--- Rahul Sundaram <sundaram@xxxxxxxxxx> wrote: > Antonio Olivares wrote: > > >Dear Kind Folks, > > I recently updated one of my machines at work > which > >was running Fedora Core 3 to kernel-2.6.12-1.1381 > via > >yum. When I rebooted and booted to the new kernel, > I > >fired up firefox and could not load yahoo webpage. > I > >tried google, Fedorafaq, Distrowatch and nothing. > I > >suspected Selinux could be the culprit, so I did: > >Hat -> System Settings -> Security Level and > disabled > >selinux. Rebooted with new settings and viola I > could > >see yahoo, distrowatch, google, etc. I went to > >terminal fired up yum and yum update selinux and > gave > >me error message. I tried again this time with > >selinux-targetpolicy? (not to sure) but it went > >through. I reenabled selinux, and rebooted and > could > >not view any webpages again. I will get back to > the > >machine on Monday, and it makes me wonder about > what > >do I need to do, which updates I need to run. > > > >kernel installed -> [kernel-2.6.12-1.1381_FC3.i686] > > > >I read very carefully the FAQ for SELinux from > >http://www.nsa.gov/selinux/info/faq.cfm > >but I am still clueless. I would like to keep > selinux > >enabled and still view webpages. How can I still > do > >that? > > > > > post to the fedora-selinux list with the AVC denied > messages in > /var/log/messages. Fedora SELinux FAQ is available > from > > http://fedoraproject.org/wiki/Communicate > http://fedora.redhat.com/docs/selinux-faq/ > > regards > Rahul > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: > https://www.redhat.com/mailman/listinfo/fedora-list > I'll do that come Monday, thanks for helping. In any case, at home same thing happened, here are some avc messages audit(1131052412.181:2): avc: denied { name_connect } for pid=4314 comm="gkrellm" dest=7634 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:port_t tclass=tcp_socket audit(1131052412.349:3): avc: denied { name_connect } for pid=4317 comm="eggcups" dest=631 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket audit(1131052412.349:4): avc: denied { name_connect } for pid=4317 comm="eggcups" dest=631 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket CSLIP: code copyright 1989 Regents of the University of California PPP generic driver version 2.4.2 PPP Deflate Compression module registered audit(1131052690.058:5): avc: denied { name_connect } for pid=4602 comm="firefox-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052692.227:6): avc: denied { name_connect } for pid=4602 comm="firefox-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052699.727:7): avc: denied { name_connect } for pid=4602 comm="firefox-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052702.155:8): avc: denied { name_connect } for pid=4602 comm="firefox-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052713.032:9): avc: denied { name_connect } for pid=4602 comm="firefox-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052718.472:10): avc: denied { name_connect } for pid=4602 comm="firefox-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052726.685:11): avc: denied { name_connect } for pid=4602 comm="firefox-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052730.917:12): avc: denied { name_connect } for pid=4602 comm="firefox-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052743.510:13): avc: denied { name_connect } for pid=4617 comm="mozilla-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052746.942:14): avc: denied { name_connect } for pid=4617 comm="mozilla-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052843.092:15): avc: denied { name_connect } for pid=4692 comm="mozilla-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket audit(1131052848.928:16): avc: denied { name_connect } for pid=4692 comm="mozilla-bin" dest=443 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket [root@localhost ~]# [root@localhost ~]# tail /var/log/messages Nov 3 21:20:37 localhost pppd[4658]: local IP address 66.201.8.152 Nov 3 21:20:37 localhost pppd[4658]: remote IP address 66.201.8.6 Nov 3 21:20:37 localhost pppd[4658]: primary DNS address 168.215.176.2 Nov 3 21:20:37 localhost pppd[4658]: secondary DNS address 12.176.80.9 Nov 3 21:20:43 localhost kernel: audit(1131052843.092:15): avc: denied { name_connect } for pid=4692 comm="mozilla-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket Nov 3 21:20:48 localhost kernel: audit(1131052848.928:16): avc: denied { name_connect } for pid=4692 comm="mozilla-bin" dest=443 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket Nov 3 21:23:01 localhost kernel: audit(1131052981.865:17): avc: denied { name_connect } for pid=4692 comm="mozilla-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket Nov 3 21:23:03 localhost kernel: audit(1131052983.717:18): avc: denied { name_connect } for pid=4692 comm="mozilla-bin" dest=80 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:http_port_t tclass=tcp_socket Nov 3 21:25:01 localhost crond(pam_unix)[4703]: session opened for user root by (uid=0) Nov 3 21:25:02 localhost crond(pam_unix)[4703]: session closed for user root Regards, Antonio __________________________________ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs
