Re: SELinux advisory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 06/26/2009 11:20 AM, Paolo Galtieri wrote:

I keep getting the following SELinux alert.
SELinux is preventing hostname (hostname_t) "read" security_t

The alert data is shown below. I'm not sure what I might have changed to
cause this.

Paolo

Summary:

SELinux is preventing hostname (hostname_t) "read" security_t.

Detailed Description:

SELinux denied access requested by hostname. It is not expected that
this access
is required by hostname and this access may signal an intrusion attempt.
It is
also possible that the specific version or configuration of the
application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can
disable
SELinux protection altogether. Disabling SELinux protection is not
recommended.
Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context system_u:system_r:hostname_t:s0
Target Context system_u:object_r:security_t:s0
Target Objects mls [ file ]
Source hostname
Source Path /bin/hostname
Port <Unknown>
Host peglaptop10
Source RPM Packages net-tools-1.60-92.fc11
Target RPM Packages Policy RPM selinux-policy-3.6.12-50.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name peglaptop10
Platform Linux peglaptop10 2.6.29.5-191.fc11.x86_64 #1 SMP
Tue Jun 16 23:23:21 EDT 2009 x86_64 x86_64
Alert Count 108
First Seen Fri 19 Jun 2009 06:33:48 PM MST
Last Seen Fri 26 Jun 2009 07:31:49 AM MST
Local ID 2bc187c8-f1ab-4a44-8c0b-cc092191743b
Line Numbers
Raw Audit Messages
node=peglaptop10 type=AVC msg=audit(1246026709.145:1331): avc: denied {
read } for pid=14213 comm="hostname" name="mls" dev=selinuxfs ino=12
scontext=system_u:system_r:hostname_t:s0
tcontext=system_u:object_r:security_t:s0 tclass=file

node=peglaptop10 type=SYSCALL msg=audit(1246026709.145:1331):
arch=c000003e syscall=2 success=no exit=-13 a0=7fff3f294550 a1=0
a2=7fff3f29455c a3=fffffff8 items=0 ppid=14200 pid=14213 auid=4294967295
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="hostname" exe="/bin/hostname"
subj=system_u:system_r:hostname_t:s0 key=(null)
You can ignore this for now and update to selinux-policy-3.6.12-57.fc11.noarch, when it becomes available. 

Or you can grab it now at

https://admin.fedoraproject.org/updates/selinux-policy-3.6.12-57.fc11


--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux