This is a public forum for the NSA Security-Enhanced Linux project. This is not intended to replace NSA's work or official website but rather to allow broader participation in extending and adapt... More
Project Details
[edit]system administrator : DEVELOPMENT STATUS : beta
LICENSE : gnu general public license (gpl)
OPERATING SYSTEM : bsd
Linux2 : posix : unix :
Project Resources
[edit]Attribution :
Users
Recent selinux activity
Upgrading Your Linux Box? Read Up on SELinux, and Improve Security
I just spent several days helping to upgrade an organization's servers from Red Hat Enterprise 3 to the latest version, Red Hat Enterprise 5.2. One of the most important, and impressive, issues we dealt with during this upgrade was SELinux, or "security-enhanced" Linux. SELinux offers a great deal of functionality, and helps to protect Linux boxes from a variety of threats. It forces system administrators to learn a new vocabulary, as well as permissions, logfiles, and programs with which they were previously unfamiliar. Fortunately, there are many good tutorials for SELinux on the Web.
SELinux Denial when Connecting to Internet From HSDPA modem in Fedora 10
Does anybody gets this SELinux Denial alert when connecting to Internet from HSDPA modem? (Huawei e160)
Summary:
SELinux is preventing NetworkManager (NetworkManager_t) "getattr" to /dev/ppp
(ppp_device_t).
Detailed Description:
SELinux denied access requested by NetworkManager. It is not expected that this
access is required by NetworkManager and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
Allowing Access:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /dev/ppp,
restorecon -v '/dev/ppp'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:object_r:ppp_device_t:s0
Target Objects /dev/ppp [ chr_file ]
Source NetworkManager
Source Path /usr/sbin/NetworkManager
Port
Host localhost.localdomain
Source RPM Packages NetworkManager-0.7.0.99-5.git20090326.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-18.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Permissive
Plugin Name catchall_file
Host Name localhost.localdomain
Platform Linux localhost.localdomain 2.6.27.5-117.fc10.i686
#1 SMP Tue Nov 18 12:19:59 EST 2008 i686 i686
Alert Count 184
First Seen Tue 01 Jan 2002 07:15:15 AM LKT
Last Seen Mon 27 Apr 2009 11:28:07 PM IST
Local ID f061b0b9-e8d7-4461-bdb5-d0a11d57954e
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1240855087.220:90): avc: denied { getattr } for pid=2042 comm="NetworkManager" path="/dev/ppp" dev=tmpfs ino=2241 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:ppp_device_t:s0 tclass=chr_file
node=localhost.localdomain type=SYSCALL msg=audit(1240855087.220:90): arch=40000003 syscall=195 success=yes exit=0 a0=80ab45a a1=bfe11714 a2=c2cff4 a3=8080820 items=0 ppid=1 pid=2042 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="NetworkManager" exe="/usr/sbin/NetworkManager" subj=system_u:system_r:NetworkManager_t:s0 key=(null)
I use fedora 10 and my modem is Huawei e160
any suggestions or pointers to fix this thing?
Sometimes this cause to automatic disconnection and very annoying. I have got 181 errors of this sort. (Each time i Connect)
Do you think this is a bug. SELinux suggest to disable its protection to fix this but i think its not a good idea.
