Skocz do zawartości

Problemy Z Selinux

fafig

Przez fafig,
w Administracja systemowa

 Share

Rekomendowane odpowiedzi

fafig Ekspert

fafig

Napisano
Napisano

witam, mam problem/pytanie zwiazany z selinuksem. w var/log/messages dostaje cos takiego:

 

Jul 16 10:29:18 amd64 kernel: audit(1184574557.932:3): avc:  denied  { execmem } for  pid=4512 comm="Xorg" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process
Jul 16 10:29:18 amd64 kernel: audit(1184574557.932:4): avc:  denied  { execstack } for  pid=4512 comm="Xorg" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process
Jul 16 10:34:46 amd64 kernel: audit(1184581928.888:3): avc:  denied  { getattr } for  pid=1391 comm="mount" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:34:46 amd64 kernel: audit(1184581928.888:4): avc:  denied  { getattr } for  pid=1413 comm="restorecon" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:restorecon_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:34:46 amd64 kernel: audit(1184581932.888:5): avc:  denied  { getattr } for  pid=2200 comm="swapon" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:fsadm_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:34:46 amd64 kernel: audit(1184581932.888:6): avc:  denied  { write } for  pid=2216 comm="mount" name="mtab" dev=sda3 ino=1277578 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
Jul 16 10:34:46 amd64 kernel: audit(1184581932.888:7): avc:  denied  { append } for  pid=2216 comm="mount" name="mtab" dev=sda3 ino=1277578 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
Jul 16 10:34:46 amd64 kernel: audit(1184574735.556:8): avc:  denied  { mount } for  pid=2367 comm="mount" name="/" dev=fusectl ino=8833 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem
Jul 16 10:34:46 amd64 kernel: audit(1184574736.056:9): avc:  denied  { getattr } for  pid=2386 comm="mount.ntfs-3g" name="fuse" dev=tmpfs ino=8829 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Jul 16 10:34:46 amd64 kernel: audit(1184574736.056:10): avc:  denied  { read write } for  pid=2387 comm="fusermount" name="fuse" dev=tmpfs ino=8829 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Jul 16 10:34:46 amd64 kernel: audit(1184574885.565:11): avc:  denied  { getattr } for  pid=3298 comm="restorecon" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:restorecon_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:34:46 amd64 kernel: audit(1184574886.065:12): avc:  denied  { read write } for  pid=3430 comm="syslogd" name="xconsole" dev=tmpfs ino=13142 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=fifo_file
Jul 16 10:34:46 amd64 kernel: audit(1184574886.065:13): avc:  denied  { ioctl } for  pid=3430 comm="syslogd" name="xconsole" dev=tmpfs ino=13142 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=fifo_file
Jul 16 10:34:50 amd64 kernel: audit(1184574889.565:14): avc:  denied  { getattr } for  pid=4034 comm="iptables" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:34:51 amd64 kernel: audit(1184574891.065:15): avc:  denied  { search } for  pid=4225 comm="rpc.statd" name="sbin" dev=sda3 ino=163754 scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:object_r:sbin_t:s0 tclass=dir
Jul 16 10:34:51 amd64 kernel: audit(1184574891.065:16): avc:  denied  { search } for  pid=4224 comm="rpc.statd" scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:object_r:sysctl_fs_t:s0 tclass=dir
Jul 16 10:34:53 amd64 kernel: audit(1184574893.065:17): avc:  denied  { getattr } for  pid=4324 comm="mount" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:34:53 amd64 kernel: audit(1184574893.565:18): avc:  denied  { execmem } for  pid=4354 comm="Xorg" scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=process
Jul 16 10:34:53 amd64 kernel: audit(1184574893.565:19): avc:  denied  { write } for  pid=3430 comm="syslogd" name="xconsole" dev=tmpfs ino=13142 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=fifo_file
Jul 16 10:34:53 amd64 kernel: audit(1184574893.565:20): avc:  denied  { execstack } for  pid=4354 comm="Xorg" scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=process
Jul 16 10:35:23 amd64 kernel: audit(1184574923.067:21): avc:  denied  { append } for  pid=4454 comm="hostname" name=".xsession-errors" dev=sda4 ino=551659 scontext=system_u:system_r:hostname_t:s0 tcontext=user_u:object_r:user_home_t:s0 tclass=file
Jul 16 10:37:34 amd64 kernel: audit(1184575054.075:22): avc:  denied  { getattr } for  pid=4782 comm="restorecon" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:restorecon_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:40:42 amd64 kernel: audit(1184575242.585:23): avc:  denied  { write } for  pid=2389 comm="mount.ntfs-3g" name="fuse" dev=tmpfs ino=8829 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Jul 16 10:40:42 amd64 kernel: audit(1184575242.585:24): avc:  denied  { read } for  pid=2389 comm="mount.ntfs-3g" name="fuse" dev=tmpfs ino=8829 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Jul 16 10:41:03 amd64 kernel: audit(1184575263.586:25): avc:  denied  { getattr } for  pid=5138 comm="iptables" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:41:05 amd64 kernel: audit(1184575264.586:26): avc:  denied  { unmount } for  pid=5232 comm="umount" scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem
Jul 16 10:42:02 amd64 kernel: audit(1184582511.888:3): avc:  denied  { getattr } for  pid=1390 comm="mount" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:42:02 amd64 kernel: audit(1184582511.888:4): avc:  denied  { getattr } for  pid=1412 comm="restorecon" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:restorecon_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:42:02 amd64 kernel: audit(1184582515.388:5): avc:  denied  { getattr } for  pid=2200 comm="swapon" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:fsadm_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:42:02 amd64 kernel: audit(1184575317.844:6): avc:  denied  { mount } for  pid=2367 comm="mount" name="/" dev=fusectl ino=9071 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem
Jul 16 10:42:02 amd64 kernel: audit(1184575318.344:7): avc:  denied  { getattr } for  pid=2386 comm="mount.ntfs-3g" name="fuse" dev=tmpfs ino=9065 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Jul 16 10:42:02 amd64 kernel: audit(1184575318.344:8): avc:  denied  { read write } for  pid=2390 comm="fusermount" name="fuse" dev=tmpfs ino=9065 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file
Jul 16 10:42:02 amd64 kernel: audit(1184575318.344:9): avc:  denied  { write } for  pid=2390 comm="fusermount" name="mtab.fuselock" dev=sda3 ino=1277348 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file
Jul 16 10:42:02 amd64 kernel: audit(1184575321.344:10): avc:  denied  { getattr } for  pid=2840 comm="restorecon" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:restorecon_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:42:02 amd64 kernel: audit(1184575321.844:11): avc:  denied  { read write } for  pid=2973 comm="syslogd" name="xconsole" dev=tmpfs ino=10172 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=fifo_file
Jul 16 10:42:02 amd64 kernel: audit(1184575321.844:12): avc:  denied  { ioctl } for  pid=2973 comm="syslogd" name="xconsole" dev=tmpfs ino=10172 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=fifo_file
Jul 16 10:42:04 amd64 kernel: audit(1184575324.345:13): avc:  denied  { write } for  pid=2973 comm="syslogd" name="xconsole" dev=tmpfs ino=10172 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=fifo_file
Jul 16 10:42:07 amd64 kernel: audit(1184575326.845:14): avc:  denied  { getattr } for  pid=3577 comm="iptables" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:42:08 amd64 kernel: audit(1184575328.345:15): avc:  denied  { search } for  pid=3768 comm="rpc.statd" name="sbin" dev=sda3 ino=163754 scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:object_r:sbin_t:s0 tclass=dir
Jul 16 10:42:08 amd64 kernel: audit(1184575328.345:16): avc:  denied  { search } for  pid=3767 comm="rpc.statd" scontext=system_u:system_r:rpcd_t:s0 tcontext=system_u:object_r:sysctl_fs_t:s0 tclass=dir
Jul 16 10:42:10 amd64 kernel: audit(1184575330.345:17): avc:  denied  { getattr } for  pid=3867 comm="mount" name="/" dev=selinuxfs ino=934 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:security_t:s0 tclass=filesystem
Jul 16 10:42:11 amd64 kernel: audit(1184575331.345:18): avc:  denied  { execmem } for  pid=3897 comm="Xorg" scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=process
Jul 16 10:42:11 amd64 kernel: audit(1184575331.345:19): avc:  denied  { execstack } for  pid=3897 comm="Xorg" scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=process
Jul 16 10:42:30 amd64 kernel: audit(1184575350.846:20): avc:  denied  { append } for  pid=3998 comm="hostname" name=".xsession-errors" dev=sda4 ino=551659 scontext=system_u:system_r:hostname_t:s0 tcontext=user_u:object_r:user_home_t:s0 tclass=file

 

chodzi mi o konteksty dot. procesow. konkretnie czy polecenie chcon ma zastosowanie takze do nich? bo nie chcialbym sobie przypadkiem spsuc systemu. dzieki za odpowiedz ofkoz setsebool globalne nie wchodzi w gre.

Odnośnik do komentarza
Udostępnij na innych stronach

Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto

Jedynie zarejestrowani użytkownicy mogą komentować zawartość tej strony.

Zarejestruj nowe konto

Załóż nowe konto. To bardzo proste!

Zarejestruj się

Zaloguj się

Posiadasz już konto? Zaloguj się poniżej.

Zaloguj się
 Share
Przejdź do listy tematów
×
×
  • Dodaj nową pozycję...