[SOLVED] "SELinux Has detected suspicious behaviour on your system " RHEL 6
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
"SELinux Has detected suspicious behaviour on your system " RHEL 6
Hi,
I have been using Red Hat enterprise Linux for while to practise for RHCE & RHCSA. Lately i installed Virtualization on my PC (RHEL 6) and i have been getting a lot of SELinux Alert/warning.
Following is the summary of the latest alerts i got:
Since the logs are a little big, am attaching them.
Following is the summary of the latest alerts i got
With respect to the first two logs (GDM-related): don't use the system as root but as unprivileged user.
With respect to the last two logs: what have you been doing to cause this?
Was the system properly labeled?
Have you introduced source-based software or software from non-RHEL repos?
With respect to the first two logs (GDM-related): don't use the system as root but as unprivileged user.
With respect to the last two logs: what have you been doing to cause this?
Was the system properly labeled?
Have you introduced source-based software or software from non-RHEL repos?
My add/remove program was not working. So I downloaded some rpms related to qemu from rpm site. Am not sure if libvirt was also a part of it.
When I start virtual-manager the libvirtd daemon is not able to start. I have tried to start it still it showing not running.
installing random rpm's from some random site is the FASTEST !! way to kill a redhat install
-- the FASTEST WAY
some are NOT compatible with others
rpmfusion is NOT compatible with the base install
and rpmforge can not be mixed with elrepo
RedHat is really not free
you DO have to buy the required support contract
or do not use redhat !!!
install the free rebuild CentOS 6.4 or ScientificLinux 6.4
without that REQUIRED support contract you really do not install anything
so just HOW did you install these files from some unknown website ?
did you use yum and a "local install" or use "rpm" or from the gnome GUI double click on the rpm file ?
and what was the site and what were the files ?
I downloaded from http://rpm.pbone.net/ but only some dependencies which i didnt found in Centos.... but later when my system crashed due to some reason and i rebooted after some troubleshooting when i restored my system, i found that some packages were not there. so again i used Centos Repo to install packages like qemu-img quemu-kvm esound-libs SDL SDL-devel. I don't have a RHN subscription since i am using it for personal training purpose. Only when CentOS repo doesn't work i install rpms from external source.
About the logs: mostly all logs are related to virsh GDM and Network manager. is it that the original files like devices have been modified by these virtual machine files?
then BUY the operating system that this test is FOR !!!
it is a "no-brainer" it's like buying the needed text books for a class
I think i will just carry on. since i cant afford the subscription better is that i will practise with what i have. just that i want to do redhat certification i downloaded the trial RHEL 6. otherwise i have other distributions. I that time didn't know CentOS was the same other wise i would have downloaded that. All Non_linux users use microsoft windows buy most of them use pirated and those who do windows server certifications don't buy license. It doesnt make sense. Linux is open source and thats why i like it because i can try it.
I was hoping that i could get some help on my issue but you directed me to the Red Hat support team. I mean i could have done that before. But rather i posted it here, expecting for some help.
The only this i did wrong that i related it to RHEL and thats why no one even bothered to solve it. i am not disappointed but from such a big forum i expected at least some help.
install CentOS 6.4
that will solve most of the problems
mixing a unregistered RHEL6 ( WITHOUT access to RHN ) with some cent repos and things from pbone will cause all kinds of unsolvable problems , or at lease very hard to solve ones
buying the support contract and installing from RHN will solve most things
install CentOS 6.4
that will solve most of the problems
mixing a unregistered RHEL6 ( WITHOUT access to RHN ) with some cent repos and things from pbone will cause all kinds of unsolvable problems , or at lease very hard to solve ones
buying the support contract and installing from RHN will solve most things
or
use CentOS
So I did what was suggested here and send an email to Selinux maillist support and they have replied. I am analyzing it and think the problem will be solved.
So I did what was suggested here and send an email to Selinux maillist support and they have replied. I am analyzing it and think the problem will be solved.
Marking thread NOT solved as you haven't shared how this was actually fixed. Please do. The concept is called reciprocity.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.