search for: netlink_audit_socket

...AM audit_open() failed: Permission denied This is the entry from the audit log... ---------------- type=AVC msg=audit(1320178016.209:919): avc: denied { create } for pid=22689 comm="unix_chkpwd" scontext=unconfined_u:system_r:httpd_t:s0 tcontext=unconfined_u:system_r:httpd_t:s0 tclass=netlink_audit_socket type=SYSCALL msg=audit(1320178016.209:919): arch=c000003e syscall=41 success=no exit=-13 a0=10 a1=3 a2=9 a3=7fff23386470 items=0 ppid=20102 pid=22689 auid=500 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=107 comm="unix_chkpwd" exe="/sbin/unix_chkpwd&...

...and selinux is blocking this pppd service. "audit2allow -M" has generated the following policy based on AVC denial messages: module fixdialinserver 1.0; require { type pppd_t; type shadow_t; type chkpwd_exec_t; class file { read execute }; class netlink_audit_socket create; } #============= pppd_t ============== allow pppd_t chkpwd_exec_t:file execute; allow pppd_t self:netlink_audit_socket create; allow pppd_t shadow_t:file read; However, I am unable to load this module due to conflict with another policy: # semodule -i fixdialinserver.pp libsepol.check_a...

...ot;audit2allow -M" has generated the following policy based on AVC > denial messages: > > > module fixdialinserver 1.0; > > require { > ? ? ? ?type pppd_t; > ? ? ? ?type shadow_t; > ? ? ? ?type chkpwd_exec_t; > ? ? ? ?class file { read execute }; > ? ? ? ?class netlink_audit_socket create; > } > > #============= pppd_t ============== > allow pppd_t chkpwd_exec_t:file execute; > allow pppd_t self:netlink_audit_socket create; > allow pppd_t shadow_t:file read; > > > However, I am unable to load this module due to conflict with another policy: > &gt...

...rmission sendto in class node not defined in policy SELinux: permission ingress in class netif not defined in policy SELinux: permission egress in class netif not defined in policy SELinux: permission setfcap in class capability not defined in policy SELinux: permission nlmsg_tty_audit in class netlink_audit_socket not defined in policy SELinux: permission forward_in in class packet not defined in policy SELinux: permission forward_out in class packet not defined in policy SELinux: the above unknown classes and permissions will be denied How can I fix these errors? Thanks in advance! -- -- Open Kairos h...