(rpm_exec_t). et ALL, vbulletin,jelsoft,forum,bbs,discussion,bulletin board" /> (rpm_exec_t). et ALL Fedora SELinux Support" /> SELinux is preventing gdm (xdm_t) "execute" to <Unknown> (rpm_exec_t). et ALL - Linux Archive
FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 11-27-2007, 12:21 AM
Antonio Olivares
 
Default SELinux is preventing gdm (xdm_t) "execute" to (rpm_exec_t). et ALL

Dear all,

I have been applying the updates and still
settroubleshoot pops up and gives the messages:


Summary
SELinux is preventing gdm (xdm_t) "execute" to
<Unknown> (rpm_exec_t).

Detailed Description
SELinux denied access requested by gdm. It is not
expected that this access
is required by gdm and this access may signal an
intrusion attempt. It is
also possible that the specific version or
configuration of the application
is causing it to require additional access.

Allowing Access
Sometimes labeling problems can cause SELinux
denials. You could try to
restore the default system file context for
<Unknown>, restorecon -v
<Unknown> If this does not work, there is
currently no automatic way to
allow this access. Instead, you can generate a
local policy module to allow
this access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385
Or you can disable SELinux protection altogether.
Disabling SELinux
protection is not recommended. Please file a
http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.

Additional Information

Source Context
system_u:system_r:xdm_t:SystemLow-SystemHigh
Target Context
system_ubject_r:rpm_exec_t
Target Objects None [ file ]
Affected RPM Packages
Policy RPM
selinux-policy-3.0.8-44.fc8
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall_file
Host Name localhost
Platform Linux localhost
2.6.24-0.42.rc3.git1.fc9 #1 SMP
Sat Nov 24 05:51:18 EST
2007 i686 athlon
Alert Count 9010
First Seen Sun 11 Nov 2007 09:11:06
AM CST
Last Seen Mon 26 Nov 2007 07:17:44
PM CST
Local ID
f3168196-46ac-4951-ab61-b3b218534bb2
Line Numbers

Raw Audit Messages

avc: denied { execute } for comm=gdm dev=dm-0 name=rpm
pid=22631
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tclass=file
tcontext=system_ubject_r:rpm_exec_t:s0

Summary
SELinux is preventing gdm (xdm_t) "getattr" to
/bin/rpm (rpm_exec_t).

Detailed Description
SELinux denied access requested by gdm. It is not
expected that this access
is required by gdm and this access may signal an
intrusion attempt. It is
also possible that the specific version or
configuration of the application
is causing it to require additional access.

Allowing Access
Sometimes labeling problems can cause SELinux
denials. You could try to
restore the default system file context for
/bin/rpm, restorecon -v /bin/rpm
If this does not work, there is currently no
automatic way to allow this
access. Instead, you can generate a local policy
module to allow this
access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385
Or you
can disable SELinux protection altogether.
Disabling SELinux protection is
not recommended. Please file a
http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.

Additional Information

Source Context
system_u:system_r:xdm_t:SystemLow-SystemHigh
Target Context
system_ubject_r:rpm_exec_t
Target Objects /bin/rpm [ file ]
Affected RPM Packages rpm-4.4.2.2-11.fc9
[target]
Policy RPM
selinux-policy-3.0.8-44.fc8
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall_file
Host Name localhost
Platform Linux localhost
2.6.24-0.42.rc3.git1.fc9 #1 SMP
Sat Nov 24 05:51:18 EST
2007 i686 athlon
Alert Count 4515
First Seen Sun 11 Nov 2007 09:11:06
AM CST
Last Seen Mon 26 Nov 2007 10:38:27
AM CST
Local ID
e1676a84-c6d0-45b8-97d7-c7cae2d755c1
Line Numbers

Raw Audit Messages

avc: denied { getattr } for comm=gdm dev=dm-0
path=/bin/rpm pid=3871
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tclass=file
tcontext=system_ubject_r:rpm_exec_t:s0

I have done what it recommends for me to do, however,
the warnings continue.

[root@localhost ~]# restorecon -v
/etc/selinux/targeted/contexts/files/file_contexts:
Multiple same specifications for /usr/bin/sbcl.
[root@localhost ~]# restorecon -v
/etc/selinux/targeted/contexts/files/file_contexts:
Multiple same specifications for /usr/bin/sbcl.
[root@localhost ~]# restorecon -v /bin/rpm
/etc/selinux/targeted/contexts/files/file_contexts:
Multiple same specifications for /usr/bin/sbcl.
[root@localhost ~]# restorecon -v /bin/rpm
/etc/selinux/targeted/contexts/files/file_contexts:
Multiple same specifications for /usr/bin/sbcl.
[root@localhost ~]#

[root@localhost ~]# yum list updates
Loading "skip-broken" plugin
Loading "refresh-updatesd" plugin
development 100%
|=========================| 2.1 kB 00:00
texlive 100%
|=========================| 951 B 00:00
[root@localhost ~]#

does not list any for selinux, selinux-policy's etc.

What should I do?

Regards,

Antonio



__________________________________________________ __________________________________
Be a better sports nut! Let your teams follow you
with Yahoo Mobile. Try it now. http://mobile.yahoo.com/sports;_ylt=At9_qDKvtAbMuh1G1SQtBI7ntAcJ

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 07:33 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org