Colin Paul Adams wrote:
I just installed (via yum) and started squid.
I then noticed I had some SELinux alert
Summary
SELinux is preventing /usr/sbin/squid (squid_t) "read write" to socket
(unconfined_t).
Detailed Description
SELinux denied access requested by /usr/sbin/squid. It is not expected that
this access is required by /usr/sbin/squid and this access may signal an
intrusion attempt. It is also possible that the specific version or
configuration of the application is causing it to require additional access.
Allowing Access
You can generate a local policy module to allow this access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable
SELinux protection altogether. Disabling SELinux protection is not
recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.
Additional Information
Source Context system_u:system_r:squid_t:s0
Target Context system_u:system_r:unconfined_t:s0
Target Objects socket [ unix_stream_socket ]
Affected RPM Packages squid-2.6.STABLE17-1.fc8 [application]
Policy RPM selinux-policy-3.0.8-44.fc8
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall
Host Name susannah.colina.demon.co.uk
Platform Linux susannah.colina.demon.co.uk 2.6.23.1-42.fc8
#1 SMP Tue Oct 30 13:18:33 EDT 2007 x86_64 x86_64
Alert Count 1
First Seen Sat 26 Jan 2008 06:39:04 GMT
Last Seen Sat 26 Jan 2008 06:39:04 GMT
Local ID b8ea13f6-922f-4bb8-a448-09e80221eb2a
Line Numbers
and additional similar alerts for sh (xdm), ntpd, and /usr/bin/gcin
Is it safe to ignore these?
I run squid and ignore this message ... looks like something the Fedora
guys will fix eventually.
