FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 06-04-2010, 01:22 PM
Daniel J Walsh
 
Default SELinux is preventing /bin/cp "relabelfrom" access on /var/lib/dhclient/yp.conf.predhclient.br0

On 06/04/2010 08:31 AM, Paul Howarth wrote:
> Thought I'd seen the last of these some time ago but it just popped up
> when the DHCP lease was renewed:
>
> ==> /var/log/messages<==
> Jun 4 13:29:14 roary dhclient[1737]: DHCPREQUEST on br0 to 10.9.0.3 port 67
> Jun 4 13:29:14 roary dhclient[1737]: DHCPACK from 10.9.0.3
>
> ==> /var/log/audit/audit.log<==
> type=AVC msg=audit(1275654554.163:46136): avc: denied { relabelfrom }
> for pid=2222 comm="cp" name="yp.conf.predhclient.br0" dev=dm-14
> ino=128194 scontext=system_u:system_r:dhcpc_t:s0
> tcontext=system_ubject_r:dhcpc_state_t:s0 tclass=file
> type=SYSCALL msg=audit(1275654554.163:46136): arch=c000003e syscall=190
> success=yes exit=0 a0=4 a1=37ca815689 a2=21a28f0 a3=20 items=0 ppid=2205
> pid=2222 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
> fsgid=0 tty=(none) ses=4294967295 comm="cp" exe="/bin/cp"
> subj=system_u:system_r:dhcpc_t:s0 key=(null)
>
> ==> /var/log/messages<==
> Jun 4 13:29:14 roary dhclient[1737]: bound to 10.9.2.1 -- renewal in
> 126768 seconds.
> Jun 4 13:29:17 roary setroubleshoot: SELinux is preventing /bin/cp
> "relabelfrom" access on /var/lib/dhclient/yp.conf.predhclient.br0. For
> complete SELinux messages. run sealert -l
> 4f8e2517-aac3-4058-aed7-6081e112176b
>
> Paul.
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
Fedora 13?
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 06-04-2010, 02:36 PM
Paul Howarth
 
Default SELinux is preventing /bin/cp "relabelfrom" access on /var/lib/dhclient/yp.conf.predhclient.br0

On 04/06/10 14:22, Daniel J Walsh wrote:
> On 06/04/2010 08:31 AM, Paul Howarth wrote:
>> Thought I'd seen the last of these some time ago but it just popped up
>> when the DHCP lease was renewed:
>>
>> ==> /var/log/messages<==
>> Jun 4 13:29:14 roary dhclient[1737]: DHCPREQUEST on br0 to 10.9.0.3
>> port 67
>> Jun 4 13:29:14 roary dhclient[1737]: DHCPACK from 10.9.0.3
>>
>> ==> /var/log/audit/audit.log<==
>> type=AVC msg=audit(1275654554.163:46136): avc: denied { relabelfrom }
>> for pid=2222 comm="cp" name="yp.conf.predhclient.br0" dev=dm-14
>> ino=128194 scontext=system_u:system_r:dhcpc_t:s0
>> tcontext=system_ubject_r:dhcpc_state_t:s0 tclass=file
>> type=SYSCALL msg=audit(1275654554.163:46136): arch=c000003e syscall=190
>> success=yes exit=0 a0=4 a1=37ca815689 a2=21a28f0 a3=20 items=0 ppid=2205
>> pid=2222 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
>> fsgid=0 tty=(none) ses=4294967295 comm="cp" exe="/bin/cp"
>> subj=system_u:system_r:dhcpc_t:s0 key=(null)
>>
>> ==> /var/log/messages<==
>> Jun 4 13:29:14 roary dhclient[1737]: bound to 10.9.2.1 -- renewal in
>> 126768 seconds.
>> Jun 4 13:29:17 roary setroubleshoot: SELinux is preventing /bin/cp
>> "relabelfrom" access on /var/lib/dhclient/yp.conf.predhclient.br0. For
>> complete SELinux messages. run sealert -l
>> 4f8e2517-aac3-4058-aed7-6081e112176b
>>
>> Paul.
>> --
>> selinux mailing list
>> selinux@lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
>>
> Fedora 13?

Yes.

Paul.
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 10:27 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org