-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frank Murphy wrote: > SELinux is preventing perl (logwatch_t) "execute_no_trans" to /sbin/ifconfig > (ifconfig_exec_t). > > Detailed Description: > > SELinux denied access requested by perl. It is not expected that this > access is > required by perl and this access may signal an intrusion attempt. It is also > possible that the specific version or configuration of the application is > causing it to require additional access. > > Allowing Access: > > Sometimes labeling problems can cause SELinux denials. You could try to > restore > the default system file context for /sbin/ifconfig, > > restorecon -v '/sbin/ifconfig' > > If this does not work, there is currently no automatic way to allow this > access. > Instead, you can generate a local policy module to allow this access - > see FAQ > (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can > disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. > Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) > against this package. > > Additional Information: > > Source Context system_u:system_r:logwatch_t:s0 > Target Context system_u:object_r:ifconfig_exec_t:s0 > Target Objects /sbin/ifconfig [ file ] > Source perl > Source Path /usr/bin/perl > Port <Unknown> > Host frank-01 > Source RPM Packages perl-5.10.0-49.fc10 > Target RPM Packages net-tools-1.60-91.fc10 > Policy RPM selinux-policy-3.5.13-18.fc10 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name catchall_file > Host Name frank-01 > Platform Linux frank-01 2.6.27.5-101.fc10.i686 #1 > SMP Wed > Nov 12 00:50:43 EST 2008 i686 i686 > Alert Count 3 > First Seen Thu 13 Nov 2008 09:29:27 GMT > Last Seen Sat 15 Nov 2008 08:19:22 GMT > Local ID a75e0d31-b307-4710-8ad1-2185f020504d > Line Numbers > > Raw Audit Messages > > node=frank-01 type=AVC msg=audit(1226737162.411:32): avc: denied { > execute_no_trans } for pid=4097 comm="perl" path="/sbin/ifconfig" > dev=dm-0 ino=4322 scontext=system_u:system_r:logwatch_t:s0 > tcontext=system_u:object_r:ifconfig_exec_t:s0 tclass=file > > node=frank-01 type=SYSCALL msg=audit(1226737162.411:32): arch=40000003 > syscall=11 success=no exit=-13 a0=9e01ebc a1=9eaa2a4 a2=bfb79fc0 > a3=bfb79958 items=0 ppid=4096 pid=4097 auid=4294967295 uid=0 gid=0 > euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 > comm="perl" exe="/usr/bin/perl" subj=system_u:system_r:logwatch_t:s0 > key=(null) > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Do you know what script logwatch is trying to restart? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkkhi/kACgkQrlYvE4MpobP+IACfVm0lKQURgySUk9aGlAooQsyG diYAoKQ+lGDiWAo4F6KTGvZubEzrsZVt =g5LE -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
