概述:
SELinux is preventing polkit-read-aut (polkit_auth_t) "dac_override"
polkit_auth_t.
详细描述:
SELinux denied access requested by polkit-read-aut. It is not expected that this
access is required by polkit-read-aut and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:polkit_auth_t:s0
目标上下文 system_u:system_r:polkit_auth_t:s0
目标对象 None [ capability ]
源 polkit-read-aut
源路径 /usr/libexec/polkit-read-auth-helper
端口 <未知>
主机 Joard.B
源 RPM 软件包 PolicyKit-0.9-6.fc11
目标 RPM 软件包
策略 RPM selinux-policy-3.6.12-39.fc11
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.29.4-167.fc11.i586 #1 SMP Wed
May 27 17:14:37 EDT 2009 i686 i686
警报计数 13352
第一个 2009年06月27日 星期六 23时33分08秒
最后一个 2009年07月04日 星期六 03时36分30秒
本地 ID 02d2e4bf-7159-48b7-b422-88a45d0b4340
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1246649790.33:1851): avc: denied { dac_override } for pid=2772 comm="polkit-read-aut" capability=1 scontext=system_u:system_r:polkit_auth_t:s0 tcontext=system_u:system_r:polkit_auth_t:s0 tclass=capability
node=Joard.B type=AVC msg=audit(1246649790.33:1851): avc: denied { dac_read_search } for pid=2772 comm="polkit-read-aut" capability=2 scontext=system_u:system_r:polkit_auth_t:s0 tcontext=system_u:system_r:polkit_auth_t:s0 tclass=capability
node=Joard.B type=SYSCALL msg=audit(1246649790.33:1851): arch=40000003 syscall=195 success=no exit=-13 a0=bfe72100 a1=bfe72174 a2=482fc4 a3=4 items=0 ppid=2768 pid=2772 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=87 sgid=87 fsgid=87 tty=(none) ses=4294967295 comm="polkit-read-aut" exe="/usr/libexec/polkit-read-auth-helper" subj=system_u:system_r:polkit_auth_t:s0 key=(null)
概述:
SELinux is preventing polkit-read-aut (polkit_auth_t) "dac_override"
polkit_auth_t.
详细描述:
SELinux denied access requested by polkit-read-aut. It is not expected that this
access is required by polkit-read-aut and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:polkit_auth_t:s0-s0:c0.c1023
目标上下文 system_u:system_r:polkit_auth_t:s0-s0:c0.c1023
目标对象 None [ capability ]
源 polkit-read-aut
源路径 /usr/libexec/polkit-read-auth-helper
端口 <未知>
主机 Joard.B
源 RPM 软件包 PolicyKit-0.9-6.fc11
目标 RPM 软件包
策略 RPM selinux-policy-3.6.12-39.fc11
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.29.4-167.fc11.i586 #1 SMP Wed
May 27 17:14:37 EDT 2009 i686 i686
警报计数 576
第一个 2009年07月01日 星期三 02时48分02秒
最后一个 2009年07月04日 星期六 03时36分28秒
本地 ID 2274c62e-1c0b-43c5-9054-4e329f34592f
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1246649788.847:1794): avc: denied { dac_override } for pid=2762 comm="polkit-read-aut" capability=1 scontext=system_u:system_r:polkit_auth_t:s0-s0:c0.c1023 tcontext=system_u:system_r:polkit_auth_t:s0-s0:c0.c1023 tclass=capability
node=Joard.B type=AVC msg=audit(1246649788.847:1794): avc: denied { dac_read_search } for pid=2762 comm="polkit-read-aut" capability=2 scontext=system_u:system_r:polkit_auth_t:s0-s0:c0.c1023 tcontext=system_u:system_r:polkit_auth_t:s0-s0:c0.c1023 tclass=capability
node=Joard.B type=SYSCALL msg=audit(1246649788.847:1794): arch=40000003 syscall=5 success=no exit=-13 a0=bfd75480 a1=0 a2=0 a3=8 items=0 ppid=2620 pid=2762 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=87 sgid=87 fsgid=87 tty=(none) ses=4294967295 comm="polkit-read-aut" exe="/usr/libexec/polkit-read-auth-helper" subj=system_u:system_r:polkit_auth_t:s0-s0:c0.c1023 key=(null)
概述:
SELinux is preventing nscd (nscd_t) "dac_override" nscd_t.
详细描述:
SELinux denied access requested by nscd. It is not expected that this access is
required by nscd and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:nscd_t:s0
目标上下文 system_u:system_r:nscd_t:s0
目标对象 None [ capability ]
源 nscd
源路径 /usr/sbin/nscd
端口 <未知>
主机 Joard.B
源 RPM 软件包 nscd-2.10.1-2
目标 RPM 软件包
策略 RPM selinux-policy-3.6.12-39.fc11
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.29.4-167.fc11.i586 #1 SMP Wed
May 27 17:14:37 EDT 2009 i686 i686
警报计数 84
第一个 2009年07月01日 星期三 02时51分07秒
最后一个 2009年07月04日 星期六 03时30分38秒
本地 ID 136c044e-1af6-414e-bcdf-128197e42e4d
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1246649438.212:1754): avc: denied { dac_override } for pid=2676 comm="nscd" capability=1 scontext=system_u:system_r:nscd_t:s0 tcontext=system_u:system_r:nscd_t:s0 tclass=capability
node=Joard.B type=AVC msg=audit(1246649438.212:1754): avc: denied { dac_read_search } for pid=2676 comm="nscd" capability=2 scontext=system_u:system_r:nscd_t:s0 tcontext=system_u:system_r:nscd_t:s0 tclass=capability
node=Joard.B type=SYSCALL msg=audit(1246649438.212:1754): arch=40000003 syscall=5 success=no exit=-13 a0=184c6c8 a1=0 a2=0 a3=184c6f8 items=0 ppid=1851 pid=2676 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="nscd" exe="/usr/sbin/nscd" subj=system_u:system_r:nscd_t:s0 key=(null)
概述:
SELinux is preventing kerneloops (kerneloops_t) "dac_override" kerneloops_t.
详细描述:
SELinux denied access requested by kerneloops. It is not expected that this
access is required by kerneloops and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:kerneloops_t:s0-s0:c0.c1023
目标上下文 system_u:system_r:kerneloops_t:s0-s0:c0.c1023
目标对象 None [ capability ]
源 kerneloops
源路径 /usr/sbin/kerneloops
端口 <未知>
主机 Joard.B
源 RPM 软件包 kerneloops-0.12-5.fc11
目标 RPM 软件包
策略 RPM selinux-policy-3.6.12-39.fc11
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.29.4-167.fc11.i586 #1 SMP Wed
May 27 17:14:37 EDT 2009 i686 i686
警报计数 96
第一个 2009年07月01日 星期三 02时47分56秒
最后一个 2009年07月04日 星期六 03时30分16秒
本地 ID b06729f6-a91a-49b7-9fbb-70ae1fd14534
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1246649416.692:1708): avc: denied { dac_override } for pid=2432 comm="kerneloops" capability=1 scontext=system_u:system_r:kerneloops_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kerneloops_t:s0-s0:c0.c1023 tclass=capability
node=Joard.B type=AVC msg=audit(1246649416.692:1708): avc: denied { dac_read_search } for pid=2432 comm="kerneloops" capability=2 scontext=system_u:system_r:kerneloops_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kerneloops_t:s0-s0:c0.c1023 tclass=capability
node=Joard.B type=SYSCALL msg=audit(1246649416.692:1708): arch=40000003 syscall=5 success=no exit=-13 a0=bfb622c0 a1=0 a2=0 a3=8 items=0 ppid=2431 pid=2432 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kerneloops" exe="/usr/sbin/kerneloops" subj=system_u:system_r:kerneloops_t:s0-s0:c0.c1023 key=(null)
概述:
SELinux is preventing polkit-read-aut (polkit_auth_t) "dac_read_search"
polkit_auth_t.
详细描述:
SELinux denied access requested by polkit-read-aut. It is not expected that this
access is required by polkit-read-aut and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:polkit_auth_t:s0
目标上下文 system_u:system_r:polkit_auth_t:s0
目标对象 None [ capability ]
源 polkit-read-aut
源路径 /usr/libexec/polkit-read-auth-helper
端口 <未知>
主机 Joard.B
源 RPM 软件包 PolicyKit-0.9-6.fc11
目标 RPM 软件包
策略 RPM selinux-policy-3.6.12-39.fc11
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.29.4-167.fc11.i586 #1 SMP Wed
May 27 17:14:37 EDT 2009 i686 i686
警报计数 114
第一个 2009年06月27日 星期六 23时33分08秒
最后一个 2009年07月04日 星期六 03时30分10秒
本地 ID 02296118-6235-4f0b-bbe0-e03a91aeb559
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1246649410.115:1207): avc: denied { dac_read_search } for pid=2284 comm="polkit-read-aut" capability=2 scontext=system_u:system_r:polkit_auth_t:s0 tcontext=system_u:system_r:polkit_auth_t:s0 tclass=capability
node=Joard.B type=SYSCALL msg=audit(1246649410.115:1207): arch=40000003 syscall=195 success=no exit=-13 a0=bf894a90 a1=bf894b04 a2=482fc4 a3=5 items=0 ppid=2266 pid=2284 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=87 sgid=87 fsgid=87 tty=(none) ses=4294967295 comm="polkit-read-aut" exe="/usr/libexec/polkit-read-auth-helper" subj=system_u:system_r:polkit_auth_t:s0 key=(null)
概述:
SELinux is preventing lircd (lircd_t) "dac_override" lircd_t.
详细描述:
SELinux denied access requested by lircd. It is not expected that this access is
required by lircd and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:lircd_t:s0
目标上下文 system_u:system_r:lircd_t:s0
目标对象 None [ capability ]
源 lircd
源路径 /usr/sbin/lircd
端口 <未知>
主机 Joard.B
源 RPM 软件包 lirc-0.8.5-2.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.6.12-39.fc11
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.29.4-167.fc11.i586 #1 SMP Wed
May 27 17:14:37 EDT 2009 i686 i686
警报计数 352
第一个 2009年06月27日 星期六 23时32分56秒
最后一个 2009年07月04日 星期六 03时29分39秒
本地 ID 454f3ae1-0711-43bb-91bc-5973fd8a6d12
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1246649379.643:85): avc: denied { dac_override } for pid=1865 comm="lircd" capability=1 scontext=system_u:system_r:lircd_t:s0 tcontext=system_u:system_r:lircd_t:s0 tclass=capability
node=Joard.B type=AVC msg=audit(1246649379.643:85): avc: denied { dac_read_search } for pid=1865 comm="lircd" capability=2 scontext=system_u:system_r:lircd_t:s0 tcontext=system_u:system_r:lircd_t:s0 tclass=capability
node=Joard.B type=SYSCALL msg=audit(1246649379.643:85): arch=40000003 syscall=5 success=no exit=-13 a0=bfb2bb20 a1=0 a2=0 a3=8 items=0 ppid=1864 pid=1865 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lircd" exe="/usr/sbin/lircd" subj=system_u:system_r:lircd_t:s0 key=(null)
概述:
SELinux is preventing hal-setup-keyma (hald_keymap_t) "dac_override"
hald_keymap_t.
详细描述:
SELinux denied access requested by hal-setup-keyma. It is not expected that this
access is required by hal-setup-keyma and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:hald_keymap_t:s0
目标上下文 system_u:system_r:hald_keymap_t:s0
目标对象 None [ capability ]
源 hal-setup-keyma
源路径 /usr/bin/hal-setup-keymap
端口 <未知>
主机 Joard.B
源 RPM 软件包 hal-0.5.12-26.20090226git.fc11
目标 RPM 软件包
策略 RPM selinux-policy-3.6.12-39.fc11
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.29.4-167.fc11.i586 #1 SMP Wed
May 27 17:14:37 EDT 2009 i686 i686
警报计数 352
第一个 2009年06月27日 星期六 23时32分54秒
最后一个 2009年07月04日 星期六 03时29分37秒
本地 ID 7e64fef2-1e7a-4710-96d1-071c0c13ff68
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1246649377.230:69): avc: denied { dac_override } for pid=1790 comm="hal-setup-keyma" capability=1 scontext=system_u:system_r:hald_keymap_t:s0 tcontext=system_u:system_r:hald_keymap_t:s0 tclass=capability
node=Joard.B type=AVC msg=audit(1246649377.230:69): avc: denied { dac_read_search } for pid=1790 comm="hal-setup-keyma" capability=2 scontext=system_u:system_r:hald_keymap_t:s0 tcontext=system_u:system_r:hald_keymap_t:s0 tclass=capability
node=Joard.B type=SYSCALL msg=audit(1246649377.230:69): arch=40000003 syscall=5 success=no exit=-13 a0=bfb08360 a1=0 a2=0 a3=8 items=0 ppid=1682 pid=1790 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="hal-setup-keyma" exe="/usr/bin/hal-setup-keymap" subj=system_u:system_r:hald_keymap_t:s0 key=(null)
概述:
SELinux is preventing lircd (lircd_t) "create" lircd_t.
详细描述:
SELinux denied access requested by lircd. It is not expected that this access is
required by lircd and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:lircd_t:s0-s0:c0.c1023
目标上下文 system_u:system_r:lircd_t:s0-s0:c0.c1023
目标对象 None [ udp_socket ]
源 lircd
源路径 /usr/sbin/lircd
端口 <未知>
主机 Joard.B
源 RPM 软件包 lirc-0.8.4a-2.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-61.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.27.24-170.2.68.fc10.i686 #1 SMP
Wed May 20 23:10:16 EDT 2009 i686 i686
警报计数 1
第一个 2009年06月20日 星期六 02时42分51秒
最后一个 2009年06月20日 星期六 02时42分51秒
本地 ID fcb1c05e-5cbd-427b-8fb0-7b4816fde7e4
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1245436971.608:24): avc: denied { create } for pid=7789 comm="lircd" scontext=system_u:system_r:lircd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lircd_t:s0-s0:c0.c1023 tclass=udp_socket
node=Joard.B type=SYSCALL msg=audit(1245436971.608:24): arch=40000003 syscall=102 success=yes exit=10 a0=1 a1=bfa915b0 a2=223d a3=bfa9161c items=0 ppid=1 pid=7789 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lircd" exe="/usr/sbin/lircd" subj=system_u:system_r:lircd_t:s0-s0:c0.c1023 key=(null)
概述:
SELinux is preventing lircd (lircd_t) "bind" lircd_t.
详细描述:
SELinux denied access requested by lircd. It is not expected that this access is
required by lircd and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:lircd_t:s0-s0:c0.c1023
目标上下文 system_u:system_r:lircd_t:s0-s0:c0.c1023
目标对象 None [ udp_socket ]
源 lircd
源路径 /usr/sbin/lircd
端口 <未知>
主机 Joard.B
源 RPM 软件包 lirc-0.8.4a-2.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-61.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.27.24-170.2.68.fc10.i686 #1 SMP
Wed May 20 23:10:16 EDT 2009 i686 i686
警报计数 1
第一个 2009年06月20日 星期六 02时42分51秒
最后一个 2009年06月20日 星期六 02时42分51秒
本地 ID 54c889a5-3e2f-4d2f-a08d-e2dd39baed32
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1245436971.611:25): avc: denied { bind } for pid=7789 comm="lircd" scontext=system_u:system_r:lircd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lircd_t:s0-s0:c0.c1023 tclass=udp_socket
node=Joard.B type=AVC msg=audit(1245436971.611:25): avc: denied { name_bind } for pid=7789 comm="lircd" src=8765 scontext=system_u:system_r:lircd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
node=Joard.B type=AVC msg=audit(1245436971.611:25): avc: denied { node_bind } for pid=7789 comm="lircd" src=8765 scontext=system_u:system_r:lircd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inaddr_any_node_t:s0 tclass=udp_socket
node=Joard.B type=SYSCALL msg=audit(1245436971.611:25): arch=40000003 syscall=102 success=yes exit=0 a0=2 a1=bfa915b0 a2=223d a3=bfa9161c items=0 ppid=1 pid=7789 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lircd" exe="/usr/sbin/lircd" subj=system_u:system_r:lircd_t:s0-s0:c0.c1023 key=(null)
概述:
SELinux is preventing ld-linux.so.2 from loading /usr/lib/i686/libx264.so.61
which requires text relocation.
详细描述:
The ld-linux.so.2 application attempted to load /usr/lib/i686/libx264.so.61
which requires text relocation. This is a potential security problem. Most
libraries do not need this permission. Libraries are sometimes coded incorrectly
and request this permission. The SELinux Memory Protection Tests
(http://people.redhat.com/drepper/selinux-mem.html) web page explains how to
remove this requirement. You can configure SELinux temporarily to allow
/usr/lib/i686/libx264.so.61 to use relocation as a workaround, until the library
is fixed. Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
允许访问:
If you trust /usr/lib/i686/libx264.so.61 to run correctly, you can change the
file context to textrel_shlib_t. "chcon -t textrel_shlib_t
'/usr/lib/i686/libx264.so.61'" You must also change the default file context
files on the system in order to preserve them even on a full relabel. "semanage
fcontext -a -t textrel_shlib_t '/usr/lib/i686/libx264.so.61'"
Fix 命令:
chcon -t textrel_shlib_t '/usr/lib/i686/libx264.so.61'
附加信息:
源上下文 system_u:system_r:prelink_t:s0-s0:c0.c1023
目标上下文 system_u:object_r:lib_t:s0
目标对象 /usr/lib/i686/libx264.so.61 [ file ]
源 ld-linux.so.2
源路径 /lib/ld-2.9.so
端口 <未知>
主机 Joard.B
源 RPM 软件包 glibc-2.9-2
目标 RPM 软件包 x264-libs-0.0.0-0.20.20080905.fc10
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 allow_execmod
主机名 Joard.B
平台 Linux Joard.B 2.6.27.5-117.fc10.i686 #1 SMP Tue
Nov 18 12:19:59 EST 2008 i686 i686
警报计数 1
第一个 2009年06月05日 星期五 04时03分56秒
最后一个 2009年06月05日 星期五 04时03分56秒
本地 ID 4b6fa69a-7877-465f-bc65-66db9dd8bfcd
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1244145836.807:64): avc: denied { execmod } for pid=18515 comm="ld-linux.so.2" path="/usr/lib/i686/libx264.so.61" dev=dm-0 ino=1132350 scontext=system_u:system_r:prelink_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lib_t:s0 tclass=file
node=Joard.B type=SYSCALL msg=audit(1244145836.807:64): arch=40000003 syscall=125 success=no exit=-13 a0=111000 a1=87000 a2=5 a3=bfade4c0 items=0 ppid=17713 pid=18515 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=6 comm="ld-linux.so.2" exe="/lib/ld-2.9.so" subj=system_u:system_r:prelink_t:s0-s0:c0.c1023 key=(null)
概述:
SELinux is preventing npviewer.bin (nsplugin_t) "read write"
unconfined_execmem_t.
详细描述:
SELinux denied access requested by npviewer.bin. It is not expected that this
access is required by npviewer.bin and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 unconfined_u:unconfined_r:nsplugin_t:s0
目标上下文 unconfined_u:unconfined_r:unconfined_execmem_t:s0
目标对象 socket [ tcp_socket ]
源 npviewer.bin
源路径 /usr/lib/nspluginwrapper/npviewer.bin
端口 <未知>
主机 Joard.B
源 RPM 软件包 nspluginwrapper-1.1.2-4.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.27.5-117.fc10.i686 #1 SMP Tue
Nov 18 12:19:59 EST 2008 i686 i686
警报计数 1
第一个 2009年06月05日 星期五 02时00分03秒
最后一个 2009年06月05日 星期五 02时00分03秒
本地 ID 4b406554-8ba2-4f7d-b72a-ef731072d8f9
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53289]" dev=sockfs ino=53289 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[42519]" dev=sockfs ino=42519 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=unix_stream_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[52127]" dev=sockfs ino=52127 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[52133]" dev=sockfs ino=52133 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53385]" dev=sockfs ino=53385 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53386]" dev=sockfs ino=53386 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53387]" dev=sockfs ino=53387 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53388]" dev=sockfs ino=53388 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53389]" dev=sockfs ino=53389 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[42727]" dev=sockfs ino=42727 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=unix_stream_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53288]" dev=sockfs ino=53288 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53177]" dev=sockfs ino=53177 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53106]" dev=sockfs ino=53106 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53115]" dev=sockfs ino=53115 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53354]" dev=sockfs ino=53354 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53153]" dev=sockfs ino=53153 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53154]" dev=sockfs ino=53154 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53155]" dev=sockfs ino=53155 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53178]" dev=sockfs ino=53178 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53179]" dev=sockfs ino=53179 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53180]" dev=sockfs ino=53180 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53181]" dev=sockfs ino=53181 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244138403.540:41): avc: denied { read write } for pid=9105 comm="npviewer.bin" path="socket:[53182]" dev=sockfs ino=53182 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=SYSCALL msg=audit(1244138403.540:41): arch=40000003 syscall=11 success=yes exit=0 a0=8ced648 a1=8cee5a0 a2=8ce7758 a3=0 items=0 ppid=7257 pid=9105 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0 key=(null)
概述:
SELinux is preventing npviewer.bin (nsplugin_t) "read write"
unconfined_execmem_t.
详细描述:
SELinux denied access requested by npviewer.bin. It is not expected that this
access is required by npviewer.bin and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 unconfined_u:unconfined_r:nsplugin_t:s0
目标上下文 unconfined_u:unconfined_r:unconfined_execmem_t:s0
目标对象 socket [ unix_stream_socket ]
源 npviewer.bin
源路径 /usr/lib/nspluginwrapper/npviewer.bin
端口 <未知>
主机 Joard.B
源 RPM 软件包 nspluginwrapper-1.1.2-4.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台 Linux Joard.B 2.6.27.5-117.fc10.i686 #1 SMP Tue
Nov 18 12:19:59 EST 2008 i686 i686
警报计数 2
第一个 2009年06月05日 星期五 01时26分59秒
最后一个 2009年06月05日 星期五 01时26分59秒
本地 ID f4a97d70-b9a5-4f3d-aa54-09809bba3013
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42519]" dev=sockfs ino=42519 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=unix_stream_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42572]" dev=sockfs ino=42572 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42638]" dev=sockfs ino=42638 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42710]" dev=sockfs ino=42710 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42641]" dev=sockfs ino=42641 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42708]" dev=sockfs ino=42708 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42645]" dev=sockfs ino=42645 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42711]" dev=sockfs ino=42711 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42712]" dev=sockfs ino=42712 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=udp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42717]" dev=sockfs ino=42717 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42718]" dev=sockfs ino=42718 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42649]" dev=sockfs ino=42649 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42650]" dev=sockfs ino=42650 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42651]" dev=sockfs ino=42651 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42652]" dev=sockfs ino=42652 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42653]" dev=sockfs ino=42653 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=AVC msg=audit(1244136419.468:37): avc: denied { read write } for pid=7303 comm="npviewer.bin" path="socket:[42656]" dev=sockfs ino=42656 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0 tclass=tcp_socket
node=Joard.B type=SYSCALL msg=audit(1244136419.468:37): arch=40000003 syscall=11 success=yes exit=0 a0=842b648 a1=842c5a0 a2=8425758 a3=0 items=0 ppid=7257 pid=7303 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0 key=(null)
概述:
SELinux is preventing npviewer.bin (nsplugin_t) "read" to ./pulse-shm-4034499770
(tmpfs_t).
详细描述:
SELinux denied access requested by npviewer.bin. It is not expected that this
access is required by npviewer.bin and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for ./pulse-shm-4034499770,
restorecon -v './pulse-shm-4034499770'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 unconfined_u:unconfined_r:nsplugin_t:s0
目标上下文 unconfined_u:object_r:tmpfs_t:s0
目标对象 ./pulse-shm-4034499770 [ file ]
源 npviewer.bin
源路径 /usr/lib/nspluginwrapper/npviewer.bin
端口 <未知>
主机 Joard.B
源 RPM 软件包 nspluginwrapper-1.1.2-4.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall_file
主机名 Joard.B
平台 Linux Joard.B 2.6.27.5-117.fc10.i686 #1 SMP Tue
Nov 18 12:19:59 EST 2008 i686 i686
警报计数 1
第一个 2009年06月05日 星期五 01时26分59秒
最后一个 2009年06月05日 星期五 01时26分59秒
本地 ID 9d684775-49c4-478b-a243-851e864eb7cc
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1244136419.886:38): avc: denied { read } for pid=7303 comm="npviewer.bin" name="pulse-shm-4034499770" dev=tmpfs ino=42542 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:object_r:tmpfs_t:s0 tclass=file
node=Joard.B type=SYSCALL msg=audit(1244136419.886:38): arch=40000003 syscall=5 success=no exit=-13 a0=bf94a5d0 a1=a0000 a2=0 a3=bf94a5d0 items=0 ppid=7257 pid=7303 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0 key=(null)
概述:
SELinux is preventing npviewer.bin (nsplugin_t) "read" to ./pulse-shm-2279965817
(tmpfs_t).
详细描述:
SELinux denied access requested by npviewer.bin. It is not expected that this
access is required by npviewer.bin and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for ./pulse-shm-2279965817,
restorecon -v './pulse-shm-2279965817'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 unconfined_u:unconfined_r:nsplugin_t:s0
目标上下文 unconfined_u:object_r:tmpfs_t:s0
目标对象 ./pulse-shm-2279965817 [ file ]
源 npviewer.bin
源路径 /usr/lib/nspluginwrapper/npviewer.bin
端口 <未知>
主机 Joard.B
源 RPM 软件包 nspluginwrapper-1.1.2-4.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall_file
主机名 Joard.B
平台 Linux Joard.B 2.6.27.5-117.fc10.i686 #1 SMP Tue
Nov 18 12:19:59 EST 2008 i686 i686
警报计数 1
第一个 2009年06月05日 星期五 01时26分59秒
最后一个 2009年06月05日 星期五 01时26分59秒
本地 ID 4dda344a-ef7e-429f-b560-ec9b5a376daf
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1244136419.887:39): avc: denied { read } for pid=7303 comm="npviewer.bin" name="pulse-shm-2279965817" dev=tmpfs ino=39830 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=unconfined_u:object_r:tmpfs_t:s0 tclass=file
node=Joard.B type=SYSCALL msg=audit(1244136419.887:39): arch=40000003 syscall=5 success=no exit=-13 a0=bf94a5d0 a1=a0000 a2=0 a3=bf94a5d0 items=0 ppid=7257 pid=7303 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0 key=(null)
概述:
SELinux is preventing NetworkManager (NetworkManager_t) "search" to ./dhclient
(dhcpc_state_t).
详细描述:
SELinux denied access requested by NetworkManager. It is not expected that this
access is required by NetworkManager and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for ./dhclient,
restorecon -v './dhclient'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 system_u:system_r:NetworkManager_t:s0
目标上下文 system_u:object_r:dhcpc_state_t:s0
目标对象 ./dhclient [ dir ]
源 NetworkManager
源路径 /usr/sbin/NetworkManager
端口 <未知>
主机 Joard.B
源 RPM 软件包 NetworkManager-0.7.1-1.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall_file
主机名 Joard.B
平台 Linux Joard.B 2.6.27.24-170.2.68.fc10.i686 #1 SMP
Wed May 20 23:10:16 EDT 2009 i686 i686
警报计数 4
第一个 2009年06月03日 星期三 07时27分30秒
最后一个 2009年06月04日 星期四 09时20分51秒
本地 ID 89b32048-94e0-41f0-97b2-8492975f4937
行号
原始核查信息
node=Joard.B type=AVC msg=audit(1244078451.309:140): avc: denied { search } for pid=2237 comm="NetworkManager" name="dhclient" dev=dm-0 ino=3440994 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:dhcpc_state_t:s0 tclass=dir
node=Joard.B type=SYSCALL msg=audit(1244078451.309:140): arch=40000003 syscall=10 success=no exit=-13 a0=9484b78 a1=21 a2=c21ff4 a3=9484b78 items=0 ppid=1 pid=2237 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="NetworkManager" exe="/usr/sbin/NetworkManager" subj=system_u:system_r:NetworkManager_t:s0 key=(null)
概述:
SELinux is preventing ntpd (ntpd_t) "read write" unconfined_t.
详细描述:
SELinux denied access requested by ntpd. It is not expected that this access is
required by ntpd and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 unconfined_u:system_r:ntpd_t:s0
目标上下文 unconfined_u:unconfined_r:unconfined_t:s0
目标对象 socket [ unix_stream_socket ]
源 ntpd
源路径 /usr/sbin/ntpd
端口 <未知>
主机 Joard.B
源 RPM 软件包 ntp-4.2.4p5-2.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall
主机名 Joard.B
平台