On 02/04/2010 01:50 PM, Kevin Kempter wrote: > Hi All; > > I've seen several of the below SELinux messages recently, I do have root > logins disables in my /etc/ssh/sshd_config file: > > <snip> > PermitRootLogin no > </snip> > > > > Any thoughts on this? Is it cause for concern? > > > > > ====================================================== > SELinux message: > ====================================================== > > Summary: > > SELinux is preventing /usr/libexec/polkit-1/polkitd "search" access on > /root/.config. > > Detailed Description: > > [SELinux is in permissive mode. This access was not denied.] > > SELinux denied access requested by polkitd. It is not expected that this > access > is required by polkitd and this access may signal an intrusion attempt. It is > also possible that the specific version or configuration of the application is > causing it to require additional access. > > Allowing Access: > > You can generate a local policy module to allow this access - see FAQ > (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug > report. > > Additional Information: > > Source Context system_u:system_r:policykit_t:s0-s0:c0.c1023 > Target Context system_u:object_r:gnome_home_t:s0 > Target Objects /root/.config [ dir ] > Source polkitd > Source Path /usr/libexec/polkit-1/polkitd > Port <Unknown> > Host Issac.consistentstate.com > Source RPM Packages polkit-0.95-0.git20090913.3.fc12 > Target RPM Packages > Policy RPM selinux-policy-3.6.32-78.fc12 > Selinux Enabled True > Policy Type targeted > Enforcing Mode Permissive > Plugin Name catchall > Host Name Issac.consistentstate.com > Platform Linux Issac.consistentstate.com > 2.6.31.12-174.2.3.fc12.x86_64 #1 SMP Mon Jan 18 > 19:52:07 UTC 2010 x86_64 x86_64 > Alert Count 11 > First Seen Wed 03 Feb 2010 05:13:02 PM MST > Last Seen Thu 04 Feb 2010 08:00:56 AM MST > Local ID 69fff773-fb91-4b4f-b309-25e3e2455071 > Line Numbers > > Raw Audit Messages > > node=Issac.consistentstate.com type=AVC msg=audit(1265295656.734:13): avc: > denied { search } for pid=1831 comm="polkitd" name=".config" dev=sda1 > ino=5283846 scontext=system_u:system_r:policykit_t:s0-s0:c0.c1023 > tcontext=system_u:object_r:gnome_home_t:s0 tclass=dir > > node=Issac.consistentstate.com type=SYSCALL msg=audit(1265295656.734:13): > arch=c000003e syscall=2 success=no exit=-2 a0=100e640 a1=0 a2=0 a3=1d items=0 > ppid=1830 pid=1831 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 > sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="polkitd" > exe="/usr/libexec/polkit-1/polkitd" subj=system_u:system_r:policykit_t:s0- > s0:c0.c1023 key=(null) > > Fixed in selinux-policy-3.6.32-83.fc12 -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
