Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Randy Tupas <rjtupas@×××××××.com>
To: gentoo-hardened@l.g.o
Subject: RE: [gentoo-hardened] Mislabeled root home directory
Date: Sat, 09 Aug 2008 17:13:13
Message-Id: BAY101-W156CE3BD80C0AE4099EC49B4770@phx.gbl
In Reply to: Re: [gentoo-hardened] Mislabeled root home directory by Chris PeBenito
1 I am using the targeted policy.
2
3 The ebuild version of policycoreutils is 1.34.15.
4
5 "restorecon /root" does not fix the problem.
6
7 Thanks for the help,
8
9 Randy
10 ----------------------------------------
11 > Subject: Re: [gentoo-hardened] Mislabeled root home directory
12 > From: pebenito@g.o
13 > To: gentoo-hardened@l.g.o
14 > Date: Mon, 4 Aug 2008 15:33:58 -0400
15 >
16 > On Fri, 2008-08-01 at 22:35 -0400, Randy Tupas wrote:
17 >> I recently updated to the 20080525 selinux base policy and modules.
18 >> I've received the following avc messages:
19 >>
20 >> Aug 01 18:53:22 tux (null): avc: denied pid=8004 comm=ssmtp name=root
21 >> ino=87746 dev=sdb3 scontext=system_u:system_r:system_mail_t
22 >> tcontext=system_u:object_r:default_t tclass=dir
23 >>
24 >> A little searching revealed that the root home directory, /root, has
25 >> the following context:
26 >>
27 >> system_u:object_r:default_t
28 >
29 > Need more information. Which policy (strict or targeted)? Also, what
30 > is the version of your policycoreutils? If you do `restorecon /root`
31 > does it get fixed?
32 >
33 >> I'm sure this is in error - but wanted to make sure. I believe the
34 >> problem lies with the following line
35 >> in /etc/selinux/targeted/context/files/file_contexts:
36 >>
37 >> /root/\.default_contexts -- system_u:object_r:default_context_t
38 >
39 > No, its not.
40 >
41 >
42 > --
43 > Chris PeBenito
44 >
45 > Developer,
46 > Hardened Gentoo Linux
47 >
48 > Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
49 > Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243
50
51 _________________________________________________________________
52 Get more from your digital life. Find out how.
53 http://www.windowslive.com/default.html?ocid=TXT_TAGLM_WL_Home2_082008

Replies

Subject Author
RE: [gentoo-hardened] Mislabeled root home directory Chris PeBenito <pebenito@g.o>
Report Message
Find on MARC Find on Google Groups