SELinux kerneloops and dhclient issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The "setroubleshoot browser" is reporting the following issues on Fedora 9:
SELinux is preventing kerneloops (kerneloops_t) "signal" to <Unknown> (kerneloops_t). SELinux is preventing dhclient (dhcpc_t) "read write" to socket (unconfined_t).
The first issue occurs on boot. The second issue occurs when I bring up eth0.
Should I file a bug report, or might there be something more sinister going on? 

For reference, the complete reports are as follows:

Summary:

SELinux is preventing kerneloops (kerneloops_t) "signal" to <Unknown>
(kerneloops_t).

Detailed Description:

SELinux denied access requested by kerneloops. It is not expected that this
access is required by kerneloops and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the 
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) 
against this package.

Additional Information:

Source Context                system_u:system_r:kerneloops_t:s0
Target Context                system_u:system_r:kerneloops_t:s0
Target Objects                None [ process ]
Source                        kerneloops
Source Path                   /usr/sbin/kerneloops
Port                          <Unknown>
Host                          gerbil
Source RPM Packages           kerneloops-0.11-1.fc9
Target RPM Packages Policy RPM selinux-policy-3.3.1-84.fc9 
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     gerbil
Platform Linux gerbil 2.6.25.14-108.fc9.x86_64 #1 SMP Mon 
                             Aug 4 13:46:35 EDT 2008 x86_64 x86_64
Alert Count                   2
First Seen                    Sun 07 Sep 2008 03:21:55 AM CDT
Last Seen                     Sun 07 Sep 2008 03:21:55 AM CDT
Local ID                      fa4c1bd0-faf1-48ba-ba55-74285538ef90
Line Numbers Raw Audit Messages host=gerbil type=AVC msg=audit(1220775715.59:8): avc: denied { signal } for pid=2363 comm="kerneloops" scontext=system_u:system_r:kerneloops_t:s0 tcontext=system_u:system_r:kerneloops_t:s0 tclass=process
host=gerbil type=SYSCALL msg=audit(1220775715.59:8): arch=c000003e syscall=234 success=no exit=-13 a0=93b a1=93b a2=6 a3=8 items=0 ppid=1 pid=2363 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kerneloops" exe="/usr/sbin/kerneloops" subj=system_u:system_r:kerneloops_t:s0 key=(null) 

-and-

Summary:
SELinux is preventing dhclient (dhcpc_t) "read write" to socket (unconfined_t). 

Detailed Description:
SELinux denied access requested by dhclient. It is not expected that this access is required by dhclient and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is 
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) 
against this package.

Additional Information:

Source Context                unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 
                             023
Target Objects                socket [ unix_stream_socket ]
Source                        dhclient
Source Path                   /sbin/dhclient
Port                          <Unknown>
Host                          gerbil
Source RPM Packages           dhclient-4.0.0-14.fc9
Target RPM Packages Policy RPM selinux-policy-3.3.1-84.fc9 
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     gerbil
Platform Linux gerbil 2.6.25.14-108.fc9.x86_64 #1 SMP Mon 
                             Aug 4 13:46:35 EDT 2008 x86_64 x86_64
Alert Count                   16
First Seen                    Sun 07 Sep 2008 12:56:48 AM CDT
Last Seen                     Sun 07 Sep 2008 03:23:07 AM CDT
Local ID                      a3b5492a-0ef2-4cc3-bdd0-4c06696bae70
Line Numbers Raw Audit Messages host=gerbil type=AVC msg=audit(1220775787.407:21): avc: denied { read write } for pid=3069 comm="dhclient" path="socket:[68728]" dev=sockfs ino=68728 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=unix_stream_socket
host=gerbil type=SYSCALL msg=audit(1220775787.407:21): arch=c000003e syscall=59 success=yes exit=0 a0=948530 a1=94ad90 a2=8f0d70 a3=3f48f67a70 items=0 ppid=2970 pid=3069 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=1 comm="dhclient" exe="/sbin/dhclient" subj=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 key=(null) 

--
Steve Croll


--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux