* avc: denied
@ 2002-12-22 14:58 Subba Rao
2002-12-22 15:52 ` Russell Coker
2002-12-25 1:45 ` test Ed Street
0 siblings, 2 replies; 5+ messages in thread
From: Subba Rao @ 2002-12-22 14:58 UTC (permalink / raw)
To: selinux
Finally I got booted the SELinux image for the first time and saw quite a few messages with "avc: denied"
I am at step 13 in the README file. In the policy directory I did "make relabel" and got similar type of messages. These
are the same type of messages I saw at boot up time.
===================
avc: denied { search } for pid=848 exe=/usr/bin/perl path=/var/www/mrtg dev=03:01 ino=272926 scontext=system_u:system_r:crond_t tcontext=system_u:object_r:httpd_sys_content_t tclass=dir
avc: denied { remove_name } for pid=848 exe=/usr/bin/perl path=/var/lock/mrtg/_etc_mrtg.cfg_l_848 dev=03:01 ino=337074 scontext=system_u:system_r:crond_t tcontext=system_u:object_r:var_lock_mrtg_t tclass=dir
avc: denied { unlink } for pid=848 exe=/usr/bin/perl path=/var/lock/mrtg/_etc_mrtg.cfg_l_848 dev=03:01 ino=337074 scontext=system_u:system_r:crond_t tcontext=system_u:object_r:var_lock_mrtg_t tclass=file
avc: denied { write } for pid=848 exe=/usr/bin/perl path=/var/lib/mrtg/_etc_mrtg.cfg dev=03:01 ino=337333 scontext=system_u:system_r:crond_t tcontext=system_u:object_r:var_lib_mrtg_t tclass=file
===================
What part of the policy do I need to look at to avoid these messages? Or is this a standard security message?
Subba Rao
sailorn@attglobal.net
2002-12-22
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: avc: denied
@ 2002-12-25 0:47 Subba Rao
0 siblings, 0 replies; 5+ messages in thread
From: Subba Rao @ 2002-12-25 0:47 UTC (permalink / raw)
To: Russell Coker, selinux, selinux
I downloaded your policy.tgz and compared the "mrtg.fc" file with the your file.
They are the same.
In the listed example, you are seeing only mrtg, but there are lot more than the MRTG errors (or messages).
Please remember that most of this "avc: denied" message comes on at bootup time and during login sessions
as well. When in VI the messages keep poping up.
Subba Rao
sailorn@attglobal.net
2002-12-24
======= At 2002-12-22, 16:52:00 you wrote: =======
>On Sun, 22 Dec 2002 15:58, Subba Rao wrote:
>> ===================
>> avc: denied { search } for pid=848 exe=/usr/bin/perl path=/var/www/mrtg
>> dev=03:01 ino=272926 scontext=system_u:system_r:crond_t
>> tcontext=system_u:object_r:httpd_sys_content_t tclass=dir
>
>Did you install my mrtg policy?
>
= = = = = = = = = = = = = = = = = = = =
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread[parent not found: <20021225004755.2D3BABF3E@sat.sws.net.au>]
* Re: avc: denied
[not found] <20021225004755.2D3BABF3E@sat.sws.net.au>
@ 2002-12-25 0:51 ` Russell Coker
0 siblings, 0 replies; 5+ messages in thread
From: Russell Coker @ 2002-12-25 0:51 UTC (permalink / raw)
To: Subba Rao, selinux
On Wed, 25 Dec 2002 01:47, Subba Rao wrote:
> I downloaded your policy.tgz and compared the "mrtg.fc" file with the your
> file. They are the same.
OK, it's your system that is weird then.
> In the listed example, you are seeing only mrtg, but there are lot more
> than the MRTG errors (or messages).
I have just noticed that the error message below concerns crond_t which means
that the cron job is not running in the correct context. I guess that you
aren't using the modified crond.
You need modified utilities to rotate log files, run cron jobs, and login.
Without the SE Linux modified utilities things won't work.
> ======= At 2002-12-22, 16:52:00 you wrote: =======
>
> >On Sun, 22 Dec 2002 15:58, Subba Rao wrote:
> >> ===================
> >> avc: denied { search } for pid=848 exe=/usr/bin/perl
> >> path=/var/www/mrtg dev=03:01 ino=272926
> >> scontext=system_u:system_r:crond_t
> >> tcontext=system_u:object_r:httpd_sys_content_t tclass=dir
> >
> >Did you install my mrtg policy?
>
> = = = = = = = = = = = = = = = = = = = =
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2002-12-25 1:46 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-12-22 14:58 avc: denied Subba Rao
2002-12-22 15:52 ` Russell Coker
2002-12-25 1:45 ` test Ed Street
2002-12-25 0:47 avc: denied Subba Rao
[not found] <20021225004755.2D3BABF3E@sat.sws.net.au>
2002-12-25 0:51 ` Russell Coker
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.