search for: tcontext

...ule -i mypol.pp grep 546AA6099F /var/log/audit/audit.log | audit2why type=AVC msg=audit(1398199187.646:29332): avc: denied { getattr } for pid=23387 comm="smtp" path="/var/spool/postfix/active/546AA6099F" dev=dm-0 ino=395679 scontext=unconfined_u:system_r:postfix_smtp_t:s0 tcontext=unconfined_u:object_r:postfix_spool_maildrop_t:s0 tclass=file Was caused by: Missing type enforcement (TE) allow rule. You can use audit2allow to generate a loadable module to allow this access. type=AVC msg=audit(1398199187.646:29333): avc: denied { read write } for pid=23387 comm="...

...sk, the burn operation fails. /var/log/audit/audit.log contains the following: type=AVC msg=audit(1556724762.446:1133340): avc: denied { read } for pid=8296 comm="growisofs" name="devices" dev="proc" ino=4026532225 scontext=staff_u:staff_r:cdrecord_t:s0-s0:c0.c1023 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=0 type=AVC msg=audit(1556724762.446:1133341): avc: denied { read } for pid=8296 comm="growisofs" name="meminfo" dev="proc" ino=4026532040 scontext=staff_u:staff_r:cdrecord_t:s0-s0:c0.c1023 tcontext=system_u:object_r...

Hello, I'm using the targeted policy. PHP's mail() function fails because of selinux. audit(1149662369.454:2): avc: denied { setgid } for pid=18085 comm="sendmail" capability=6 scontext=root:system_r:httpd_sys_script_t tcontext=root:system_r:httpd_sys_script_t tclass=capability When i turn to permisive mode: audit(1149668677.105:12): avc: denied { setuid } for pid=29159 comm="sendmail" capability=7 scontext=root:system_r:ht tpd_sys_script_t tcontext=root:system_r:httpd_sys_script_t tclass=capability audit(11...

...ges appears in audit.log: [root at srv-1.home ~]# tail -F /var/log/audit/audit.log | grep type=AVC type=AVC msg=audit(1357993548.964:8529): avc: denied { getattr } for pid=21321 comm="smartd" path="/dev/sdc" dev=devtmpfs ino=6327 scontext=unconfined_u:system_r:fsdaemon_t:s0 tcontext=system_u:object_r:svirt_image_t:s0:c281,c675 tclass=blk_file type=AVC msg=audit(1357993548.965:8530): avc: denied { getattr } for pid=21321 comm="smartd" path="/dev/sdd" dev=devtmpfs ino=6321 scontext=unconfined_u:system_r:fsdaemon_t:s0 tcontext=system_u:object_r:svirt_image_...

...tely it works fine. Here are all the messages from /var/log/messages that are SElinux related: May 28 21:39:15 srsblnfw01 kernel: audit(1180381151.395:10): avc: denied { use } for pid=3012 comm="openvpn" name="null" dev=tmpfs ino=1396 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:system_r:pppd_t:s0 tclass=fd May 28 21:39:15 srsblnfw01 kernel: audit(1180381151.395:11): avc: denied { use } for pid=3012 comm="openvpn" name="null" dev=tmpfs ino=1396 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:system_r:pppd_t:s0 tclass=fd May 28 21:39...

...gt; found one (or a minimal combination) of rules that is causing dovecot > to crash and log a backtrace. Here are the messages I got: type=AVC msg=audit(1493361695.041:49205): avc: denied { rlimitinh } for pid=3047 comm="cleanup" scontext=system_u:system_r:postfix_master_t:s0 tcontext=system_u:system_r:postfix_cleanup_t:s0 tclass=process permissive=1 type=AVC msg=audit(1493361695.041:49205): avc: denied { siginh } for pid=3047 comm="cleanup" scontext=system_u:system_r:postfix_master_t:s0 tcontext=system_u:system_r:postfix_cleanup_t:s0 tclass=process permissive=1 t...

...e error messages in the system services initialization: ====================================================================== audit(1156518721.252:2): avc: denied { read } for pid=2223 comm="syslogd" name="libc-2.3.4.so" dev=dm-0 ino=50441 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file audit(1156518721.280:5): avc: denied { append } for pid=2224 comm=" syslogd" name="messages" dev=dm-3 ino=38 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file audit(1156518721.757:7): avc: denied { read }...

On Tue, Mar 14, 2017 at 02:46:19PM -0400, Ron Wheeler wrote: > https://docs.fedoraproject.org/en-US/Fedora/11/html/Security-Enhanced_Linux/sect-Security-Enhanced_Linux-Working_with_SELinux-Enabling_and_Disabling_SELinux.html > > If disabling Selinux solves your problem, then your problem may be related > to Selinux. > If it does not change yout problem, you may want to look

...tdb.sqlite3 > > > [root at localhost ~]# tail -f /var/log/audit/audit.log > type=AVC msg=audit(1489588773.253:1171): avc: denied { read } for pid=3838 comm="asterisk" name="astdb.sqlite3" dev="dm-0" ino=100884225 scontext=system_u:system_r:asterisk_t:s0 tcontext=unconfined_u:object_r:var_lib_t:s0 tclass=file > type=SYSCALL msg=audit(1489588773.253:1171): arch=c000003e syscall=2 success=no exit=-13 a0=aa5080 a1=80000 a2=1a4 a3=aa5080 items=0 ppid=1485 pid=3838 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=42949672...

On 04/26/2017 12:29 AM, Robert Moskowitz wrote: > But the policy generates errors. I will have to submit a bug report, > it seems A bug report would probably be helpful. I'm looking back at the message you wrote describing errors in ld-2.17.so. I think what's happening is that the policy on your system includes a silent rule that somehow breaks your system. You'll need

...ation. [root at gimbli ~]# virsh start vm03 libvir: Xen Daemon error : POST operation failed: (xend.err "Error creating domain: Boot loader didn't return any data!") error: Failed to start domain vm03 /var/log/messages got filled with the following messages: stem_r:xenstored_t:s0 tcontext=system_u:system_r:xenstored_t:s0 tclass=capability Feb 29 10:36:59 gimbli kernel: audit(1204274218.949:2139): avc: denied { sys_resource } for pid=2445 comm="xenstored" capability=24 scontext=system_u:system_r:xenstored_t:s0 tcontext=system_u:system_r:xenstored_t:s0 tclass=capabili...

...): table=nat family=2 entries=60 type=NETFILTER_CFG msg=audit(1365403596.177:4508): table=nat family=2 entries=61 type=AVC msg=audit(1365403606.017:4509): avc: denied { dac_override } for pid=8944 comm="qemu-system-ppc" capability=1 scontext=system_u:system_r:svirt_t:s0:c574,c809 tcontext=system_u:system_r:svirt_t:s0:c574,c809 tclass=capability type=AVC msg=audit(1365403606.017:4510): avc: denied { dac_read_search } for pid=8944 comm="qemu-system-ppc" capability=2 scontext=system_u:system_r:svirt_t:s0:c574,c809 tcontext=system_u:system_r:svirt_t:s0:c574,c809 tclass=c...

...[FAILED] Starting kernel logger: [ OK ] and in dmesg centos report me that: audit(1163775960.711:5): avc: denied { read } for pid=4325 comm="syslogd" name="libc.so.6" dev=dm-0 ino=4562290 scontext=root:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=lnk_file audit(1163775960.711:6): avc: denied { read } for pid=4325 comm="syslogd" name="libc.so.6" dev=dm-0 ino=4562290 scontext=root:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=lnk_file audit(1163775960.711:7): avc: denied {...

...iguration from '/etc/named.conf' Aug 15 14:09:46 devserver21 named: named reload succeeded Aug 15 14:09:46 devserver21 kernel: audit(1250359786.568:31): avc: denied { write } for pid=5103 comm="named" name="named" dev=dm-0 ino=28148843 scontext=user_u:system_r:named_t tcontext=system_u:object_r:named_zone_t tclass=dir Aug 15 14:09:46 devserver21 kernel: audit(1250359786.568:32): avc: denied { add_name } for pid=5103 comm="named" name="tmp-XXXXtGN8y7" scontext=user_u:system_r:named_t tcontext=system_u:object_r:named_zone_t tclass=dir Aug 15 14:09:46...

...cted. # strict - Full SELinux protection. SELINUXTYPE=targeted But during the boot i see selinux warnings and some software wan't start correctly: audit(1173699978.909:2): avc: denied { name_bind } for pid=2407 comm="piranha_gui" src=3636 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:port_t tclass=tcp_socket audit(1173699978.943:3): avc: denied { append } for pid=2407 comm="piranha_gui" name="piranha-gui" dev=dm-0 ino=2338608 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:var_log_t tclass=file audit(1173699979.918:4): avc...

...(01:54) reboot system boot 4.18.0-193.6.3.e Fri Jul 24 01:20 - 13:33 (12:13) # ausearch -m avc --start today ---- time->Fri Jul 24 01:20:08 2020 type=AVC msg=audit(1595546408.754:28): avc: denied { remount } for pid=952 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:httpd_var_run_t:s0 tclass=filesystem permissive=0 ---- time->Fri Jul 24 13:34:04 2020 type=AVC msg=audit(1595590444.080:29): avc: denied { remount } for pid=1020 comm="(ostnamed)" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:httpd_var_run_t:s0 t...

...03 > libvir: Xen Daemon error : POST operation failed: (xend.err "Error > creating domain: Boot loader didn't return any data!") > error: Failed to start domain vm03 > > > > /var/log/messages got filled with the following messages: > > stem_r:xenstored_t:s0 tcontext=system_u:system_r:xenstored_t:s0 > tclass=capability > Feb 29 10:36:59 gimbli kernel: audit(1204274218.949:2139): avc: > denied { sys_resource } for pid=2445 comm="xenstored" capability=24 > scontext=system_u:system_r:xenstored_t:s0 > tcontext=system_u:system_r:xenst...

...03 > libvir: Xen Daemon error : POST operation failed: (xend.err "Error > creating domain: Boot loader didn't return any data!") > error: Failed to start domain vm03 > > > > /var/log/messages got filled with the following messages: > > stem_r:xenstored_t:s0 tcontext=system_u:system_r:xenstored_t:s0 > tclass=capability > Feb 29 10:36:59 gimbli kernel: audit(1204274218.949:2139): avc: > denied { sys_resource } for pid=2445 comm="xenstored" capability=24 > scontext=system_u:system_r:xenstored_t:s0 > tcontext=system_u:system_r:xenst...

...d fsgid=lighttpd tty=(none) ses=unset comm=sendmail exe=/usr/sbin/exim subj=system_u:system_r:httpd_sys_script_t:s0 key=(null) type=AVC msg=audit(09/22/2017 12:08:29.911:1023) : avc: denied { setgid } for pid=19418 comm=sendmail capability=setgid scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:system_r:httpd_sys_script_t:s0 tclass=capability type=SYSCALL msg=audit(09/15/2017 12:12:14.551:31746) : arch=x86_64 syscall=open success=yes exit=7 a0=0x7ffd1659ec70 a1=O_RDONLY a2=0x0 a3=0x9 items=0 ppid=27605 pid=27633 auid=unset uid=lighttpd gid=lighttpd euid=lighttpd suid=lighttpd fs...

...n, setsebool -P use_nfs_home_dirs=1. But I still can't start httpd. Not sure what to make of the audit log: type=AVC msg=audit(1329395502.678:61926): avc: denied { search } for pid=25674 comm="httpd" name="" dev=0:23 ino=3471615 scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:object_r:nfs_t:s0 tclass=dir type=SYSCALL msg=audit(1329395502.678:61926): arch=c000003e syscall=4 success=no exit=-13 a0=7fef342bc080 a1=7fffaf747370 a2=7fffaf747370 a3=7fef30c65c30 items=0 ppid=25673 pid=25674 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=2...