Dominick Grift wrote:
On 03/04/2010 06:47 PM, Temlakos wrote:
> Well, before I use audit2allow, I'll first want to know how to turn that
> off. Anyway, here's the output, after I un-hid the alerts:
>
>
I do not see any AVC denials that i think are related.
Does the app work in permissive mode. If it does, than that confirmes
that this is a issue of SELinux
If the app does not work in permissive mode, than this suggests that
this issue is not related to SELinux.
If it is related to SELinux:
1. semodule -DB to unload hidden denials.
2. Run the app to reproduce the issue.
3. see /var/log/audit/audit.log for clues.
(The AVC denials that you have enclosed, to me do not show anything that
i think are related)
Well, they must be related--because when I put SELinux into Permissive
mode for the current session, the installation went through. Now I have
it back on Enforcing mode, and TweetDeck still runs exactly as it
should. So the installation created an issue, but the application, once
installed, creates none.
Anyway--in case I have to use that installer again, as I think I might,
I'd like to have somebody go over those alerts--because they /have/ to
be related, somehow. Here they are again:
[root@temlakosbeta temlakos]# semodule -DB
[root@temlakosbeta temlakos]# ausearch -m avc -ts today
----
time->Thu Mar 4 12:39:11 2010
type=SYSCALL msg=audit(1267724351.038:22518): arch=40000003 syscall=5
success=no exit=-13 a0=1387d20 a1=98800 a2=c93ff4 a3=1387d20 items=0
ppid=1 pid=1545 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="dbus-daemon"
exe="/bin/dbus-daemon"
subj=system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1267724351.038:22518): avc: denied { search }
for pid=1545 comm="dbus-daemon" name="root" dev=dm-0 ino=106497
scontext=system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
----
time->Thu Mar 4 12:39:11 2010
type=SYSCALL msg=audit(1267724351.050:22520): arch=40000003 syscall=11
success=yes exit=0 a0=12c2778 a1=746ae28 a2=0 a3=0 items=0 ppid=5873
pid=5879 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts1 ses=1 comm="setfiles" exe="/sbin/setfiles"
subj=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1267724351.050:22520): avc: denied { noatsecure }
for pid=5879 comm="setfiles"
scontext=unconfined_u:unconfined_r:semanage_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023
tclass=process
type=AVC msg=audit(1267724351.050:22520): avc: denied { siginh }
for pid=5879 comm="setfiles"
scontext=unconfined_u:unconfined_r:semanage_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023
tclass=process
type=AVC msg=audit(1267724351.050:22520): avc: denied { rlimitinh }
for pid=5879 comm="setfiles"
scontext=unconfined_u:unconfined_r:semanage_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:setfiles_t:s0-s0:c0.c1023
tclass=process
----
time->Thu Mar 4 12:39:11 2010
type=SYSCALL msg=audit(1267724351.052:22521): arch=40000003 syscall=11
success=yes exit=0 a0=9f05c30 a1=9f055a8 a2=9f05008 a3=9f081e8 items=0
ppid=5877 pid=5878 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd"
exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1267724351.052:22521): avc: denied { noatsecure }
for pid=5878 comm="setroubleshootd"
scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
tcontext=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 tclass=process
type=AVC msg=audit(1267724351.052:22521): avc: denied { siginh }
for pid=5878 comm="setroubleshootd"
scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
tcontext=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 tclass=process
type=AVC msg=audit(1267724351.052:22521): avc: denied { rlimitinh }
for pid=5878 comm="setroubleshootd"
scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
tcontext=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 tclass=process
----
time->Thu Mar 4 12:39:11 2010
type=SYSCALL msg=audit(1267724351.227:22522): arch=40000003 syscall=33
success=no exit=-13 a0=9868e90 a1=2 a2=60f900 a3=9809c00 items=0
ppid=5877 pid=5878 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd"
exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1267724351.227:22522): avc: denied { write } for
pid=5878 comm="setroubleshootd" name="rpm" dev=dm-0 ino=32769
scontext=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=dir
----
time->Thu Mar 4 12:39:11 2010
type=SYSCALL msg=audit(1267724351.229:22523): arch=40000003 syscall=33
success=no exit=-13 a0=9898478 a1=2 a2=60f900 a3=9854390 items=0
ppid=5877 pid=5878 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="setroubleshootd"
exe="/usr/bin/python"
subj=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1267724351.229:22523): avc: denied { write } for
pid=5878 comm="setroubleshootd" name="rpm" dev=dm-0 ino=32769
scontext=system_u:system_r:setroubleshootd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=dir
[root@temlakosbeta temlakos]#
Temlakos