Problem Z /usr/sbin/pppd Związany Z Selinux Na F9

[kurzawa]

Kiedy próbuje połączyć się z internetem jako zwykły user z internetem i wpisuje w konsoli:

 

/sbin/ifup ppp0

 

To SElinux ostrzega:

 

Podsumowanie:

SELinux is preventing ifup-ppp (usernetctl_t) "getattr" to /usr/sbin/pppd
(pppd_exec_t).

Szczegółowy opis:

SELinux denied access requested by ifup-ppp. It is not expected that this access
is required by ifup-ppp and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.

Zezwalanie na dostęp:

Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /usr/sbin/pppd,

restorecon -v '/usr/sbin/pppd'

If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

 

Co na to poradzić?

[@WalDo]

Co na to poradzić?

No masz jak byk napisane Jako root:

restorecon -v '/usr/sbin/pppd'

 

[kurzawa]

No masz jak byk napisane Jako root:

 

Wpisywałem to ale to kompletnie nic nie daje. Co zrobić?

[morsik]

Daj cały komunikat błędu.

[kurzawa]

Daj cały komunikat błędu.

 

Podsumowanie:

SELinux is preventing ifup-ppp (usernetctl_t) "getattr" to /usr/sbin/pppd
(pppd_exec_t).

Szczegółowy opis:

SELinux denied access requested by ifup-ppp. It is not expected that this access
is required by ifup-ppp and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.

Zezwalanie na dostęp:

Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /usr/sbin/pppd,

restorecon -v '/usr/sbin/pppd'

If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Dodatkowe informacje:

Kontekst źródłowy          unconfined_u:unconfined_r:usernetctl_t:s0-s0:c0.c1
                             023
Kontekst docelowy             system_u:object_r:pppd_exec_t:s0
Obiekty docelowe              /usr/sbin/pppd [ file ]
Źródło                     ifup-ppp
Ścieżka źródłowa         /bin/bash
Port                          <Nieznane>
Komputer                      localhost.localdomain
Źródłowe pakiety RPM       bash-3.2-22.fc9
Docelowe pakiety RPM          ppp-2.4.4-7.fc9
RPM polityki                  selinux-policy-3.3.1-51.fc9
SELinux jest włączony       True
Typ polityki                  targeted
MLS jest włączone           True
Tryb wymuszania               Enforcing
Nazwa wtyczki                 catchall_file
Nazwa komputera               localhost.localdomain
Platforma                     Linux localhost.localdomain 2.6.25.3-18.fc9.i686
                             #1 SMP Tue May 13 05:38:53 EDT 2008 i686 athlon
Licznik alarmów              4
Po raz pierwszy               czw, 22 maj 2008, 19:58:42
Po raz ostatni                pią, 23 maj 2008, 13:12:35
Lokalny ID                    221c8242-1d85-4303-a96b-10659703a4b7
Liczba wierszy                

Surowe komunikaty audytu      

host=localhost.localdomain type=AVC msg=audit(1211541155.36:16): avc:  denied  { getattr } for  pid=3154 comm="ifup-ppp" path="/usr/sbin/pppd" dev=dm-0 ino=1095871 scontext=unconfined_u:unconfined_r:usernetctl_t:s0-s0:c0.c1023 tcontext=system_u:object_r:pppd_exec_t:s0 tclass=file

host=localhost.localdomain type=SYSCALL msg=audit(1211541155.36:16): arch=40000003 syscall=195 success=no exit=-13 a0=906c130 a1=bfcde57c a2=4dd6ff4 a3=906c132 items=0 ppid=3125 pid=3154 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="ifup-ppp" exe="/bin/bash" subj=unconfined_u:unconfined_r:usernetctl_t:s0-s0:c0.c1023 key=(null)