[CentOS] Trying to understand SELinux MSG

[Robert Spangler]

Hello,

I received the below SELinux message today and I am trying to figure out what 
caused it.  I see what it says under Allow Access but I am not sure this is 
what I really want to do without know why it happened in the first place.

What should I be looking at to understand what or why this has happened?

Any help I would be most grateful for.



Here is the output form SELinux


SUMMARY:
SELinux is preventing access to files with the label, file_t.

Detailed Description:
SELinux permission checks on files labeled file_t are being denied. file_t is 
the context the SELinux kernel gives to files that do not have a label. This 
indicates a serious labeling problem. No files on an SELinux box should ever 
be labeled file_t. If you have just added a new disk drive to the system you 
can relabel it using the restorecon command. Otherwise you should relabel the 
entire files system. 

Allowing Access:
You can execute the following command as root to relabel your computer 
system: "touch /.autorelabel; reboot" 

Additional Information:
Source Context:         user_u:system_r:pam_console_t
Target Context:         system_u:object_r:file_t
Target Objects:         / [ dir ]
Source:                 pam_console_appSource 
Path:                   /sbin/pam_console_apply
Port:                   <Unknown>
Host:                   host1.mycompany.com
Source RPM Packages:    pam-0.99.6.2-6.el5_5.2
Target RPM Packages:    filesystem-2.4.0-3.el5.centos
Policy RPM:             selinux-policy-2.4.6-316.el5
Selinux Enabled:        True
Policy Type:            targeted
MLS Enabled:            True
Enforcing Mode:         Enforcing
Plugin Name:            file
Host Name:              host1.mycompany.com
Platform:               Linux host1.mycompany.com 2.6.18-238.19.1.el5 #1 SMP 
Fri Jul 15 
07:31:24 EDT 2011 x86_64 x86_64
Alert Count:            77
First Seen:             Thu 08 Sep 2011 02:04:40 PM EDT
Last Seen:              Thu 08 Sep 2011 02:04:45 PM EDT
Local ID:               39ba9c3c-5ac0-4b91-aab1-8d871c20162c
Line Numbers:  

Raw Audit Messages :
host=host1.mycompany.com type=AVC msg=audit(1315505085.751:14929): avc: denied 
{ read } for pid=690 comm="pam_console_app" name="/" dev=md4 ino=2 
scontext=user_u:system_r:pam_console_t:s0 
tcontext=system_u:object_r:file_t:s0 tclass=dir 

host=host1.mycompany.com type=SYSCALL msg=audit(1315505085.751:14929): 
arch=c000003e syscall=2 success=no exit=-13 a0=7fff0f2076c0 a1=10800 a2=0 
a3=7fff0f209cca items=0 ppid=631 pid=690 auid=500 uid=0 gid=0 euid=0 suid=0 
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="pam_console_app" 
exe="/sbin/pam_console_apply" subj=user_u:system_r:pam_console_t:s0 
key=(null)
 


-- 

Regards
Robert

Linux
The adventure of a lifetime.

Linux User #296285
Get Counted
http://linuxcounter.net/
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos