search for: user_u

...there are no lost+found or .journal there, so I guess those are really innocuous.) I dug in deeper and I found out that the source of the problem is most probably in this file: /etc/selinux/targeted/contexts/files/file_contexts.homedirs Among its contents are these lines: /usr/local/[^/]*/.+ user_u:object_r:user_home_t:s0 /usr/local/[^/]*/.*/plugins/nprhapengine\.so.* -- user_u:object_r:textrel_shlib_t:s0 /usr/local/[^/]*/.*/plugins/libflashplayer\.so.* -- user_u:object_r:textrel_shlib_t:s0 /usr/local/[^/]*/((www)|(web)|(public_html))(/.+)? user_u:object_r:httpd_user_content_t:s0 /usr...

...-------------------------------------------------------------------- type=AVC msg=audit(1219458556.400:16996): avc: denied { read write } for pid=xxxxx comm="sendmail" path=2F746D702F2E7863616368652E302E302E313236373935383634322E6C6F636B202864656C6574656429 dev=dm-1 ino=xxxxx scontext=user_u:system_r:system_mail_t:s0 tcontext=user_u:object_r:httpd_tmp_t:s0 tclass=file type=AVC msg=audit(1219458556.400:16996): avc: denied { read write } for pid=xxxxx comm="sendmail" path=2F746D702F2E7863616368652E302E312E3534383639343233352E6C6F636B202864656C6574656429 dev=dm-1 ino=xxxxx sc...

...amed[5101]: loading configuration from '/etc/named.conf' Aug 15 14:09:46 devserver21 named: named reload succeeded Aug 15 14:09:46 devserver21 kernel: audit(1250359786.568:31): avc: denied { write } for pid=5103 comm="named" name="named" dev=dm-0 ino=28148843 scontext=user_u:system_r:named_t tcontext=system_u:object_r:named_zone_t tclass=dir Aug 15 14:09:46 devserver21 kernel: audit(1250359786.568:32): avc: denied { add_name } for pid=5103 comm="named" name="tmp-XXXXtGN8y7" scontext=user_u:system_r:named_t tcontext=system_u:object_r:named_zone_t...

...aht i want to add another directory for cache, in this system we have a home partition with huge space, i create a squid dir and add the path with semanage: semanage fcontext -a -t squid_cache_t '/home/squid(/.*)?' i check the files and are in the good context: drwxr-xr-x squid squid user_u:object_r:squid_cache_t . drwxr-xr-x squid squid system_u:object_r:home_root_t .. drwxr-x--- squid squid user_u:object_r:squid_cache_t 00 drwxr-x--- squid squid user_u:object_r:squid_cache_t 01 ... But when i want start it i get this: type=AVC msg=audit(1296442326.932:739661): avc: d...

...and started receiving some error messages in the system services initialization: ====================================================================== audit(1156518721.252:2): avc: denied { read } for pid=2223 comm="syslogd" name="libc-2.3.4.so" dev=dm-0 ino=50441 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file audit(1156518721.280:5): avc: denied { append } for pid=2224 comm=" syslogd" name="messages" dev=dm-3 ino=38 scontext=user_u:system_r:syslogd_t tcontext=system_u:object_r:file_t tclass=file audit(1156518721.75...

...d BackupPC 3.1.0 from Testing repository, to Cent OS 5.2 x86_64, and I am hitting an SE Linux denial - the httpd cannot talk to the BackupPC socket: type=AVC msg=audit(07/31/2008 17:18:53.623:410) : avc: denied { connectto } for pid=11767 comm=httpd path=/var/log/BackupPC/BackupPC.sock scontext=user_u:system_r:httpd_t:s0 tcontext=user_u:system_r:initrc_t:s0 tclass=unix_stream_socket type=AVC msg=audit(07/31/2008 17:18:53.623:410) : avc: denied { write } for pid=11767 comm=httpd name=BackupPC.sock dev=md0 ino=39813253 scontext=user_u:system_r:httpd_t:s0 tcontext=user_u:object_r:var_log_t:s0 t...

...network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted But during the boot i see selinux warnings and some software wan't start correctly: audit(1173699978.909:2): avc: denied { name_bind } for pid=2407 comm="piranha_gui" src=3636 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:port_t tclass=tcp_socket audit(1173699978.943:3): avc: denied { append } for pid=2407 comm="piranha_gui" name="piranha-gui" dev=dm-0 ino=2338608 scontext=user_u:system_r:httpd_t tcontext=system_u:object_r:var_log_t tclass=file a...

...the same (and smbd runs as "root", doesn't it?) Is this maybe a SELinux setting problem? # tail /var/log/audit/audit.log (only at the new VM) type=AVC msg=audit(1303720863.712:53): avc: denied { search } for pid=6737 comm="smbd" name="/" dev=sda3 ino=2 scontext=user_u:system_r:smbd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1303720863.712:53): arch=c000003e syscall=4 success=no exit=-13 a0=2b79380c9620 a1=7fff35dfe9f0 a2=7fff35dfe9f0 a3=ea items=0 ppid=6543 pid=6737 auid=500 uid=500 gid=0 euid=500 suid=0 fsuid=500 egid=500...

...e at http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/ch45s02s03.html On my system running CentOS 5.2: $ ls -alZ /home drwxr-xr-x root root system_u:object_r:home_root_t . drwxr-xr-x root root system_u:object_r:root_t .. $ mount -t nfs -o context=user_u:object_r:user_home_dir_t \ server001a:/vol/vol01/home /home $ ls -alZ /home drwxrwxr-x root root system_u:object_r:nfs_t . drwxr-xr-x root root system_u:object_r:root_t .. drwx------ fred users system_u:object_r:nfs_t fred drwx-----...

Hello, Running httpd-2.2.3-43.el5.centos.3 on CentOS release 5.5 (Final), I have : $ ps -Ze LABEL PID TTY TIME CMD user_u:system_r:httpd_t 12833 ? 00:00:00 httpd Is it normal for httpd to have this context (user_u:system_r:httpd_t) ? I was expecting system_u:system_r:httpd_t. And if it is not normal, is it because I have restarted httpd by hand (service httpd restart), or because I have broken somethi...

...o the system you can relabel it using the restorecon command. Otherwise you should relabel the entire files system. Allowing Access: You can execute the following command as root to relabel your computer system: "touch /.autorelabel; reboot" Additional Information: Source Context: user_u:system_r:pam_console_t Target Context: system_u:object_r:file_t Target Objects: / [ dir ] Source: pam_console_appSource Path: /sbin/pam_console_apply Port: <Unknown> Host: host1.mycompany.com Source RPM Packages: pam-0.99.6.2-6.el5_5.2 Target RPM Packages: filesystem-2.4.0-3.el5.ce...

...TLS Aug 5 21:01:34 [hostname] dovecot: imap-login: Aborted login: user=<[me]>, method=PLAIN, rip=::ffff:[server], lip=::ffff:[server], TLS I'm getting the following messages in /var/log/audit/audit.log: type=USER_AUTH msg=audit(1217984152.016:347): user pid=7669 uid=0 auid=10243 subj=user_u:system_r:dovecot_auth_t:s0 msg='PAM: authentication acct="[me]" : exe="/usr/libexec/dovecot/dovecot-auth" (hostname=::ffff:[client], addr=::ffff:[client], terminal=dovecot res=success)' type=USER_ACCT msg=audit(1217984152.017:348): user pid=7669 uid=0 auid=10243 subj...

...at.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:dovecot_deliver_t Target Context user_u:object_r:user_home_dir_t Target Objects temp.localhost.678.40caaf5592891c46 [ file ] Affected RPM Packages dovecot-1.0.7-16.fc7 [application] Policy RPM selinux-policy-2.6.4-63.fc7 Selinux Enab...

Hi, I have a new CentOS sever install. I've also installed suPHP to replicate a live server. When I upload file via FTP the permissions seem OK, however the directories copied are not writable?? Any ideas? I have tried chmod 777 and that's not working either. Could is be a suPHP issue? I have 'suPHP_UserGroup GROUP USER' setup in my virtual directory and the user is also in the

...} for pid=4874 comm="mysqld" name="tmp" dev=dm-0 ino=2894305 scontext=root:system_r:mysqld_t tcontext=root:object_r:root_t tclass=dir Nov 12 00:48:59 srv1 dbus: Can't send to audit system: USER_AVC pid=2839 uid=81 loginuid=-1 message=avc: denied { send_msg } for scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus Nov 12 00:49:04 srv1 dbus: Can't send to audit system: USER_AVC pid=2839 uid=81 loginuid=-1 message=avc: denied { send_msg } for scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus Nov 12 00:49...

...der to get used to CentOS before using it on live servers. Anyway when I log into X (gnome, gdm) I start getting the following in /var/log/messages Nov 30 12:47:39 needme dbus: Can't send to audit system: USER_AVC pid=2916 uid=81 loginuid=-1 message=avc: denied { send_msg } for scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus Nov 30 12:48:10 needme last message repeated 7 times Nov 30 12:48:12 needme gconfd (MYUSERNAME-3780): Resolved address "xml:readwrite:/home/MYUSERNAME/.gconf" to a writable configuration source at position 0 Nov 30 12:...

...get a squirrelmail error "ERROR: Connection dropped by IMAP server. Query: CAPABILITY" and turning on dovecot debugging shows the following: audit(1157176740.621:14111): avc: denied { search } for pid=9431 comm="doveco t" name="rob" dev=dm-0 ino=23560377 scontext=user_u:system_r:dovecot_t:s0 tconte xt=user_u:object_r:httpd_sys_content_t:s0 tclass=dir can someone point me in the right direction? apologies if this doesn't contain enough info, will try to get more if necesssary, thanks in advance. (incidentally, the simpler dovecot error message says it can...

...accessing its crypto libs. This message appears in the SELinux audit logs: type=AVC msg=audit(1223133076.770:102): avc: denied { execmod } for pid=3878 comm="beam.smp" path="/opt/ejabberd-2.0.2_2/lib/crypto-1.5.2/priv/linux-x86/lib/crypto_drv.so" dev=dm-0 ino=26738869 scontext=user_u:system_r:unconfined_t:s0 tcontext=user_u:object_r:usr_t:s0 tclass=file What do I need to do, for selinux to allow this? (Or should I take this question to an SELinux list?) FWIW, ejabberd seems to run fine while selinux is enabled. Its just when starting up, that it needs selinux to stay out of...

...the "named_disable_trans" boolean to true will disable SELinux protection this application: "setsebool -P named_disable_trans=1." The following command will allow this access: setsebool -P named_disable_trans=1 Additional Information Source Context user_u:system_r:named_t Target Context system_u:object_r:tmpfs_t Target Objects random [ chr_file ] Affected RPM Packages bind-9.3.3-7.el5 [application] Policy RPM selinux-policy-2.4.6-30.el5 Selinux Enabled True Policy Type...

I am getting tons of these messages since I updated to 4.2 Nov 12 12:21:39 srv1 dbus: Can't send to audit system: USER_AVC pid=2839 uid=81 loginuid=-1 message=avc: denied { send_msg } for scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus Now I can see this process... # ps aux|grep 2839 dbus 2839 0.0 0.3 16168 1888 ? Ssl Nov11 0:13 dbus- daemon-1 --system root 17173 0.0 0.1 3748 668 pts/2 S+ 12:22 0:00 grep 2839 but I'm wonderi...