Les Mikesell wrote:
A machine I set up to run OpenNMS stopped working last night - no hardware alarm lights, but keyboard/monitor/network unresponsive. After a reboot I see a large stack of messages like this in /var/log/messages:
Aug 20 14:02:34 opennms-h-03 python: SELinux is preventing /usr/sbin/monitor-get-edid-using-vbe from mmap _zero access on the memprotect .
***** Plugin mmap_zero (53.1 confidence) suggests
If you do not think /usr/sbin/monitor-get-edid-using-vbe should need to mmap low memory in the kernel. Then you may be under attack by a hacker, this is a very dangerous access. Do contact your security administrator and report this issue.
***** Plugin catchall_boolean (42.6 confidence) suggests
If you want to allow mmap to low allowed Then you must tell SELinux about this by enabling the 'mmap_low_allowed' boolean. You can read 'None' man page for more details. Do setsebool -P mmap_low_allowed 1
***** Plugin catchall (5.76 confidence) suggests
If you believe that monitor-get-edid-using-vbe should be allowed mmap_zero access on the memprotect by d efault. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep monitor-get-edi /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp
and then this final message
Aug 20 14:02:42 opennms-h-03 dbus-daemon: 'list' object has no attribute 'split'
Do either of those look fatal? And where else should I look for the underlying problem?
Looks like all selinux to me, esp. the wording. Is it in enforcing mode? I wonder if it's possible that there's a bug in an selinux policy that results in "IT'S NOT SAFE!!! SHUT IT DOWN!!!".
mark