SELinux alert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Should I be worried about this?

SELinux is preventing useradd from write access on the directory /run.

*****  Plugin catchall (100. confidence) suggests  ***************************

If you believe that useradd should be allowed write access on the run directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep useradd /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                unconfined_u:system_r:useradd_t:s0-s0:c0.c1023
Target Context                system_u:object_r:var_run_t:s0
Target Objects                /run [ dir ]
Source                        useradd
Source Path                   useradd
Port                          <Unknown>
Host                          2cabezas
Source RPM Packages          
Target RPM Packages           filesystem-3-2.fc17.i686
Policy RPM                    selinux-policy-3.10.0-114.fc17.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     2cabezas
Platform                      Linux 2cabezas 3.3.2-1.fc17.i686 #1 SMP Fri Apr 13
                              21:06:40 UTC 2012 i686 i686
Alert Count                   1
First Seen                    mié 18 abr 2012 13:13:48 ART
Last Seen                     mié 18 abr 2012 13:13:48 ART
Local ID                      2926be04-b387-449b-bbd3-90440403cb11

Raw Audit Messages
type=AVC msg=audit(1334765628.677:275): avc:  denied  { write } for  pid=1331 comm="useradd" name="/" dev="tmpfs" ino=6961 scontext=unconfined_u:system_r:useradd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=dir


Hash: useradd,useradd_t,var_run_t,dir,write

audit2allowunable to open /sys/fs/selinux/policy:  Permission denied


audit2allow -Runable to open /sys/fs/selinux/policy:  Permission denied


-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux