Re: [CentOS-de] cracklib

28 Jun 2012


      Schau mal hier:
avc:  denied  { search } for pid=11198 comm="httpd" name="cracklib" 
dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0 
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
SELinux verhindert den Zugriff auf das Verzeichnis. Mach mal restorecon 
-R auf /usr/share/cracklib
Eventl. mach es Sinn sich in dem Zusammenhang mal audit2allow 
anzuschauen.
Gruß
Oliver
Am 2012-06-28 12:41, schrieb Oliver Wiemer:
...
Klaro kann ich das!!
[root@cleopatra httpd]# cat /var/log/audit/audit.log|grep httpd
type=AVC msg=audit(1339427485.351:562): avc:  denied  { read } for
pid=17435 comm="vsftpd" name="gfk" dev=dm-0 ino=672776
scontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir
type=AVC msg=audit(1339427508.385:563): avc:  denied  { read } for
pid=17435 comm="vsftpd" name="gfk" dev=dm-0 ino=672776
scontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir
type=AVC msg=audit(1340670559.576:1882): avc:  denied  { search } for
pid=30336 comm="httpd" name="oliver" dev=dm-0 ino=267832
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir
type=SYSCALL msg=audit(1340670559.576:1882): arch=c000003e syscall=2
success=no exit=-13 a0=7f9467081610 a1=0 a2=0 a3=6c75646f6d2f6172 
items=0
ppid=1 pid=30336 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 
sgid=0
fsgid=0 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340670741.070:1883): avc:  denied  { search } for
pid=30387 comm="httpd" name="oliver" dev=dm-0 ino=267832
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir
type=SYSCALL msg=audit(1340670741.070:1883): arch=c000003e syscall=2
success=no exit=-13 a0=7f7211b68610 a1=0 a2=0 a3=6c75646f6d2f6172 
items=0
ppid=1 pid=30387 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 
sgid=0
fsgid=0 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340671727.774:1890): avc:  denied  { name_connect 
}
for  pid=30496 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340671727.774:1890): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 
ppid=30493
pid=30496 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" 
exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340671728.775:1891): avc:  denied  { name_connect 
}
for  pid=30496 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340671728.775:1891): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 
ppid=30493
pid=30496 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" 
exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340672178.165:1892): avc:  denied  { name_connect 
}
for  pid=30499 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340672178.165:1892): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 
ppid=30493
pid=30499 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" 
exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340672179.166:1893): avc:  denied  { name_connect 
}
for  pid=30499 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340672179.166:1893): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 
ppid=30493
pid=30499 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" 
exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340672277.485:1894): avc:  denied  { name_connect 
}
for  pid=30500 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340672277.485:1894): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 
ppid=30493
pid=30500 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" 
exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340672278.486:1895): avc:  denied  { name_connect 
}
for  pid=30500 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340672278.486:1895): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 
ppid=30493
pid=30500 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" 
exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340874746.109:65): avc:  denied  { search } for
pid=1497 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340874746.109:65): arch=c000003e syscall=2
success=no exit=-13 a0=7fff18bbe590 a1=0 a2=1b6 a3=0 items=0 
ppid=1468
pid=1497 auid=4294967295 uid=48 gid=500 euid=48 suid=48 fsuid=48 
egid=500
sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="httpd"
exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340874768.002:66): avc:  denied  { search } for
pid=1498 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340874768.002:66): arch=c000003e syscall=2
success=no exit=-13 a0=7fff18bbe590 a1=0 a2=1b6 a3=0 items=0 
ppid=1468
pid=1498 auid=4294967295 uid=48 gid=500 euid=48 suid=48 fsuid=48 
egid=500
sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="httpd"
exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340874779.759:67): avc:  denied  { search } for
pid=1499 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340874779.759:67): arch=c000003e syscall=2
success=no exit=-13 a0=7fff18bbe590 a1=0 a2=1b6 a3=0 items=0 
ppid=1468
pid=1499 auid=4294967295 uid=48 gid=500 euid=48 suid=48 fsuid=48 
egid=500
sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="httpd"
exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340876601.516:136): avc:  denied  { search } for
pid=9956 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340876601.516:136): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 
ppid=9952
pid=9956 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 
sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340880561.939:231): avc:  denied  { search } for
pid=9958 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340880561.939:231): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 
ppid=9952
pid=9958 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 
sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340880954.018:232): avc:  denied  { search } for
pid=9955 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340880954.018:232): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 
ppid=9952
pid=9955 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 
sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881493.738:233): avc:  denied  { search } for
pid=9959 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881493.738:233): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 
ppid=9952
pid=9959 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 
sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881548.972:234): avc:  denied  { search } for
pid=9961 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881548.972:234): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 
ppid=9952
pid=9961 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 
sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881581.984:235): avc:  denied  { search } for
pid=9957 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881581.984:235): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 
ppid=9952
pid=9957 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 
sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881653.445:236): avc:  denied  { search } for
pid=10829 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881653.445:236): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 
ppid=9952
pid=10829 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 
sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881703.664:237): avc:  denied  { search } for
pid=9960 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881703.664:237): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 
ppid=9952
pid=9960 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 
sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340885636.992:239): avc:  denied  { setattr } for
pid=11195 comm="httpd" name="cati.log" dev=dm-0 ino=552337
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1340885636.992:239): arch=c000003e syscall=90
success=no exit=-1 a0=7f470ff54d38 a1=1b0 a2=7f470444ebdd 
a3=7f470ff34978
items=0 ppid=11193 pid=11195 auid=500 uid=48 gid=500 euid=48 suid=48
fsuid=48 egid=500 sgid=500 fsgid=500 tty=(none) ses=9 comm="httpd"
exe="/usr/sbin/httpd" subj=unconfined_u:system_r:httpd_t:s0 
key=(null)
type=AVC msg=audit(1340885642.900:240): avc:  denied  { search } for
pid=11198 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=AVC msg=audit(1340885642.900:240): avc:  denied  { read } for
pid=11198 comm="httpd" name="pw_dict.pwd" dev=dm-0 ino=525388
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=file
type=AVC msg=audit(1340885642.900:240): avc:  denied  { open } for
pid=11198 comm="httpd" name="pw_dict.pwd" dev=dm-0 ino=525388
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=file
type=SYSCALL msg=audit(1340885642.900:240): arch=c000003e syscall=2
success=yes exit=15 a0=7fffcf6a6fb0 a1=0 a2=1b6 a3=0 items=0 
ppid=11193
pid=11198 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=9 comm="httpd" 
exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340885642.900:241): avc:  denied  { getattr } for
pid=11198 comm="httpd" path="/usr/share/cracklib/pw_dict.pwi" 
dev=dm-0
ino=525389 scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=file
type=SYSCALL msg=audit(1340885642.900:241): arch=c000003e syscall=5
success=yes exit=0 a0=10 a1=7fffcf6a6a80 a2=7fffcf6a6a80 a3=0 items=0
ppid=11193 pid=11198 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48
egid=500 sgid=500 fsgid=500 tty=(none) ses=9 comm="httpd"
exe="/usr/sbin/httpd" subj=unconfined_u:system_r:httpd_t:s0 
key=(null)
[root@cleopatra httpd]#
Am 28.06.12 12:14 schrieb "Oliver Hausmann" unter
oliver.hausmann@securepoint.de:
...
Hallo Oliver,
schau mal bitte in den audit.log (cat /var/log/audit/audit.log|grep
httpd).
Kannst Du das Ergebnis mal posten?
Gruß
Oliver
Am 2012-06-28 11:34, schrieb Oliver Wiemer:
...
Hallo Leute,
ich bin hier bi der Inbetriebnahme eines Browserbasierenden Systems
der
besonderen Art.
Das Original läuft auf einer Gentoo Maschine.
Beim Weblogin bekomme ich im Apache errorlog folgende 
Fehlermeldung.
[Thu Jun 28 11:37:39 2012] [notice] SELinux policy enabled; httpd
running
as context unconfined_u:system_r:httpd_t:s0
[Thu Jun 28 11:37:39 2012] [notice] suEXEC mechanism enabled
(wrapper:
/usr/sbin/suexec)
[Thu Jun 28 11:37:39 2012] [notice] Digest: generating secret for
digest
authentication ...
[Thu Jun 28 11:37:39 2012] [notice] Digest: done
[Thu Jun 28 11:37:39 2012] [notice] Apache/2.2.15 (Unix) DAV/2
PHP/5.3.3
configured -- resuming normal operations
/usr/share/cracklib/pw_dict.pwd: Permission denied
PWOpen: Invalid argument
Ich stehe hier etwas auf dem Schlauch.
Hat jemand irgend eine Idee?
LG Oliver Wiemer
--
_______________________________________________
CentOS-de mailing list
CentOS-de@centos.org
http://lists.centos.org/mailman/listinfo/centos-de

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: [CentOS-de] cracklib