Here a few alerts I got when updatedb got started by cron. Valent. -- http://kernelreloaded.blog385.com/ linux, blog, anime, spirituality, windsurf, wireless registered as user #367004 with the Linux Counter, http://counter.li.org. ICQ: 2125241, Skype: valent.turkovic
Sažetak: SELinux is preventing updatedb (locate_t) "read" to / (unlabeled_t). Detaljan opis: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux denied access requested by updatedb. It is not expected that this access is required by updatedb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. DopuÅ¡tanje pristupa: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /, restorecon -v '/' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Dodatni podaci: Izvorni kontekst system_u:system_r:locate_t:s0 Ciljani kontekst system_u:object_r:unlabeled_t:s0 Ciljani objekti / [ dir ] Source updatedb Source Path /usr/bin/updatedb Port <Nepoznato> Host valent.oswireless Source RPM Packages mlocate-0.18-1 Target RPM Packages filesystem-2.4.11-1.fc8 RPM pravila selinux-policy-3.0.8-93.fc8 Selinux je omoguÄ?en True Vrsta pravila targeted MLS je omoguÄ?en True NaÄ?in prisile Permissive Naziv dodatka catchall_file Naziv raÄ?unala valent.oswireless Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed Mar 12 18:17:20 EDT 2008 i686 i686 Broj uzbuna 1 First Seen Pon 17 Ožu 2008 10:15:48 Last Seen Pon 17 Ožu 2008 10:15:48 Local ID 7991dc61-e67b-4a09-8782-a5d2d38a8fe6 Brojevi redaka Sirova poruke revizije host=valent.oswireless type=AVC msg=audit(1205745348.737:60): avc: denied { read } for pid=11206 comm="updatedb" name="/" dev=loop0 ino=2 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir host=valent.oswireless type=SYSCALL msg=audit(1205745348.737:60): arch=40000003 syscall=5 success=yes exit=9 a0=804e2e9 a1=58000 a2=0 a3=58000 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak: SELinux is preventing updatedb (locate_t) "search" to / (unlabeled_t). Detaljan opis: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux denied access requested by updatedb. It is not expected that this access is required by updatedb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. DopuÅ¡tanje pristupa: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /, restorecon -v '/' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Dodatni podaci: Izvorni kontekst system_u:system_r:locate_t:s0 Ciljani kontekst system_u:object_r:unlabeled_t:s0 Ciljani objekti / [ dir ] Source updatedb Source Path /usr/bin/updatedb Port <Nepoznato> Host valent.oswireless Source RPM Packages mlocate-0.18-1 Target RPM Packages filesystem-2.4.11-1.fc8 RPM pravila selinux-policy-3.0.8-93.fc8 Selinux je omoguÄ?en True Vrsta pravila targeted MLS je omoguÄ?en True NaÄ?in prisile Permissive Naziv dodatka catchall_file Naziv raÄ?unala valent.oswireless Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed Mar 12 18:17:20 EDT 2008 i686 i686 Broj uzbuna 1 First Seen Pon 17 Ožu 2008 10:15:48 Last Seen Pon 17 Ožu 2008 10:15:48 Local ID 10c13adf-7cc2-4be6-a443-a32cabfffa96 Brojevi redaka Sirova poruke revizije host=valent.oswireless type=AVC msg=audit(1205745348.737:58): avc: denied { search } for pid=11206 comm="updatedb" name="/" dev=loop0 ino=2 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir host=valent.oswireless type=SYSCALL msg=audit(1205745348.737:58): arch=40000003 syscall=12 success=yes exit=0 a0=87b8d31 a1=8000 a2=bfedcb40 a3=87b8d31 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak: SELinux is preventing updatedb (locate_t) "getattr" to /mnt/test1 (unlabeled_t). Detaljan opis: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux denied access requested by updatedb. It is not expected that this access is required by updatedb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. DopuÅ¡tanje pristupa: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /mnt/test1, restorecon -v '/mnt/test1' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Dodatni podaci: Izvorni kontekst system_u:system_r:locate_t:s0 Ciljani kontekst system_u:object_r:unlabeled_t:s0 Ciljani objekti /mnt/test1 [ dir ] Source updatedb Source Path /usr/bin/updatedb Port <Nepoznato> Host valent.oswireless Source RPM Packages mlocate-0.18-1 Target RPM Packages RPM pravila selinux-policy-3.0.8-93.fc8 Selinux je omoguÄ?en True Vrsta pravila targeted MLS je omoguÄ?en True NaÄ?in prisile Permissive Naziv dodatka catchall_file Naziv raÄ?unala valent.oswireless Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed Mar 12 18:17:20 EDT 2008 i686 i686 Broj uzbuna 1 First Seen Pon 17 Ožu 2008 10:15:48 Last Seen Pon 17 Ožu 2008 10:15:48 Local ID b3d8abd6-0553-4722-b027-bffa8e8c6504 Brojevi redaka Sirova poruke revizije host=valent.oswireless type=AVC msg=audit(1205745348.737:59): avc: denied { getattr } for pid=11206 comm="updatedb" path="/mnt/test1" dev=loop0 ino=2 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir host=valent.oswireless type=SYSCALL msg=audit(1205745348.737:59): arch=40000003 syscall=196 success=yes exit=0 a0=804e2e9 a1=bfedc7fc a2=d33ff4 a3=87b8d31 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak: SELinux is preventing updatedb (locate_t) "read" to ./Cache (unlabeled_t). Detaljan opis: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux denied access requested by updatedb. It is not expected that this access is required by updatedb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. DopuÅ¡tanje pristupa: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./Cache, restorecon -v './Cache' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Dodatni podaci: Izvorni kontekst system_u:system_r:locate_t:s0 Ciljani kontekst system_u:object_r:unlabeled_t:s0 Ciljani objekti ./Cache [ dir ] Source updatedb Source Path /usr/bin/updatedb Port <Nepoznato> Host valent.oswireless Source RPM Packages mlocate-0.18-1 Target RPM Packages RPM pravila selinux-policy-3.0.8-93.fc8 Selinux je omoguÄ?en True Vrsta pravila targeted MLS je omoguÄ?en True NaÄ?in prisile Permissive Naziv dodatka catchall_file Naziv raÄ?unala valent.oswireless Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed Mar 12 18:17:20 EDT 2008 i686 i686 Broj uzbuna 1 First Seen Pon 17 Ožu 2008 10:15:34 Last Seen Pon 17 Ožu 2008 10:15:34 Local ID b8c9f0cc-561b-4c1f-8049-7171d68d3d33 Brojevi redaka Sirova poruke revizije host=valent.oswireless type=AVC msg=audit(1205745334.473:57): avc: denied { read } for pid=11206 comm="updatedb" name="Cache" dev=sda13 ino=2097606 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir host=valent.oswireless type=SYSCALL msg=audit(1205745334.473:57): arch=40000003 syscall=5 success=yes exit=13 a0=804e2e9 a1=58000 a2=0 a3=58000 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak: SELinux is preventing updatedb (locate_t) "search" to ./Cache (unlabeled_t). Detaljan opis: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux denied access requested by updatedb. It is not expected that this access is required by updatedb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. DopuÅ¡tanje pristupa: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./Cache, restorecon -v './Cache' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Dodatni podaci: Izvorni kontekst system_u:system_r:locate_t:s0 Ciljani kontekst system_u:object_r:unlabeled_t:s0 Ciljani objekti ./Cache [ dir ] Source updatedb Source Path /usr/bin/updatedb Port <Nepoznato> Host valent.oswireless Source RPM Packages mlocate-0.18-1 Target RPM Packages RPM pravila selinux-policy-3.0.8-93.fc8 Selinux je omoguÄ?en True Vrsta pravila targeted MLS je omoguÄ?en True NaÄ?in prisile Permissive Naziv dodatka catchall_file Naziv raÄ?unala valent.oswireless Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed Mar 12 18:17:20 EDT 2008 i686 i686 Broj uzbuna 1 First Seen Pon 17 Ožu 2008 10:15:34 Last Seen Pon 17 Ožu 2008 10:15:34 Local ID 9cb1a545-ff01-4357-a893-3c8778f91e6c Brojevi redaka Sirova poruke revizije host=valent.oswireless type=AVC msg=audit(1205745334.473:56): avc: denied { search } for pid=11206 comm="updatedb" name="Cache" dev=sda13 ino=2097606 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir host=valent.oswireless type=SYSCALL msg=audit(1205745334.473:56): arch=40000003 syscall=12 success=yes exit=0 a0=87bbe4d a1=8000 a2=bfedc540 a3=87bbe4d items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
Sažetak: SELinux is preventing updatedb (locate_t) "getattr" to /home/valentt/.mozilla/firefox/q71tjyey.default/Cache (unlabeled_t). Detaljan opis: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux denied access requested by updatedb. It is not expected that this access is required by updatedb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. DopuÅ¡tanje pristupa: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /home/valentt/.mozilla/firefox/q71tjyey.default/Cache, restorecon -v '/home/valentt/.mozilla/firefox/q71tjyey.default/Cache' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Dodatni podaci: Izvorni kontekst system_u:system_r:locate_t:s0 Ciljani kontekst system_u:object_r:unlabeled_t:s0 Ciljani objekti /home/valentt/.mozilla/firefox/q71tjyey.default/Ca che [ dir ] Source updatedb Source Path /usr/bin/updatedb Port <Nepoznato> Host valent.oswireless Source RPM Packages mlocate-0.18-1 Target RPM Packages RPM pravila selinux-policy-3.0.8-93.fc8 Selinux je omoguÄ?en True Vrsta pravila targeted MLS je omoguÄ?en True NaÄ?in prisile Permissive Naziv dodatka catchall_file Naziv raÄ?unala valent.oswireless Platforma Linux valent.oswireless 2.6.24.3-34.fc8 #1 SMP Wed Mar 12 18:17:20 EDT 2008 i686 i686 Broj uzbuna 1 First Seen Pon 17 Ožu 2008 10:15:34 Last Seen Pon 17 Ožu 2008 10:15:34 Local ID ced0ea51-8cb1-4cc8-ab49-8db43e3ac01c Brojevi redaka Sirova poruke revizije host=valent.oswireless type=AVC msg=audit(1205745334.472:55): avc: denied { getattr } for pid=11206 comm="updatedb" path="/home/valentt/.mozilla/firefox/q71tjyey.default/Cache" dev=sda13 ino=2097606 scontext=system_u:system_r:locate_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir host=valent.oswireless type=SYSCALL msg=audit(1205745334.472:55): arch=40000003 syscall=196 success=yes exit=0 a0=87bbe4d a1=bfedc338 a2=d33ff4 a3=bfedc4b8 items=0 ppid=11200 pid=11206 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0 key=(null)
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
