Re: Newbie Q

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Aaron Gray wrote:
I am trying to audit2allow on F10 to allow a cgi-bin perl script to run on Apache. Runs fine in permissive mode not in enforcing.
I bought the O'Reilly SE Linux book and learned the basics but it does not really seem to help me on Fedora.
there was no /var/log/kernel so I tried /var/log/secure with the following command sequence 

   setenforce 0

   # access the cgi from the web

   setenforce 1

   audit2allow -l -i /var/log/secure
The audit log file is /var/log/audit/audit.log. Note, you must have root privileges to read it.
What is strange also is the system is not flagging things up as a notification icon anymore in enforcing mode. 

Thanks for the reply.
Do you mean the "Star" Icon which opens the SETroubleshoot browser is not appearing on your desktop? 

Yep.


If so are there any errors in /var/log/setroubleshoot/setroubleshootd.log?


Yep.


Are there actually AVC messages in the /var/log/audit/audit.log file?


Yep.


What version of setroubleshoot is installed?


F10's ? Version 2.0.12
It runs when I select it from the command line but not automatically on violations. 

~~~~~~~~~~~~setroubleshooth.log~~~~~~~~~~~~
2009-03-20 16:58:15,020 [program.ERROR] setroubleshoot generated AVC, exiting to avoid recursion, context=system_u:system_r:setroubleshootd_t:s0, AVC scontext=system_u:system_r:setroubleshootd_t:s0 
2009-03-20 16:58:15,020 [program.ERROR] audit event
node=localhost.localdomain type=AVC msg=audit(1237568294.768:209): avc: denied { signull } for pid=2480 comm="setroubleshootd" scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process
node=localhost.localdomain type=SYSCALL msg=audit(1237568294.768:209): arch=40000003 syscall=37 success=yes exit=0 a0=7d11 a1=0 a2=5cf70c a3=7d11 items=0 ppid=1 pid=2480 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Does this give any clues ?

Aaron

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux