FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 10-03-2008, 12:26 AM
Antonio Olivares
 
Default npviever on rawhide: denied avcs

--- On Thu, 10/2/08, Antonio Olivares <olivares14031@yahoo.com> wrote:

> From: Antonio Olivares <olivares14031@yahoo.com>
> Subject: npviever on rawhide: denied avcs
> To: fedora-selinux-list@redhat.com
> Cc: fedora-test-list@redhat.com
> Date: Thursday, October 2, 2008, 5:21 PM
> Dear all,
>
> Doing a dmesg I see some denied avcs for npviewer
>
> I will attach the file, I have not seen setroubleshoot
> kick in to warn me about these avcs. Has anyone else seen
> these?
>
> Thanks,
>
> Antonio
>
>
> --
> fedora-test-list mailing list
> fedora-test-list@redhat.com
> To unsubscribe:
> https://www.redhat.com/mailman/listinfo/fedora-test-list

Messages were not attached, file too big

Here's preview

type=1400 audit(1222991578.902:1308): avc: denied { search } for pid=17937 comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_ubject_r:system_dbusd_var_lib_t: s0 tclass=dir
type=1400 audit(1222991578.902:1309): avc: denied { create } for pid=17937 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
type=1400 audit(1222991578.903:1310): avc: denied { create } for pid=17937 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
type=1400 audit(1222991578.922:1311): avc: denied { search } for pid=17937 comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_ubject_r:system_dbusd_var_lib_t: s0 tclass=dir


Thanks,

Antonio




--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 10-03-2008, 01:11 PM
Daniel J Walsh
 
Default npviever on rawhide: denied avcs

Antonio Olivares wrote:
>
>
> --- On Thu, 10/2/08, Antonio Olivares <olivares14031@yahoo.com> wrote:
>
>> From: Antonio Olivares <olivares14031@yahoo.com>
>> Subject: npviever on rawhide: denied avcs
>> To: fedora-selinux-list@redhat.com
>> Cc: fedora-test-list@redhat.com
>> Date: Thursday, October 2, 2008, 5:21 PM
>> Dear all,
>>
>> Doing a dmesg I see some denied avcs for npviewer
>>
>> I will attach the file, I have not seen setroubleshoot
>> kick in to warn me about these avcs. Has anyone else seen
>> these?
>>
>> Thanks,
>>
>> Antonio
>>
>>
>> --
>> fedora-test-list mailing list
>> fedora-test-list@redhat.com
>> To unsubscribe:
>> https://www.redhat.com/mailman/listinfo/fedora-test-list
>
> Messages were not attached, file too big
>
> Here's preview
>
> type=1400 audit(1222991578.902:1308): avc: denied { search } for pid=17937 comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_ubject_r:system_dbusd_var_lib_t: s0 tclass=dir
> type=1400 audit(1222991578.902:1309): avc: denied { create } for pid=17937 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
> type=1400 audit(1222991578.903:1310): avc: denied { create } for pid=17937 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
> type=1400 audit(1222991578.922:1311): avc: denied { search } for pid=17937 comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_ubject_r:system_dbusd_var_lib_t: s0 tclass=dir
>
>
> Thanks,
>
> Antonio
>
>
>
>
Looks like npviewer is becoming dbus aware. I will allow it to connect
to the dbus server, but I am not sure what service it is trying to
communicate with.

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 10-04-2008, 04:55 PM
drago01
 
Default npviever on rawhide: denied avcs

On Fri, Oct 3, 2008 at 3:11 PM, Daniel J Walsh <dwalsh@redhat.com> wrote:
> Antonio Olivares wrote:
>>
>>
>> --- On Thu, 10/2/08, Antonio Olivares <olivares14031@yahoo.com> wrote:
>>
>>> From: Antonio Olivares <olivares14031@yahoo.com>
>>> Subject: npviever on rawhide: denied avcs
>>> To: fedora-selinux-list@redhat.com
>>> Cc: fedora-test-list@redhat.com
>>> Date: Thursday, October 2, 2008, 5:21 PM
>>> Dear all,
>>>
>>> Doing a dmesg I see some denied avcs for npviewer
>>>
>>> I will attach the file, I have not seen setroubleshoot
>>> kick in to warn me about these avcs. Has anyone else seen
>>> these?
>>>
>>> Thanks,
>>>
>>> Antonio
>>>
>>>
>>> --
>>> fedora-test-list mailing list
>>> fedora-test-list@redhat.com
>>> To unsubscribe:
>>> https://www.redhat.com/mailman/listinfo/fedora-test-list
>>
>> Messages were not attached, file too big
>>
>> Here's preview
>>
>> type=1400 audit(1222991578.902:1308): avc: denied { search } for pid=17937 comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_ubject_r:system_dbusd_var_lib_t: s0 tclass=dir
>> type=1400 audit(1222991578.902:1309): avc: denied { create } for pid=17937 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
>> type=1400 audit(1222991578.903:1310): avc: denied { create } for pid=17937 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
>> type=1400 audit(1222991578.922:1311): avc: denied { search } for pid=17937 comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_ubject_r:system_dbusd_var_lib_t: s0 tclass=dir
>>
>>
>> Thanks,
>>
>> Antonio
>>
>>
>>
>>
> Looks like npviewer is becoming dbus aware. I will allow it to connect
> to the dbus server, but I am not sure what service it is trying to
> communicate with.

the packagekit plugin tryes to connect to daemon?

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 08:32 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org