SELinux is preventing /usr/sbin/dhclient from 'read, write' accesses on the file /run/mentohust.pid.


***** Plugin leaks (86.2 confidence) suggests ******************************


If you want to ignore dhclient trying to read write access the mentohust.pid file, because you believe it should not need this access.

Then you should report this as a bug.

You can generate a local policy module to dontaudit this access.

Do

# grep /usr/sbin/dhclient /var/log/audit/audit.log | audit2allow -D -M mypol

# semodule -i mypol.pp


***** Plugin catchall (14.7 confidence) suggests ***************************


If you believe that dhclient should be allowed read write access on the mentohust.pid file by default.

Then you should report this as a bug.

You can generate a local policy module to allow this access.

Do

allow this access for now by executing:

# grep dhclient /var/log/audit/audit.log | audit2allow -M mypol

# semodule -i mypol.pp


Additional Information:

Source Context unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023

Target Context unconfined_u:object_r:var_run_t:s0

Target Objects /run/mentohust.pid [ file ]

Source dhclient

Source Path /usr/sbin/dhclient

Port <Unknown>

Host liuhongru

Source RPM Packages dhclient-4.2.4-0.4.rc1.fc17.x86_64

Target RPM Packages

Policy RPM selinux-policy-3.10.0-121.fc17.noarch

Selinux Enabled True

Policy Type targeted

Enforcing Mode Enforcing

Host Name liuhongru

Platform Linux liuhongru 3.3.4-5.fc17.x86_64 #1 SMP Mon May

7 17:29:34 UTC 2012 x86_64 x86_64

Alert Count 9

First Seen Sat 01 Dec 2012 11:11:03 PM CST

Last Seen Sun 02 Dec 2012 03:40:25 PM CST

Local ID 2fc645e8-122f-450b-bc48-f71224129fb2


Raw Audit Messages

type=AVC msg=audit(1354434025.641:136): avc: denied { read write } for pid=4838 comm="dhclient" path="/run/mentohust.pid" dev="tmpfs" ino=22954 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file



type=SYSCALL msg=audit(1354434025.641:136): arch=x86_64 syscall=execve success=yes exit=0 a0=fb2920 a1=fb2c00 a2=fb1270 a3=10 items=0 ppid=4837 pid=4838 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts8 ses=1 comm=dhclient exe=/usr/sbin/dhclient subj=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 key=(null)


Hash: dhclient,dhcpc_t,var_run_t,file,read,write


audit2allowunable to open /sys/fs/selinux/policy: Permission denied



audit2allow -Runable to open /sys/fs/selinux/policy: Permission denied