User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:14.0) Gecko/20100101 Firefox/14.0.1 Build Identifier: Detailed Description: SELinux denied access requested by ip. It is not expected that this access is required by ip and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./net, restorecon -v './net' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:pptp_t Target Context system_u:object_r:proc_net_t Target Objects ./net [ dir ] Source ip Source Path /sbin/ip Port <Unknown> Host kelvin.localdomain Source RPM Packages iproute-2.6.18-13.el5 iproute-2.6.18-15.el5 Target RPM Packages Policy RPM selinux-policy-2.4.6-327.el5 selinux- policy-2.4.6-338.el5 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name kelvin.localdomain Platform Linux kelvin.localdomain 2.6.18-348.1.1.el5 #1 SMP Fri Dec 14 05:25:59 EST 2012 x86_64 x86_64 Alert Count 1 First Seen Thu 31 Jan 2013 10:16:48 GMT Last Seen Thu 31 Jan 2013 10:16:48 GMT Local ID 769d9cbc-95ad-44b2-a84c-8bc1289f34ca Line Numbers Raw Audit Messages host=kelvin.localdomain type=AVC msg=audit(1359627408.815:1900): avc: denied { search } for pid=21947 comm="ip" name="net" dev=proc ino=4026531865 scontext=system_u:system_r:pptp_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=dir host=kelvin.localdomain type=SYSCALL msg=audit(1359627408.815:1900): arch=c000003e syscall=2 success=no exit=-13 a0=7fffe0184a50 a1=0 a2=1b6 a3=0 items=0 ppid=21946 pid=21947 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip" exe="/sbin/ip" subj=system_u:system_r:pptp_t:s0 key=(null) Reproducible: Always Steps to Reproduce: 1.Connect to VPN via Network Manager 2. 3.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release.
Has been fixed.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1312.html