Re: SE alert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 07/19/2015 08:27 PM, Ed Greshko wrote:
On 07/20/15 09:39, jd1008 wrote:
I forgot the file I touch in / to force a relabel, something like .relabel=true ???
touch /.autorelabel google would have found that for you.
Yep! I found it in a fedoraproject forum message
right after I sent the email.
I was just replying that I had forgotten it, with the
intent of looking it up :)

After doing that and rebooting, I got 16 alerts.

Here is one of them:

SELinux is preventing /usr/bin/python2.7 from *remove_name*access on the directory .

*****  Plugin catchall (100. confidence) suggests **************************

If you believe that python2.7 should be allowed remove_name access on the directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep python /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context system_u:system_r:blueman_t:s0-s0:c0.c1023
Target Context                system_u:object_r:tmp_t:s0
Target Objects                 [ dir ]
Source                        python
Source Path                   /usr/bin/python2.7
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           python-2.7.5-16.fc20.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.12.1-197.fc20.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain
3.11.10-301.fc20.x86_64 #1 SMP Thu Dec 5 14:01:17
                              UTC 2013 x86_64 x86_64
Alert Count                   1
First Seen                    2015-07-20 10:14:10 MDT
Last Seen                     2015-07-20 10:14:10 MDT
Local ID d167f2ee-4c4c-442e-877f-5a725536ec97

Raw Audit Messages
type=AVC msg=audit(1437408850.342:377): avc: denied { remove_name } for pid=2582 comm="python" name="ffiuVaXeC" dev="tmpfs" ino=28942 scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmp_t:s0 tclass=dir


type=AVC msg=audit(1437408850.342:377): avc: denied { unlink } for pid=2582 comm="python" name="ffiuVaXeC" dev="tmpfs" ino=28942 scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmp_t:s0 tclass=file


type=SYSCALL msg=audit(1437408850.342:377): arch=x86_64 syscall=unlink success=yes exit=0 a0=7fffd3473a60 a1=c2 a2=180 a3=1 items=0 ppid=2581 pid=2582 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=python exe=/usr/bin/python2.7 subj=system_u:system_r:blueman_t:s0-s0:c0.c1023 key=(null)

Hash: python,blueman_t,tmp_t,dir,remove_name

The rest are summarised as:
SELinux is preventing /usr/bin/python2.7 from execute access on the file .

SELinux is preventing /usr/sbin/lightdm from write access on the directory .

SELinux is preventing /usr/sbin/lightdm from append access on the file .

The rest of the 16 alerts are all re: write access

Please note that I have stopped and disabled sysstat-collect.timerand sysstat.service
since my previous reply.

Also note that I fully re-installed fresh due to the frustration since my first
report about this thread.






--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux