dac_read_search says that linux permissions are denying access.
and it says the file is /etc/shadow, and no one except root is
supposed to be able to read that file.
So whatever is trying to read /etc/shadow should not be trying to read
it, and makes me wonder what is going on, and/or why some pr
On 1/6/22 11:53, George N. White III wrote:
On Thu, 6 Jan 2022 at 11:13, Robert Moskowitz wrote:
On 1/5/22 23:10, Samuel Sieb wrote:
> On 1/5/22 18:18, Robert Moskowitz wrote:
>> On 1/5/22 21:16, Ed Greshko wrote:
>>> On 06/01/2022 09:25, Robert Moskowitz wrote:
On Thu, 6 Jan 2022 at 11:13, Robert Moskowitz wrote:
>
>
> On 1/5/22 23:10, Samuel Sieb wrote:
> > On 1/5/22 18:18, Robert Moskowitz wrote:
> >> On 1/5/22 21:16, Ed Greshko wrote:
> >>> On 06/01/2022 09:25, Robert Moskowitz wrote:
>
>
> On 1/5/22 17:17, Ed Greshko wrote:
> > On
On 1/5/22 23:10, Samuel Sieb wrote:
On 1/5/22 18:18, Robert Moskowitz wrote:
On 1/5/22 21:16, Ed Greshko wrote:
On 06/01/2022 09:25, Robert Moskowitz wrote:
On 1/5/22 17:17, Ed Greshko wrote:
On 05/01/2022 21:02, Robert Moskowitz wrote:
If you want to help identify if domain needs this
On 1/5/22 18:18, Robert Moskowitz wrote:
On 1/5/22 21:16, Ed Greshko wrote:
On 06/01/2022 09:25, Robert Moskowitz wrote:
On 1/5/22 17:17, Ed Greshko wrote:
On 05/01/2022 21:02, Robert Moskowitz wrote:
If you want to help identify if domain needs this access or you
have a file with the wro
On 1/5/22 21:16, Ed Greshko wrote:
On 06/01/2022 09:25, Robert Moskowitz wrote:
On 1/5/22 17:17, Ed Greshko wrote:
On 05/01/2022 21:02, Robert Moskowitz wrote:
I keep getting these errors.
I got them back with F32 and Xfce, and now with F35 and Xfce.
I asked on the SElinux list, but no o
On 06/01/2022 09:25, Robert Moskowitz wrote:
On 1/5/22 17:17, Ed Greshko wrote:
On 05/01/2022 21:02, Robert Moskowitz wrote:
I keep getting these errors.
I got them back with F32 and Xfce, and now with F35 and Xfce.
I asked on the SElinux list, but no one seems to be home.
Here is the full
On 1/5/22 17:17, Ed Greshko wrote:
On 05/01/2022 21:02, Robert Moskowitz wrote:
I keep getting these errors.
I got them back with F32 and Xfce, and now with F35 and Xfce.
I asked on the SElinux list, but no one seems to be home.
Here is the full detail; it looks like it may be logwatch caus
On 05/01/2022 21:02, Robert Moskowitz wrote:
I keep getting these errors.
I got them back with F32 and Xfce, and now with F35 and Xfce.
I asked on the SElinux list, but no one seems to be home.
Here is the full detail; it looks like it may be logwatch causing the problem.
What do I do to fix
Looks like it wants you to fix your labels on /var/log
restorecon -R -v /var/log
On 10/22/2015 11:00 AM, Neal Becker wrote:
> Oct 22 10:59:22 nbecker2 setroubleshoot: Plugin Exception restorecon_source
> Oct 22 10:59:22 nbecker2 setroubleshoot: SELinux is preventing rsyslogd from
> getattr acce
On Jun 30, 2015 1:31 PM, "Daniel J Walsh" wrote:
>
>
>
> On 06/29/2015 01:45 PM, Andras Simon wrote:
> > [Sorry for the late answer, I was away from this machine.]
> >
> > 2015-06-28 1:01 GMT+02:00, Ed Greshko :
> >> On 06/27/15 21:15, Andras Simon wrote:
> >>> 2015-06-27 15:11 GMT+02:00, Andras S
On 06/30/2015 07:57 AM, Ed Greshko wrote:
> On 06/30/15 19:31, Daniel J Walsh wrote:
>> On 06/29/2015 01:45 PM, Andras Simon wrote:
>>> [Sorry for the late answer, I was away from this machine.]
>>>
>>> 2015-06-28 1:01 GMT+02:00, Ed Greshko :
On 06/27/15 21:15, Andras Simon wrote:
> 2015
On 06/30/15 19:31, Daniel J Walsh wrote:
>
> On 06/29/2015 01:45 PM, Andras Simon wrote:
>> [Sorry for the late answer, I was away from this machine.]
>>
>> 2015-06-28 1:01 GMT+02:00, Ed Greshko :
>>> On 06/27/15 21:15, Andras Simon wrote:
2015-06-27 15:11 GMT+02:00, Andras Simon :
> Shoul
On 06/29/2015 01:45 PM, Andras Simon wrote:
> [Sorry for the late answer, I was away from this machine.]
>
> 2015-06-28 1:01 GMT+02:00, Ed Greshko :
>> On 06/27/15 21:15, Andras Simon wrote:
>>> 2015-06-27 15:11 GMT+02:00, Andras Simon :
Should I be worried about the $subject?
>>> And there'
[Sorry for the late answer, I was away from this machine.]
2015-06-28 1:01 GMT+02:00, Ed Greshko :
> On 06/27/15 21:15, Andras Simon wrote:
>> 2015-06-27 15:11 GMT+02:00, Andras Simon :
>>> Should I be worried about the $subject?
>> And there's also a "SELinux is preventing sh from execute access
Hi Dan,
On Mon, Jun 29, 2015 at 06:09:29AM -0400, Daniel J Walsh wrote:
> On 06/28/2015 07:53 AM, Suvayu Ali wrote:
> >
> > time->Thu Jun 25 17:56:49 2015
I looked up dnf history for that time, the summary is attached.
> This is very strange. Doing ldconfig during a package update is
> expected
On 06/29/15 18:18, Daniel J Walsh wrote:
> Ok well I am stumped, one possible thing would be if firewalld somehow
> caused an rpm/yum/dnf transaction to happen.
Well, my ausearch -m avc gave me entries for only time->Sun Jun 21 08:20:44
2015.
I checked my dnf.rpm.logs and this was happening at th
On 06/29/2015 06:13 AM, Ed Greshko wrote:
> On 06/29/15 18:09, Daniel J Walsh wrote:
>> On 06/28/2015 07:53 AM, Suvayu Ali wrote:
>>> On Sun, Jun 28, 2015 at 06:04:38AM -0400, Daniel J Walsh wrote:
On 06/27/2015 07:01 PM, Ed Greshko wrote:
> On 06/27/15 21:15, Andras Simon wrote:
>>
On 06/29/15 18:09, Daniel J Walsh wrote:
>
> On 06/28/2015 07:53 AM, Suvayu Ali wrote:
>> On Sun, Jun 28, 2015 at 06:04:38AM -0400, Daniel J Walsh wrote:
>>> On 06/27/2015 07:01 PM, Ed Greshko wrote:
On 06/27/15 21:15, Andras Simon wrote:
> 2015-06-27 15:11 GMT+02:00, Andras Simon :
>>
On 06/28/2015 07:53 AM, Suvayu Ali wrote:
> On Sun, Jun 28, 2015 at 06:04:38AM -0400, Daniel J Walsh wrote:
>>
>> On 06/27/2015 07:01 PM, Ed Greshko wrote:
>>> On 06/27/15 21:15, Andras Simon wrote:
2015-06-27 15:11 GMT+02:00, Andras Simon :
> Should I be worried about the $subject?
On Sun, Jun 28, 2015 at 06:04:38AM -0400, Daniel J Walsh wrote:
>
>
> On 06/27/2015 07:01 PM, Ed Greshko wrote:
> > On 06/27/15 21:15, Andras Simon wrote:
> >> 2015-06-27 15:11 GMT+02:00, Andras Simon :
> >>> Should I be worried about the $subject?
> >> And there's also a "SELinux is preventing s
On 06/28/15 18:04, Daniel J Walsh wrote:
>
> On 06/27/2015 07:01 PM, Ed Greshko wrote:
>> On 06/27/15 21:15, Andras Simon wrote:
>>> 2015-06-27 15:11 GMT+02:00, Andras Simon :
Should I be worried about the $subject?
>>> And there's also a "SELinux is preventing sh from execute access on
>>> th
On 06/27/2015 07:01 PM, Ed Greshko wrote:
> On 06/27/15 21:15, Andras Simon wrote:
>> 2015-06-27 15:11 GMT+02:00, Andras Simon :
>>> Should I be worried about the $subject?
>> And there's also a "SELinux is preventing sh from execute access on
>> the file /usr/sbin/ldconfig" which I've only just
On 06/27/15 21:15, Andras Simon wrote:
> 2015-06-27 15:11 GMT+02:00, Andras Simon :
>> Should I be worried about the $subject?
> And there's also a "SELinux is preventing sh from execute access on
> the file /usr/sbin/ldconfig" which I've only just noticed. It sounds
> even scarier.
>
Does your ou
2015-06-27 15:11 GMT+02:00, Andras Simon :
> Should I be worried about the $subject?
And there's also a "SELinux is preventing sh from execute access on
the file /usr/sbin/ldconfig" which I've only just noticed. It sounds
even scarier.
Andras
--
users mailing list
users@lists.fedoraproject.org
T
On 04/16/2015 12:58 PM, Patrick O'Callaghan wrote:
On Thu, 2015-04-16 at 09:32 -0600, Lawrence E Graves wrote:
If you believe that chrome-sandbox should be allowed write access on
the oom_score_adj file by default.
Then you should report this as a bug.
Did you?
My thoughts exactly. Putting
On Thu, 2015-04-16 at 09:32 -0600, Lawrence E Graves wrote:
> If you believe that chrome-sandbox should be allowed write access on
> the oom_score_adj file by default.
> Then you should report this as a bug.
Did you?
poc
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or chan
On 03/21/2015 02:03 PM, Lawrence E Graves wrote:
> SELinux is preventing abrt-dump-journ from read access on the file
> /usr/lib64/libreport.so.0.
>
> * Plugin restorecon (82.4 confidence) suggests
>
>
> If you want to fix the label.
> /usr/lib64/libreport.so.0 defau
# ls -lZ /
root should have label
dr-xr-x---. 3 root root system_u:object_r:admin_home_t:s0 4096 Mar
21 11:44 root
If it doesn't.
restorecon -rv /
Chris Murphy
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/
Cool.guess I'll just wait for it to update when my software update
kicks in...
On Feb 20, 2013 9:50 PM, "Eddie G. O'Connor Jr."
wrote:
> I kep receiving messages like this every now and thenI'm just
> wondering.should I be concerned? Is there something I need to do to get
> these aler
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/21/2013 07:23 AM, Roger wrote:
That is a permissive domain so actually nothing was being blocked by the
access. It should be fixed in the next update.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Th
On 02/21/2013 03:12 PM, Shane wrote:
On 02/20/2013 09:50 PM, Eddie G. O'Connor Jr. wrote:
I kep receiving messages like this every now and thenI'm just
wondering.should I be concerned? Is there something I need to do
to get these alerts and warnings to cease? Any help would be
apprecia
On 02/20/2013 09:50 PM, Eddie G. O'Connor Jr. wrote:
I kep receiving messages like this every now and thenI'm just
wondering.should I be concerned? Is there something I need to do
to get these alerts and warnings to cease? Any help would be appreciated!
I searched for the same issue
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/24/2012 12:51 PM, SES wrote:
> I keep getting this security warning- anyone have any ideas?:
>
> SELinux is preventing /usr/bin/totem-video-thumbnailer from create access
> on the directory .gstreamer-0.10
>
>
> Thanks!
>
> SES
>
What does t
SES wrote:
> I keep getting this security warning- anyone have any ideas?:
>
> SELinux is preventing /usr/bin/totem-video-thumbnailer from create
> access on the directory .gstreamer-0.10
Please run this command and reply with the output:
$ restorecon -Rv ~/.gstreamer-0.10
See if the AVC goes aw
On 01/27/2012 11:37 AM, Lawrence Graves wrote:
SELinux is preventing /bin/bash from execute_no_trans access on the None
/opt/brother/Printers/mfcj615w/lpd/filtermfcj615w.
I'm not sure what you want from us; are you asking for advice, or just
reporting the issue? If the former, I'd suggest fol
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/27/2012 02:41 PM, Lawrence Graves wrote:
> SELinux is preventing /usr/bin/brprintconf_mfcj615w from write
> access on the None /opt/brother/Printers/mfcj615w/inf.
>
> * Plugin catchall (100. confidence) suggests
> **
David Quiqley responded
> It looks like your backup didn't backup the security labels. How did
> you make the back up? The way to get labels set back properly would be
> to book the kernel in permissive by adding enforcing=0 to the kernel
> command line. Note that this is different from selinux=0 w
On Mon, 12 Dec 2011, Daniel J Walsh wrote:
> > Suppose one makes a backup using rsync. What is the proper way to
> > back up the security labels along with the data?
> >
> > I tried using rsync's -X option, which is supposed to preserve
> > extended attributes. All that happened was I got a hu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/12/2011 12:38 PM, Alan Stern wrote:
> On Mon, 12 Dec 2011, David Quigley wrote:
>
>> It looks like your backup didn't backup the security labels. How
>> did you make the back up?
>
> Suppose one makes a backup using rsync. What is the proper w
On Mon, 12 Dec 2011, David Quigley wrote:
> It looks like your backup didn't backup the security labels. How did
> you make the back up?
Suppose one makes a backup using rsync. What is the proper way to
back up the security labels along with the data?
I tried using rsync's -X option, which is
It looks like your backup didn't backup the security labels. How did
you make the back up? The way to get labels set back properly would be
to book the kernel in permissive by adding enforcing=0 to the kernel
command line. Note that this is different from selinux=0 which disables
selinux comple
On Tue, 07 Jun 2011 12:28:03 -0700, Joe Zeff wrote:
> On 06/07/2011 06:46 AM, Lawrence E Graves wrote:
>> SELinux is preventing
>> /usr/libexec/gnome-session-check-accelerated-helper from 'read, write'
>> accesses on the chr_file nvidiactl.
>
> Have you tried following the instructions SELinux gi
On 06/07/2011 06:46 AM, Lawrence E Graves wrote:
> SELinux is preventing /usr/libexec/gnome-session-check-accelerated-helper
> from 'read, write' accesses on the chr_file nvidiactl.
Have you tried following the instructions SELinux gives you? If so,
what happens; if not, why not?
--
users mail
On 06/07/2011 09:54 PM, Daniel J Walsh wrote:
> There is an open bug for this with a fix moving through the process.
> Please do not spam the list with these alerts.
You may also want to consider trimming your responses to remove the
spam :-)
--
users mailing list
users@lists.fedoraproject.o
On 06/07/2011 09:47 AM, Lawrence E Graves wrote:
> SELinux is preventing /usr/libexec/colord from getattr access on the file
> /usr/local/Brother/sane/models3/ext4.ini.
>
> * Plugin catchall (100. confidence) suggests ***
>
> If you believe that colord should be allow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/07/2011 09:47 AM, Lawrence E Graves wrote:
> SELinux is preventing /usr/libexec/colord from getattr access on the file
> /usr/local/Brother/sane/models3/ext4.ini.
>
> * Plugin catchall (100. confidence) suggests **
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/07/2011 09:46 AM, Lawrence E Graves wrote:
> SELinux is preventing /usr/libexec/gnome-session-check-accelerated-helper
> from 'read, write' accesses on the chr_file nvidiactl.
>
> * Plugin device (91.4 confidence) suggests ***
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06/06/2011 08:41 AM, Ed Greshko wrote:
> On 06/06/2011 08:19 PM, Lawrence E Graves wrote:
>> SELinux is preventing /usr/libexec/colord from getattr access on the file
>> /usr/local/Brother/sane/models3/ext4.ini.
>
> So, you've installed a package
On 06/06/2011 08:19 PM, Lawrence E Graves wrote:
> SELinux is preventing /usr/libexec/colord from getattr access on the file
> /usr/local/Brother/sane/models3/ext4.ini.
So, you've installed a package supplied by Brother...and not from the
Fedora repository. So, it is certainly possible/probably
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/23/2011 03:12 PM, Lawrence E Graves wrote:
> SELinux is preventing khidpd_0d620558 from write access on the socket Unknown.
>
> * Plugin catchall (100. confidence) suggests ***
>
> If you believe that khidpd_0d6205
51 matches
Mail list logo
