sbin/ulogd "module_request" access.

Description détaillée:

[ulogd a un type permissif (ulogd_t). Cet accès n'a pas été refusé.]

SELinux denied access requested by ulogd. It is not expected that this access is
required by ulogd and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Autoriser l'accès:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug

Informations complémentaires:

Contexte source               system_u:system_r:ulogd_t:s0
Contexte cible                system_u:system_r:kernel_t:s0
Objets du contexte            None [ system ]
source                        ulogd
Chemin de la source           /usr/sbin/ulogd
Port                          <Inconnu>
Hôte                         (removed)
Paquetages RPM source         ulogd-1.24-13.fc12
Paquetages RPM cible          
Politique RPM                 selinux-policy-3.6.32-59.fc12
Selinux activé               True
Type de politique             targeted
Mode strict                   Enforcing
Nom du plugin                 catchall
Nom de l'hôte                (removed)
Plateforme                    Linux (removed) #1
                              SMP Sat Nov 7 21:11:14 EST 2009 x86_64 x86_64
Compteur d'alertes            1
Première alerte              dim. 17 janv. 2010 16:04:58 CET
Dernière alerte              dim. 17 janv. 2010 16:04:58 CET
ID local                      8feaca6c-018d-4e09-8c4d-e3015a415c38
Numéros des lignes           

Messages d'audit bruts        

node=(removed) type=AVC msg=audit(1263740698.604:6): avc:  denied  { module_request } for  pid=1525 comm="ulogd" scontext=system_u:system_r:ulogd_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system

node=(removed) type=SYSCALL msg=audit(1263740698.604:6): arch=c000003e syscall=41 success=yes exit=3 a0=10 a1=3 a2=5 a3=28 items=0 ppid=1524 pid=1525 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ulogd" exe="/usr/sbin/ulogd" subj=system_u:system_r:ulogd_t:s0 key=(null)

Hash String generated from  selinux-policy-3.6.32-59.fc12,catchall,ulogd,ulogd_t,kernel_t,system,module_request
audit2allow suggests:

#============= ulogd_t ==============
#!!!! This avc can be allowed using the boolean 'domain_kernel_load_modules'

allow ulogd_t kernel_t:system module_request;

Comment 1 Daniel Walsh 2010-02-01 20:09:01 UTC
Did you disable ipv6?

Comment 2 Daniel Walsh 2010-02-23 23:35:54 UTC

*** This bug has been marked as a duplicate of bug 487666 ***

Comment 3 Cristian Gafton 2010-05-30 20:38:34 UTC
(In reply to comment #1)
> Did you disable ipv6?    

Yes, this is happening on F12 hosts that have ipv6 disabled.

Note You need to log in before you can comment on or make changes to this bug.