LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-21-2007, 08:50 AM   #1
dansawyer
Member
 
Registered: Mar 2005
Posts: 122

Rep: Reputation: 15
app causing selinux audit message


The system is fc6 with all upgrades installed. The app os wine running CIAtpw.exe which produces the selinux audit below. How can selinux be upgraded to allow this? The goal is to turn selinux to enforcing.

audit(1169388916.535:19): avc: denied { execmod } for pid=23794 comm="CIAtpw.exe" name="ole32.dll" dev=hda5 ino=6652862 scontext=user_u:system_r:unconfined_t:s0 tcontext=user_ubject_r:mnt_t:s0 tclass=file

Thanks - Dan
 
Old 01-21-2007, 11:44 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,990
Blog Entries: 54

Rep: Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743
There's a few choices to make: you can relabel the filesystem, run fixfiles or audit2allow. Relabelling the filesystem (touch /relabel; reboot) is the most safe but may not work if for instance the mounted partition is not SELinux-capable or mounted(?), running "fixfiles" is kind of destructive (removes files in /tmp and can skew stuff because you run it on a Live host AFAIK) and for audit2allow you need to install the selinux-policy-$POLICYTYPE-sources, run "cat /var/log/messages | audit2allow > /etc/selinux/$POLICYTYPE/src/policy/domains/misc/custom.te then "make -C /etc/selinux/$POLICYTYPE/src/policy load".
More details at http://fedora.redhat.com/docs/selinux-faq/.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Set SELinux to audit everithing? geburah Linux - Security 5 08-06-2008 05:56 AM
Error message when trying to install app mrkawphy Fedora 11 01-11-2007 09:23 AM
audit cupsd denied message spooon Fedora 3 07-15-2006 09:25 PM
copy constructor causing confusing error message. (gcc c++) qwijibow Programming 6 09-21-2005 08:34 PM
Message Pop Up App netkepala Linux - Software 8 04-11-2004 08:38 AM


All times are GMT -5. The time now is 08:55 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration