Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: kakou <kakou@×××××.org>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] SELinux problem -> avc: denied {execmem}
Date: Sun, 21 May 2006 13:58:38
Message-Id: 44707236.9070209@kakou.org
In Reply to: [gentoo-hardened] SELinux problem -> avc: denied {execmem} by Jan Meier
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 Jan Meier wrote:
5 > Hello,
6 >
7 > I am running SELinux and at boot time I get the following avc: denied
8 > messages:
9 >
10 > May 21 16:01:40 jeeves audit(1148220069.887:0): avc: denied { execmem
11 } for
12 > pid=1 comm=init scontext=system_u:system_r:kernel_t
13 > tcontext=system_u:system_r:kernel_t tclass=process
14 > May 21 16:01:40 jeeves audit(1148220069.905:0): avc: denied { execmem
15 } for
16 > pid=1 comm=init scontext=system_u:system_r:init_t
17 > tcontext=system_u:system_r:init_t tclass=process
18 > May 21 16:01:40 jeeves audit(1148220070.475:0): avc: denied { execmem
19 } for
20 > pid=896 comm=rc scontext=system_u:system_r:initrc_t
21 > tcontext=system_u:system_r:initrc_t tclass=process
22 > May 21 16:01:40 jeeves audit(1148220070.920:0): avc: denied { execmem
23 } for
24 > pid=904 comm=mount scontext=system_u:system_r:mount_t
25 > tcontext=system_u:system_r:mount_t tclass=process
26 > May 21 16:01:40 jeeves audit(1148220071.457:0): avc: denied { execmem
27 } for
28 > pid=934 comm=swapon scontext=system_u:system_r:fsadm_t
29 > tcontext=system_u:system_r:fsadm_t tclass=process
30 > May 21 16:01:40 jeeves audit(1148220072.480:0): avc: denied { execmem
31 } for
32 > pid=974 comm=modules-update scontext=system_u:system_r:update_modules_t
33 > tcontext=system_u:system_r:update_modules_t tclass=process
34 >
35 > What can I do to get rid of them?
36 > When I execute `setenforce 1` I get a "Killed" after each command I
37 execute,
38 > does this have something to do with the denied messages?
39 >
40 > Best regards,
41 >
42 > Jan
43 >
44 >
45 >
46 You boot in enforcing or permissive mode?
47 You are using an other security protection (grsecurity, PAX, ...) ?
48 You are in stable or ~x86?
49 -----BEGIN PGP SIGNATURE-----
50 Version: GnuPG v1.4.3 (GNU/Linux)
51 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
52
53 iD8DBQFEcHIw3RS+hG/PB/URApMKAJ9DD8zAhSyJQ0NHwQStWvzsnhZ+4wCfXv1k
54 jvWILLlRUskWkUmtk9w0haw=
55 =w7UJ
56 -----END PGP SIGNATURE-----
57
58 --
59 gentoo-hardened@g.o mailing list
Report Message
Find on MARC Find on Google Groups