Re: Problem with su -

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 05/03/12 10:49, David Quigley wrote:

On 03/05/2012 10:21, Bob Goodwin wrote:

On 05/03/12 09:39, Bob Goodwin wrote:

       I have an F-16 computer that was working normally a couple of
       days ago when run this morning has an unusual [to me] problem.
Would you mind running sealert -l 90fc420a-dec9-47ce-afa5-6132c99ec61d and posting the output here so we can see what the problem is? 



[bobg@box9 ~]$ sealert -l 90fc420a-dec9-47ce-afa5-6132c99ec61d
SELinux is preventing /usr/bin/xauth from write access on the None /root.
***** Plugin catchall (100. confidence) suggests ***************************
If you believe that xauth should be allowed write access on the root <Unknown> by default. 
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep xauth /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp


Additional Information:
Source Context unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023 
Target Context                unconfined_u:object_r:default_t:s0
Target Objects                /root [ None ]
Source                        xauth
Source Path                   /usr/bin/xauth
Port <Unknown>
Host                          box9
Source RPM Packages           xorg-x11-xauth-1.0.6-1.fc16.x86_64
Target RPM Packages           filesystem-2.4.44-1.fc16.x86_64
Policy RPM                    selinux-policy-3.10.0-75.fc16.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     box9
Platform Linux box9 3.2.2-1.fc16.x86_64 #1 SMP Thu Jan 26 
                              03:21:58 UTC 2012 x86_64 x86_64
Alert Count                   110
First Seen                    Mon 05 Mar 2012 08:19:02 AM EST
Last Seen                     Mon 05 Mar 2012 10:55:37 AM EST
Local ID                      90fc420a-dec9-47ce-afa5-6132c99ec61d

Raw Audit Messages
type=AVC msg=audit(1330962937.294:98): avc: denied { write } for pid=1848 comm="xauth" name="root" dev=sda3 ino=1835009 scontext=unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:default_t:s0 tclass=dirnode=box9 type=SYSCALL msg=audit(1330962937.294:98): arch=c000003e syscall=2 success=no exit=-13 a0=7fffea7afea0 a1=c1 a2=180 a3=8 items=0 ppid=1829 pid=1848 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="xauth" exe="/usr/bin/xauth" subj=unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023 key=(null) 


Hash: xauth,xauth_t,default_t,None,write

audit2allow


audit2allow -R



--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux