logwatch error messages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am seeing the following errors via "journalctl |grep logwatch":
Jan 22 03:37:14 lx120e.htt-consult.com setroubleshoot[11102]: dbus avc(node=lx120e.htt-consult.com type=AVC msg=audit(1390390627.456:1007): avc: denied { execute } for pid=11100 comm="logwatch" name="procmail" dev="sda3" ino=1187050 scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023 tcontext=system_u:object_r:procmail_exec_t:s0 tclass=file node=lx120e.htt-consult.com type=SYSCALL msg=audit(1390390627.456:1007): arch=c000003e syscall=59 success=no exit=-13 a0=d13ad0 a1=d13a50 a2=d137c0 a3=8 items=0 ppid=11013 pid=11100 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=16 tty=(none) comm="logwatch" exe="/usr/bin/perl" subj=system_u:system_r:logwatch_t:s0-s0:c0.c1023 key=(null) Jan 22 03:37:14 lx120e.htt-consult.com setroubleshoot[11102]: AuditRecordReceiver.add_record_to_cache(): node=lx120e.htt-consult.com type=AVC msg=audit(1390390627.456:1007): avc: denied { execute } for pid=11100 comm="logwatch" name="procmail" dev="sda3" ino=1187050 scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023 tcontext=system_u:object_r:procmail_exec_t:s0 tclass=file Jan 22 03:37:14 lx120e.htt-consult.com setroubleshoot[11102]: AuditRecordReceiver.add_record_to_cache(): node=lx120e.htt-consult.com type=SYSCALL msg=audit(1390390627.456:1007): arch=c000003e syscall=59 success=no exit=-13 a0=d13ad0 a1=d13a50 a2=d137c0 a3=8 items=0 ppid=11013 pid=11100 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=16 tty=(none) comm="logwatch" exe="/usr/bin/perl" subj=system_u:system_r:logwatch_t:s0-s0:c0.c1023 key=(null) Jan 22 03:37:14 lx120e.htt-consult.com setroubleshoot[11102]: analyze_avc() avc=scontext=system_u:system_r:logwatch_t:s0-s0:c0.c1023 tcontext=system_u:object_r:procmail_exec_t:s0 access=['execute'] tclass=file tpath=procmail 


I had performed the following selinux policy:

On 01/06/2014 08:14 AM, Daniel J Walsh wrote:


Create a file mylogwatch.te with the following content.

policy_module(mylogwatch, 1.0)
gen_require(`
     type logwatch_mail_t;
')

mta_filetrans_admin_home_content(logwatch_mail_t)

Now execute this command to compile the policy and load it into the kernel

# make -f /usr/share/selinux/devel/Makefile
# semodule -i mylogwatch.pp

Now you should be allowed to run logwatch_mail_t in enforcing mode.



What do these messages mean?


--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux