[CentOS] SELinux errors on my CentOS 5.3 (32 bit) Desktop after upgrade from 5.2

Lanny Marcus lmmailinglists at gmail.com
Thu Apr 16 14:54:17 UTC 2009


I am running SELinux in Permissive mode. GNOME and KDE are installed.
Following the upgrade from CentOS 5.2 to 5.3 (32 bit) I am getting
SELinux messages. Possibly of interest to someone here or upstream?
(Since I'm using Permissive mode, this is not a problem for me). If
these are known issues, please disregard.  Messages follow:

(1) SELinux is preventing nm-system-setti (system_dbusd_t) "getsched"
to <Unknown> (system_dbusd_t).

SELinux denied access requested by nm-system-setti. It is not expected
that this access is required by nm-system-setti and this access may
signal an intrusion attempt. It is also possible that the specific
version or configuration of the application is causing it to require
additional access.

Source Context:  system_u:system_r:system_dbusd_tTarget Context:
system_u:system_r:system_dbusd_tTarget Objects:  None [ process
]Source:  nm-system-settiSource Path:
/usr/sbin/nm-system-settingsPort:  <Unknown>Host:
dell2400.homelanSource RPM Packages:
NetworkManager-0.7.0-4.el5_3Target RPM Packages:  Policy RPM:
selinux-policy-2.4.6-203.el5Selinux Enabled:  TruePolicy Type:
targetedMLS Enabled:  TrueEnforcing Mode:  PermissivePlugin Name:
catchallHost Name:  dell2400.homelanPlatform:  Linux dell2400.homelan
2.6.18-128.1.6.el5 #1 SMP Wed Apr 1 09:19:18 EDT 2009 i686 i686Alert
Count:  11First Seen:  Fri 10 Apr 2009 09:10:39 PM COTLast Seen:  Thu
16 Apr 2009 07:31:47 AM COTLocal ID:
19712f1c-5303-49bf-a8bc-6016b7f060d5
Line Numbers:

Raw Audit Messages :host=dell2400.homelan type=AVC
msg=audit(1239885107.4:18): avc: denied { getsched } for pid=2970
comm="nm-system-setti" scontext=system_u:system_r:system_dbusd_t:s0
tcontext=system_u:system_r:system_dbusd_t:s0 tclass=process
host=dell2400.homelan type=SYSCALL msg=audit(1239885107.4:18):
arch=40000003 syscall=155 success=yes exit=0 a0=b9a a1=b7f0690c
a2=95fff4 a3=b7f06700 items=0 ppid=1 pid=2970 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="nm-system-setti"
exe="/usr/sbin/nm-system-settings"
subj=system_u:system_r:system_dbusd_t:s0 key=(null

(2) SELinux is preventing nm-system-setti (system_dbusd_t) "sys_nice"
to <Unknown> (system_dbusd_t).

SELinux denied access requested by nm-system-setti. It is not expected
that this access is required by nm-system-setti and this access may
signal an intrusion attempt. It is also possible that the specific
version or configuration of the application is causing it to require
additional access.

Source Context:  system_u:system_r:system_dbusd_tTarget Context:
system_u:system_r:system_dbusd_tTarget Objects:  None [ capability
]Source:  nm-system-settiSource Path:
/usr/sbin/nm-system-settingsPort:  <Unknown>Host:
dell2400.homelanSource RPM Packages:
NetworkManager-0.7.0-4.el5_3Target RPM Packages:  Policy RPM:
selinux-policy-2.4.6-203.el5Selinux Enabled:  TruePolicy Type:
targetedMLS Enabled:  TrueEnforcing Mode:  PermissivePlugin Name:
catchallHost Name:  dell2400.homelanPlatform:  Linux dell2400.homelan
2.6.18-128.1.6.el5 #1 SMP Wed Apr 1 09:19:18 EDT 2009 i686 i686Alert
Count:  11First Seen:  Fri 10 Apr 2009 09:10:39 PM COTLast Seen:  Thu
16 Apr 2009 07:31:47 AM COTLocal ID:
6cf4e81a-0958-4d3e-aba8-9ab4c9e3b7c9
Line Numbers:

Raw Audit Messages :host=dell2400.homelan type=AVC
msg=audit(1239885107.9:19): avc: denied { sys_nice } for pid=2970
comm="nm-system-setti" capability=23
scontext=system_u:system_r:system_dbusd_t:s0
tcontext=system_u:system_r:system_dbusd_t:s0 tclass=capability
host=dell2400.homelan type=AVC msg=audit(1239885107.9:19): avc: denied
{ setsched } for pid=2970 comm="nm-system-setti"
scontext=system_u:system_r:system_dbusd_t:s0
tcontext=system_u:system_r:system_dbusd_t:s0 tclass=process
host=dell2400.homelan type=SYSCALL msg=audit(1239885107.9:19):
arch=40000003 syscall=156 success=yes exit=0 a0=b9a a1=0 a2=bfa7b5a4
a3=b7f06700 items=0 ppid=1 pid=2970 auid=4294967295 uid=0 gid=0 euid=0
suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="nm-system-setti" exe="/usr/sbin/nm-system-settings"
subj=system_u:system_r:system_dbusd_t:s0 key=(null)


More information about the CentOS mailing list