search for: sysctl_kernel_t

...ling list here: http://lists.centos.org/pipermail/centos/2008-August/062296.html Quoting from that post: module local 1.0; require { type traceroute_port_t; type amavis_t; type postfix_spool_t; type clamd_t; type amavis_var_lib_t; type sysctl_kernel_t; type var_t; type postfix_smtpd_t; type initrc_t; type proc_t; class unix_stream_socket connectto; class file { read getattr }; class sock_file write; class lnk_file { read create unlink getattr }; class udp_s...

I am seeing these in the log of one of our off-site NX hosts running CentOS-6.6. type=AVC msg=audit(1421683972.786:4372): avc: denied { create } for pid=22788 comm="iptables" scontext=system_u:system_r:fail2ban_t:s0 tcontext=system_u:system_r:fail2ban_t:s0 tclass=rawip_socket Was caused by: Missing type enforcement (TE) allow rule. You can use

...ail_t; type snmpd_t; type tmp_t; type dovecot_deliver_t; type postfix_smtp_t; type nfs_t; type var_run_t; type usr_t; type httpd_t; type audisp_t; type postfix_cleanup_t; type inetd_t; type portmap_t; type postfix_pickup_t; type hald_t; type getty_t; type avahi_t; type etc_t; type sysctl_kernel_t; type unconfined_t; type init_t; type auditd_t; type lib_t; type dovecot_auth_t; type syslogd_t; type hostname_exec_t; type postfix_smtpd_t; type var_spool_t; type system_dbusd_t; type mysqld_etc_t; type initrc_t; type proc_t; type restorecond_t; type etc_runtime_t; type postfix_bou...

...an_t ============== allow fail2ban_t ldconfig_exec_t:file { read execute open getattr execute_no_trans }; allow fail2ban_t insmod_exec_t:file { read execute open }; allow fail2ban_t self:capability { net_admin net_raw }; allow fail2ban_t self:rawip_socket { getopt create setopt }; allow fail2ban_t sysctl_kernel_t:dir search; allow fail2ban_t sysctl_modprobe_t:file read; allow system_mail_t inotifyfs_t:dir read; I am not sure whether this issue is the result of something that we have done or left undone. We have another host configured in much the same fashion as this one and it does not display these er...