SElinux concern

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I have 3 computers with linux; on all of them, SElinux has a 'problem'. This is from the system log.

From cron:
Aug 18 04:17:08 d500 anacron[9915]: Updated timestamp for job `cron.daily' to 2007-08-18

From messages:
Aug 18 04:17:15 d500 setroubleshoot: SELinux is preventing access to files with the default label, default_t. For complete SELinux messages. run sealert -l 9e597df3-e188-4d36-8739-dc030e5cfa0b

Note the time; it's similar on the other 2 boxes - setroubleshoot is several seconds after cron.daily. And, it looks like the setroubleshoot message happens every day.

Here is most of the sealert output:
Detailed Description
SELinux permission checks on files labeled default_t are being denied. These files/directories have the default label on them. This can indicate a labeling problem, especially if the files being referred to are not top level directories. Any files/directories under standard system directories, /usr, /var. /dev, /tmp, ..., should not be labeled with the default label. The default label is for files/directories which do not have a label on a parent directory. So if you create a new directory in / you might legitimately get this label.

Allowing Access
If you want a confined domain to use these files you will probably need to relabel the file/directory with chcon. In some cases it is just easier to relabel the system, to relabel execute: "touch /.autorelabel; reboot"

Additional Information

Source Context                system_u:system_r:procmail_t
Target Context                system_u:object_r:default_t
Target Objects                root [ dir ]
Affected RPM Packages         procmail-3.22-19.fc7
                              [application]filesystem-2.4.6-1.fc7 [target]
Policy RPM                    selinux-policy-2.6.4-8.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.default
Host Name                     d500.localdomain
Platform Linux d500.localdomain 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 15:37:31 EDT 2007 i686 i686
Alert Count                   48
First Seen                    Sun Jul  1 08:00:33 2007
Last Seen                     Sat Aug 18 04:17:12 2007
Local ID                      9e597df3-e188-4d36-8739-dc030e5cfa0b
Line Numbers

I have no notion of what this means.

Should I be concerned? Should I do anything?

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux