selinux AVC errors despite making a rule :(

All of lore.kernel.org
 help / color / mirror / Atom feed

* selinux AVC errors despite making a rule :(
@ 2007-07-01  4:35 David Cottle
  2007-07-01  5:31 ` Joshua Brindle
  0 siblings, 1 reply; 2+ messages in thread
From: David Cottle @ 2007-07-01  4:35 UTC (permalink / raw)
  To: selinux

[-- Attachment #1: Type: text/plain, Size: 666 bytes --]

Okay I got a server running FC6 and Plesk 8.1.1 running websites.

I do a :
grep avc /var/log/messages
to see any policies need tweaking.

I get:
Jun 28 23:29:18 server kernel: audit(1183073358.302:2368: avc: denied {
link } for pid=8544 comm="in.proftpd"
scontext=system_u:system_r:ftpd_t:s0
tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=key

every single minute. Now I started a webcam that FTPs into the server
every minute. So I thought no biggy, its in.proftpd, lets make a policy:

grep proftpd /var/log/messages | audit2allow -M proftpd
selinux -i proftpd.pp

okay but i STILL get these errors every minute...

Can someone please help me?

Thanks!

[-- Attachment #2: webmaster.vcf --]
[-- Type: text/x-vcard, Size: 120 bytes --]

begin:vcard
fn:David Cottle
n:Cottle;David
email;internet:webmaster@aus-city.com
title:Webmaster
version:2.1
end:vcard


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: selinux AVC errors despite making a rule :(
  2007-07-01  4:35 selinux AVC errors despite making a rule :( David Cottle
@ 2007-07-01  5:31 ` Joshua Brindle
  0 siblings, 0 replies; 2+ messages in thread
From: Joshua Brindle @ 2007-07-01  5:31 UTC (permalink / raw)
  To: David Cottle; +Cc: selinux

David Cottle wrote:
> Okay I got a server running FC6 and Plesk 8.1.1 running websites.
>
> I do a :
> grep avc /var/log/messages
> to see any policies need tweaking.
>
> I get:
> Jun 28 23:29:18 server kernel: audit(1183073358.302:2368: avc: denied {
> link } for pid=8544 comm="in.proftpd"
> scontext=system_u:system_r:ftpd_t:s0
> tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=key
>
> every single minute. Now I started a webcam that FTPs into the server
> every minute. So I thought no biggy, its in.proftpd, lets make a policy:
>
> grep proftpd /var/log/messages | audit2allow -M proftpd
> selinux -i proftpd.pp
>
> okay but i STILL get these errors every minute...
>
> Can someone please help me?
>   

Run audit2why on the denial and see where the denial is coming from, I 
suspect it is because of the MLS constraints in which case you need to 
figure out why they are in different levels or make ftpd_t a trusted mls 
subject.



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2007-07-01  5:33 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-01  4:35 selinux AVC errors despite making a rule :( David Cottle
2007-07-01  5:31 ` Joshua Brindle

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.