Package: selinux-policy-default
Version: 2:0.0.20080702-13
Severity: normal
Hi,
I get the following messages when starting a network interface with ifup:
[397311.840230] type=1400 audit(1225019985.641:675): avc: denied { search }
for pid=14593 comm="dhclient-script" name="samba" dev=sda1 ino=436979
scontext=unconfined_u:system_r:dhcpc_t:s0
tcontext=system_u:object_r:samba_etc_t:s0 tclass=dir
[397311.840230] type=1400 audit(1225019985.641:676): avc: denied { getattr }
for pid=14593 comm="dhclient-script" path="/etc/samba/dhcp.conf" dev=sda1
ino=435503 scontext=unconfined_u:system_r:dhcpc_t:s0
tcontext=system_u:object_r:samba_etc_t:s0 tclass=file
[397311.843904] type=1400 audit(1225019985.641:677): avc: denied { use } for
pid=14595 comm="hostname" path="/dev/pts/8" dev=devpts ino=10
scontext=unconfined_u:system_r:hostname_t:s0
tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=fd
[397311.891927] type=1400 audit(1225019985.692:678): avc: denied { execute }
for pid=14599 comm="run-parts" name="bind" dev=sda1 ino=436702
scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:etc_t:s0
tclass=file
[397311.895904] type=1400 audit(1225019985.692:679): avc: denied {
execute_no_trans } for pid=14602 comm="run-parts"
path="/etc/resolvconf/update.d/bind" dev=sda1 ino=436702
scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:etc_t:s0
tclass=file
[397311.898564] type=1400 audit(1225019985.696:680): avc: denied { getattr }
for pid=14602 comm="bind" path="/usr/sbin/named" dev=sda1 ino=541401
scontext=unconfined_u:system_r:dhcpc_t:s0
tcontext=system_u:object_r:named_exec_t:s0 tclass=file
[397311.898783] type=1400 audit(1225019985.696:681): avc: denied { execute }
for pid=14602 comm="bind" name="named" dev=sda1 ino=541401
scontext=unconfined_u:system_r:dhcpc_t:s0
tcontext=system_u:object_r:named_exec_t:s0 tclass=file
[397311.899137] type=1400 audit(1225019985.696:682): avc: denied { search }
for pid=14602 comm="bind" name="bind" dev=sda1 ino=435744
scontext=unconfined_u:system_r:dhcpc_t:s0
tcontext=system_u:object_r:named_zone_t:s0 tclass=dir
[397311.899172] type=1400 audit(1225019985.696:683): avc: denied { getattr }
for pid=14602 comm="bind" path="/etc/bind/named.conf.options" dev=sda1
ino=437827 scontext=unconfined_u:system_r:dhcpc_t:s0
tcontext=system_u:object_r:named_zone_t:s0 tclass=file
The first two seem to be already reported in #502309. I have no idea
about the third. The following messages come from the chain
/etc/network/if-up.d/000resolvconf -> /sbin/resolvconf ->
/etc/resolvconf/update.d/bind.
Cheers,
Julien
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (101, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages selinux-policy-default depends on:
ii libpam-modules 1.0.1-4 Pluggable Authentication Modules f
ii libselinux1 2.0.65-5 SELinux shared libraries
ii libsepol1 2.0.30-2 Security Enhanced Linux policy lib
ii policycoreutils 2.0.49-6 SELinux core policy utilities
ii python 2.5.2-2 An interactive high-level object-o
Versions of packages selinux-policy-default recommends:
ii checkpolicy 2.0.16-2 SELinux policy compiler
ii setools 3.3.5.ds-5 tools for Security Enhanced Linux
Versions of packages selinux-policy-default suggests:
pn logcheck <none> (no description available)
pn syslog-summary <none> (no description available)
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
