FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 12-05-2011, 03:39 PM
Paul Howarth
 
Default F16/proftpd/systemd

I have these AVCs when logging in to proftpd on F16 using PAM/sssd with
an LDAP backend:

type=AVC msg=audit(1323102469.514:6174): avc: denied { search } for
pid=30199 comm="systemd-logind" name="3503" dev=proc ino=80549480
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=dir

type=AVC msg=audit(1323102469.514:6174): avc: denied { read } for
pid=30199 comm="systemd-logind" name="sessionid" dev=proc ino=80550003
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file

type=AVC msg=audit(1323102469.514:6174): avc: denied { open } for
pid=30199 comm="systemd-logind" name="sessionid" dev=proc ino=80550003
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file

type=SYSCALL msg=audit(1323102469.514:6174): arch=c000003e syscall=2
success=yes exit=11 a0=15d3f00 a1=80000 a2=1b6 a3=39 items=0 ppid=1
pid=30199 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind"
exe=2F6C69622F73797374656D642F73797374656D642D6C6F 67696E64202864656C6574656429
subj=system_u:system_r:systemd_logind_t:s0 key=(null)

type=AVC msg=audit(1323102469.515:6175): avc: denied { getattr } for
pid=30199 comm="systemd-logind" path="/proc/3503/sessionid" dev=proc
ino=80550003 scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file

type=SYSCALL msg=audit(1323102469.515:6175): arch=c000003e syscall=5
success=yes exit=0 a0=b a1=7fffe3b39190 a2=7fffe3b39190 a3=39 items=0
ppid=1 pid=30199 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind"
exe=2F6C69622F73797374656D642F73797374656D642D6C6F 67696E64202864656C6574656429
subj=system_u:system_r:systemd_logind_t:s0 key=(null)

type=AVC msg=audit(1323102564.051:6184): avc: denied { search } for
pid=30199 comm="systemd-logind" name="3630" dev=proc ino=80551904
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=dir

type=AVC msg=audit(1323102564.051:6184): avc: denied { read } for
pid=30199 comm="systemd-logind" name="sessionid" dev=proc ino=80551906
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file

type=AVC msg=audit(1323102564.051:6184): avc: denied { open } for
pid=30199 comm="systemd-logind" name="sessionid" dev=proc ino=80551906
scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file

type=SYSCALL msg=audit(1323102564.051:6184): arch=c000003e syscall=2
success=yes exit=11 a0=15d3fd0 a1=80000 a2=1b6 a3=39 items=0 ppid=1
pid=30199 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind"
exe=2F6C69622F73797374656D642F73797374656D642D6C6F 67696E64202864656C6574656429
subj=system_u:system_r:systemd_logind_t:s0 key=(null)

type=AVC msg=audit(1323102564.051:6185): avc: denied { getattr } for
pid=30199 comm="systemd-logind" path="/proc/3630/sessionid" dev=proc
ino=80551906 scontext=system_u:system_r:systemd_logind_t:s0
tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file

type=SYSCALL msg=audit(1323102564.051:6185): arch=c000003e syscall=5
success=yes exit=0 a0=b a1=7fffe3b39190 a2=7fffe3b39190 a3=39 items=0
ppid=1 pid=30199 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-logind"
exe=2F6C69622F73797374656D642F73797374656D642D6C6F 67696E64202864656C6574656429
subj=system_u:system_r:systemd_logind_t:s0 key=(null)

audit2allow -R suggests:

ftp_systemctl(systemd_logind_t)

Does that look reasonable? I looked at the interface in git but the
comment text appears to have been copy-and-pasted from another interface
without being edited.

Paul.

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 12-05-2011, 05:49 PM
Daniel J Walsh
 
Default F16/proftpd/systemd

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/05/2011 11:39 AM, Paul Howarth wrote:
> I have these AVCs when logging in to proftpd on F16 using PAM/sssd
> with an LDAP backend:
>
> type=AVC msg=audit(1323102469.514:6174): avc: denied { search }
> for pid=30199 comm="systemd-logind" name="3503" dev=proc
> ino=80549480 scontext=system_u:system_r:systemd_logind_t:s0
> tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=dir
>
> type=AVC msg=audit(1323102469.514:6174): avc: denied { read } for
> pid=30199 comm="systemd-logind" name="sessionid" dev=proc
> ino=80550003 scontext=system_u:system_r:systemd_logind_t:s0
> tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file
>
> type=AVC msg=audit(1323102469.514:6174): avc: denied { open } for
> pid=30199 comm="systemd-logind" name="sessionid" dev=proc
> ino=80550003 scontext=system_u:system_r:systemd_logind_t:s0
> tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file
>
> type=SYSCALL msg=audit(1323102469.514:6174): arch=c000003e
> syscall=2 success=yes exit=11 a0=15d3f00 a1=80000 a2=1b6 a3=39
> items=0 ppid=1 pid=30199 auid=4294967295 uid=0 gid=0 euid=0 suid=0
> fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
> comm="systemd-logind"
> exe=2F6C69622F73797374656D642F73797374656D642D6C6F 67696E64202864656C6574656429
> subj=system_u:system_r:systemd_logind_t:s0 key=(null)
>
> type=AVC msg=audit(1323102469.515:6175): avc: denied { getattr }
> for pid=30199 comm="systemd-logind" path="/proc/3503/sessionid"
> dev=proc ino=80550003
> scontext=system_u:system_r:systemd_logind_t:s0
> tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file
>
> type=SYSCALL msg=audit(1323102469.515:6175): arch=c000003e
> syscall=5 success=yes exit=0 a0=b a1=7fffe3b39190 a2=7fffe3b39190
> a3=39 items=0 ppid=1 pid=30199 auid=4294967295 uid=0 gid=0 euid=0
> suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
> comm="systemd-logind"
> exe=2F6C69622F73797374656D642F73797374656D642D6C6F 67696E64202864656C6574656429
> subj=system_u:system_r:systemd_logind_t:s0 key=(null)
>
> type=AVC msg=audit(1323102564.051:6184): avc: denied { search }
> for pid=30199 comm="systemd-logind" name="3630" dev=proc
> ino=80551904 scontext=system_u:system_r:systemd_logind_t:s0
> tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=dir
>
> type=AVC msg=audit(1323102564.051:6184): avc: denied { read } for
> pid=30199 comm="systemd-logind" name="sessionid" dev=proc
> ino=80551906 scontext=system_u:system_r:systemd_logind_t:s0
> tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file
>
> type=AVC msg=audit(1323102564.051:6184): avc: denied { open } for
> pid=30199 comm="systemd-logind" name="sessionid" dev=proc
> ino=80551906 scontext=system_u:system_r:systemd_logind_t:s0
> tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file
>
> type=SYSCALL msg=audit(1323102564.051:6184): arch=c000003e
> syscall=2 success=yes exit=11 a0=15d3fd0 a1=80000 a2=1b6 a3=39
> items=0 ppid=1 pid=30199 auid=4294967295 uid=0 gid=0 euid=0 suid=0
> fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
> comm="systemd-logind"
> exe=2F6C69622F73797374656D642F73797374656D642D6C6F 67696E64202864656C6574656429
> subj=system_u:system_r:systemd_logind_t:s0 key=(null)
>
> type=AVC msg=audit(1323102564.051:6185): avc: denied { getattr }
> for pid=30199 comm="systemd-logind" path="/proc/3630/sessionid"
> dev=proc ino=80551906
> scontext=system_u:system_r:systemd_logind_t:s0
> tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=file
>
> type=SYSCALL msg=audit(1323102564.051:6185): arch=c000003e
> syscall=5 success=yes exit=0 a0=b a1=7fffe3b39190 a2=7fffe3b39190
> a3=39 items=0 ppid=1 pid=30199 auid=4294967295 uid=0 gid=0 euid=0
> suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
> comm="systemd-logind"
> exe=2F6C69622F73797374656D642F73797374656D642D6C6F 67696E64202864656C6574656429
> subj=system_u:system_r:systemd_logind_t:s0 key=(null)
>
> audit2allow -R suggests:
>
> ftp_systemctl(systemd_logind_t)
>
> Does that look reasonable? I looked at the interface in git but the
> comment text appears to have been copy-and-pasted from another
> interface without being edited.
>
> Paul.
>
> -- selinux mailing list selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux

Miroslav can you back port
0ad72f11974dda91b1c7e83d9e2d9ce757f1a1a2

into F16.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7dEksACgkQrlYvE4MpobNMSgCfQgClfAl6gQ 4hN8hx5s9d1lVX
4oEAoKeAulan3OwhTf+5j6YhDYWcpjcM
=I7PQ
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 01:45 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org