"SELinux Has detected suspicious behaviour on your system " RHEL 6
3 Attachment(s)
Hi,
I have been using Red Hat enterprise Linux for while to practise for RHCE & RHCSA. Lately i installed Virtualization on my PC (RHEL 6) and i have been getting a lot of SELinux Alert/warning. Following is the summary of the latest alerts i got: Since the logs are a little big, am attaching them. Please let me know if it is a real concern. Thanks. |
Few more Attachments
3 Attachment(s)
Hi Again,
More Alerts in addition to earlier. |
have you installed "SELinuxTroubleShooter"
and what is it's output 95% of the time it's suggestion is the correct solution Code:
su - |
thanks for the suggestion
Quote:
|
Quote:
With respect to the last two logs: what have you been doing to cause this? Was the system properly labeled? Have you introduced source-based software or software from non-RHEL repos? |
Quote:
When I start virtual-manager the libvirtd daemon is not able to start. I have tried to start it still it showing not running. Will post few more updates in some time. Thanks in advance for all suggestions.:-) |
installing random rpm's from some random site is the FASTEST !! way to kill a redhat install
-- the FASTEST WAY some are NOT compatible with others rpmfusion is NOT compatible with the base install and rpmforge can not be mixed with elrepo RedHat is really not free you DO have to buy the required support contract or do not use redhat !!! install the free rebuild CentOS 6.4 or ScientificLinux 6.4 Quote:
Quote:
did you use yum and a "local install" or use "rpm" or from the gnome GUI double click on the rpm file ? and what was the site and what were the files ? |
Quote:
About the logs: mostly all logs are related to virsh GDM and Network manager. is it that the original files like devices have been modified by these virtual machine files? Thanks. |
so you are trying to use the cent repos and the web to bypass the FACT that you ARE NOT going to pay for the REQUIRED support contract !!!!
buy the required license from redhat !!!!!!!!!! https://www.redhat.com/wapps/store/catalog.html the single desktop price is at the bottom of the page or https://www.redhat.com/apps/store/desktop/ the 1 year standard support contract is $299 / year or install CentOS 6.4 and seeing AS you ARE studying for RHCE & RHCSA then BUY the operating system that this test is FOR !!! it is a "no-brainer" it's like buying the needed text books for a class |
Quote:
I was hoping that i could get some help on my issue but you directed me to the Red Hat support team. I mean i could have done that before. But rather i posted it here, expecting for some help. The only this i did wrong that i related it to RHEL and thats why no one even bothered to solve it. i am not disappointed but from such a big forum i expected at least some help. Thanks. |
install CentOS 6.4
that will solve most of the problems mixing a unregistered RHEL6 ( WITHOUT access to RHN ) with some cent repos and things from pbone will cause all kinds of unsolvable problems , or at lease very hard to solve ones buying the support contract and installing from RHN will solve most things or use CentOS |
finally problem is solved
Quote:
Thanks all :-) |
Hope this mailing list will be helpful for someone with selinux issues in future.
selinux@lists.fedoraproject.org Cheers. |
Quote:
|
Here is reply i got from Redhat SELinux mailing list
Your AVCs show the following in Fedora.
audit2allow -i /tmp/SELinux\ Alerts.txt #============= NetworkManager_t ============== #!!!! This avc has a dontaudit rule in the current policy allow NetworkManager_t self:capability sys_module; #============= dnsmasq_t ============== #!!!! This avc is allowed in the current policy allow dnsmasq_t virt_var_run_t:dir write; #============= xdm_t ============== #!!!! This avc is allowed in the current policy allow xdm_t admin_home_t:dir { write read }; #============= xm_t ============== #!!!! This avc is allowed in the current policy allow xm_t random_device_t:chr_file read; You can get a preview release of the RHEL6.5 selinux-policy package at people.redhat.com/dwalsh/SELinux/RHEL6/noarch |
All times are GMT -5. The time now is 08:37 PM. |