search for: c1023

...SELinux is in enforcing mode on Server, the commands fail with this message : bash: /usr/bin/xauth: Permission denied and /var/log/audit/audit.log shows the following errors : type=SELINUX_ERR msg=audit(1326381080.364:610): security_compute_sid: invalid context system_u:system_r:xauth_t:s0-s0:c0.c1023 for scontext=system_u:system_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xauth_exec_t:s0 tclass=process type=AVC msg=audit(1326381080.364:610): avc: denied { write } for pid=3487 comm="xauth" path="pipe:[21744]" dev=pipefs ino=21744 scontext=system_u:system_r:xa...

...n a disk, the burn operation fails. /var/log/audit/audit.log contains the following: type=AVC msg=audit(1556724762.446:1133340): avc: denied { read } for pid=8296 comm="growisofs" name="devices" dev="proc" ino=4026532225 scontext=staff_u:staff_r:cdrecord_t:s0-s0:c0.c1023 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=0 type=AVC msg=audit(1556724762.446:1133341): avc: denied { read } for pid=8296 comm="growisofs" name="meminfo" dev="proc" ino=4026532040 scontext=staff_u:staff_r:cdrecord_t:s0-s0:c0.c1023 tcontext=system_u...

Hi All, Thanks for the information. But after resetting the semanage User/login, and moving the targeted folder to old one and then install the default target. then also its still showing the Id context as context=*system_u:system_r:unconfined_t:s0-s0:c0.c1023.* *What I observed is after changing the permission using semanage command also, its still showing the system_u:system_r. * *Check the semanage login/User output :* *semanage login -l* *Login Name SELinux User MLS/MCS Range Service* *__default__ unconfined_u...

On 04/26/2017 04:22 AM, Gordon Messmer wrote: > On 04/25/2017 03:25 PM, Robert Moskowitz wrote: >> This made the same content as before that caused problems: > > I still don't understand, exactly. Are you seeing *new* problems > after installing a policy? What are the problems? > >> #!!!! The file '/var/lib/mysql/mysql.sock' is mislabeled on your system.

.../bin/xauth but it makes no difference. The message I'm now seeing in /var/log/audit/audit.log : type=AVC msg=audit(1385112688.399:67769): avc: denied { write } for pid=8218 comm="xauth" name="caw" dev=md1 ino=262145 scontext=unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1385112688.399:67769): arch=c000003e syscall=2 success=no exit=-13 a0=7fffdecf5c60 a1=c1 a2=180 a3=8 items=0 ppid=8217 pid=8218 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(n...

...nage user -l Labeling MLS/ MLS/ SELinux User Prefix MCS Level MCS Range SELinux Roles git_shell_u user s0 s0 git_shell_r guest_u user s0 s0 guest_r root user s0 s0-s0:c0.c1023 staff_r sysadm_r system_r unconfined_r staff_u user s0 s0-s0:c0.c1023 staff_r sysadm_r system_r unconfined_r sysadm_u user s0 s0-s0:c0.c1023 sysadm_r system_u user s0 s0-s0:c0.c1023 system_r unconfined_r unconfined_u...

...type=USER_AVC msg=audit(1513478641.700:1920): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { reload } for auid=0 uid=0 gid=0 cmdline="/usr/bin/systemctl reload named-chroot.service" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:init_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' type=USER_AVC msg=audit(1513478641.702:1921): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { reload } for...

...-6.2 (turned into a xen-4.1 host) : I get SELinux errors, and I'm not able to understand them. From audit2why : type=AVC msg=audit(1343724164.898:298772): avc: denied { mac_admin } for pid=12399 comm="restore" capability=33 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=capability2 ... and from audit2allow : #============= unconfined_t ============== allow unconfined_t self:capability2 mac_admin; I don't know what triggers these records in /var/log/audit (everything seems to work). Running...

...rst ran that (using sudo), I received the following SELinux denials: type=AVC msg=audit(1374507059.429:625): avc: denied { transition } for pid=8600 comm="virsh" path="/usr/bin/bash" dev="dm-3" ino=1842877 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:system_r:virtd_lxc_t:s0-s0:c0.c1023 tclass=process type=SYSCALL msg=audit(1374507059.429:625): arch=x86_64 syscall=execve success=no exit=EACCES a0=7f87443a7a30 a1=7f87444287e0 a2=7fff38cd3c40 a3=8 items=0 ppid=0 pid=8600 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgi...

...bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep wine-preloader /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 Target Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 Target Objects [ memprotect ] Source wine-preloader Source Path wine-preloader Port <Unknown> Host localhost...

...cess=no exit=-13 a0=11ee230 a1=4 a2=7fff722837b0 a3=7fff72283640 > > items=0 ppid=2815 pid=2816 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 > > egid=0 sgid=0 fsgid=0 tty=(none) ses=981 comm="bash" exe="/usr/bin/bash" > > subj=system_u:system_r:logwatch_t:s0-s0:c0.c1023 key=(null) > > type=AVC msg=audit(1408350063.257:7492): avc: denied { read } > > for pid=2816 comm="bash" name="virsh" dev="dm-0" ino=135911290 > > scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023 > > tcontext=system_u:object_r:virsh_ex...

...the driver shouldn't be looking for load on an nonexistent output. This other log line may be relevant (or not): Apr 13 08:35:30 localhost kernel: type=1400 audit(1271144119.830:4): avc: denied { mmap_zero } for pid=462 comm="vbetool" scontext=system_u:system_r:vbetool_t:s0-s0:c0.c1023 tcontext=system_u:system_r:vbetool_t:s0-s0:c0.c1023 tclass=memprotect On the other hand, both CRTC's are using output B. I'm not that familiar with the hardware, and this may be completely wrong, but I assume an output can only be used by a single CRTC. Cheers, Renato

...1 Line Numbers Raw Audit Messages avc: denied { read, write } for comm="cupsd" dev=dm-0 egid=0 euid=0 exe="/usr/sbin/cupsd" exit=0 fsgid=0 fsuid=0 gid=0 items=0 name="__db.000" path="socket:[15083]" pid=5515 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=0 subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=0 tclass=file tcontext=system_u:object_r:rpm_var_lib_t:s0 tty=tty1 uid=0 I checked in /usr/share/docs/selinux-policy-2.4.6/html and find no references (using grub) for "cupsd_disable_trans" How do I find out what this boolean o...

...# netstat -pnaevZ Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name Security Context ... tcp 0 0 10.10.10.205:12049 0.0.0.0:* LISTEN 505 224898 9331/gotour fined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [appengine at centos6-paas-dev gotour]$ getenforce Permissive Any ideas? -- - EJR

...or : virSecurityDriverLookup:74 : internal error Security driver selinux not found". SELinux is in a permissive mode but is not enforcing. ?The current situation is as follows: * The label of an LXC container is not properly done: $ ps auxZ | grep lxc unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 root 27998 0.0 ?0.0 34716 1160 ? ?Ss ? 11:54 ? 0:00 /usr/libexec/libvirt_lxc --name instance-0000001f --console 16 --security=none --handshake 19 --background --veth veth1 * This is the lable of libvirtd process: $ ps auxZ | grep libvirtd unconfined_u:system_r:virtd_t:s0-s0:c0.c1023 root 27376 0....

...reating device node: /dev/mISDN [root at odysseus asterisk-1.4.8]# ===== dmesg output after loading mISDN ===== audit(1185291518.207:3): avc: denied { search } for pid=2482 comm="ldconfig" name="libpri-1.4.1" dev=dm-0 ino=140180 scontext=root:system_r:ldconfig_t:s0-s0:c0.c1023 tcontext=root:object_r:src_t:s0 tclass=dir audit(1185291518.207:4): avc: denied { getattr } for pid=2482 comm="ldconfig" name="libpri-1.4.1" dev=dm-0 ino=140180 scontext=root:system_r:ldconfig_t:s0-s0:c0.c1023 tcontext=root:object_r:src_t:s0 tclass=dir audit(1185291518.20...

.... They correspond to audit.log messages similar to the following: type=AVC msg=audit(1239664501.977:9052044): avc: denied { write } for pid=18901 comm="sendmail" name="transaction-done.2009-04-12.22:52.45" dev=loop0 ino=901575 scontext=user_u:system_r:system_mail_t:s0-s0:c0.c1023 tcontext=user_u:object_r:var_lib_t:s0 tclass=file type=AVC msg=audit(1239664501.977:9052044): avc: denied { read write } for pid=18901 comm="sendmail" name="__db.000" dev=loop0 ino=901554 scontext=user_u:system_r:system_mail_t:s0-s0:c0.c1023 tcontext=root:object_r:rpm_var_lib...

...r-0ccet6p nmbd[13329]: [2007/01/06 18:50:37, 0] nmbd/nmbd_serverlistdb.c:write_browse_list(339) Jan 6 18:50:37 user-0ccet6p kernel: audit(1168127437.054:524): avc: denied { search } for pid=13329 comm="nmbd" name="lib" dev=dm-0 ino=72220674 scontext=root:system_r:nmbd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir Jan 6 18:50:37 user-0ccet6p nmbd[13329]: write_browse_list: Can't open file /var/lib/samba/browse.dat.. Error was Permission denied Jan 6 18:50:57 user-0ccet6p nmbd[13329]: [2007/01/06 18:50:57, 0] nmbd/nmbd_serverlistdb.c:write_browse_list(339...

I keep seeing this in my audit.logs: type=AVC msg=audit(1496336600.230:6): avc: denied { name_connect } for pid=2411 comm="dbus-daemon" dest=111 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket Was caused by: The boolean allow_ypbind was set incorrectly. Description: Allow system to run with NIS Allow access by executing: # setsebool -P allow_ypbind 1 The weirdness is that when I check allow_ypbind, it?s already on:...

Hello, how do people cope with constant SELinux errors like this from Fusion Passenger: 36886. 03/27/2013 14:20:05 ps unconfined_u:system_r:passenger_t:s0 2 file open system_u:system_r:udev_t:s0-s0:c0.c1023 denied 1922 36887. 03/27/2013 14:20:05 ps unconfined_u:system_r:passenger_t:s0 4 dir getattr unconfined_u:system_r:initrc_t:s0 denied 1927 36888. 03/27/2013 14:20:05 ps unconfined_u:system_r:passenger_t:s0 2 dir search unconfined_u:system_r:initrc_t:s0 denied 1928 It happens when Passenger v3 tr...