[CentOS-de] cracklib

Oliver Wiemer o.wiemer at audiovisuellemedien.de
Do Jun 28 06:41:18 EDT 2012 

Klaro kann ich das!!

[root at cleopatra httpd]# cat /var/log/audit/audit.log|grep httpd
type=AVC msg=audit(1339427485.351:562): avc:  denied  { read } for
pid=17435 comm="vsftpd" name="gfk" dev=dm-0 ino=672776
scontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir
type=AVC msg=audit(1339427508.385:563): avc:  denied  { read } for
pid=17435 comm="vsftpd" name="gfk" dev=dm-0 ino=672776
scontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=dir
type=AVC msg=audit(1340670559.576:1882): avc:  denied  { search } for
pid=30336 comm="httpd" name="oliver" dev=dm-0 ino=267832
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir
type=SYSCALL msg=audit(1340670559.576:1882): arch=c000003e syscall=2
success=no exit=-13 a0=7f9467081610 a1=0 a2=0 a3=6c75646f6d2f6172 items=0
ppid=1 pid=30336 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340670741.070:1883): avc:  denied  { search } for
pid=30387 comm="httpd" name="oliver" dev=dm-0 ino=267832
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir
type=SYSCALL msg=audit(1340670741.070:1883): arch=c000003e syscall=2
success=no exit=-13 a0=7f7211b68610 a1=0 a2=0 a3=6c75646f6d2f6172 items=0
ppid=1 pid=30387 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340671727.774:1890): avc:  denied  { name_connect }
for  pid=30496 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340671727.774:1890): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 ppid=30493
pid=30496 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340671728.775:1891): avc:  denied  { name_connect }
for  pid=30496 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340671728.775:1891): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 ppid=30493
pid=30496 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340672178.165:1892): avc:  denied  { name_connect }
for  pid=30499 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340672178.165:1892): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 ppid=30493
pid=30499 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340672179.166:1893): avc:  denied  { name_connect }
for  pid=30499 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340672179.166:1893): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 ppid=30493
pid=30499 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340672277.485:1894): avc:  denied  { name_connect }
for  pid=30500 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340672277.485:1894): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 ppid=30493
pid=30500 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340672278.486:1895): avc:  denied  { name_connect }
for  pid=30500 comm="httpd" dest=3306
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:mysqld_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1340672278.486:1895): arch=c000003e syscall=42
success=no exit=-13 a0=e a1=7fff96b044d0 a2=10 a3=e items=0 ppid=30493
pid=30500 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=61 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340874746.109:65): avc:  denied  { search } for
pid=1497 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340874746.109:65): arch=c000003e syscall=2
success=no exit=-13 a0=7fff18bbe590 a1=0 a2=1b6 a3=0 items=0 ppid=1468
pid=1497 auid=4294967295 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="httpd"
exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340874768.002:66): avc:  denied  { search } for
pid=1498 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340874768.002:66): arch=c000003e syscall=2
success=no exit=-13 a0=7fff18bbe590 a1=0 a2=1b6 a3=0 items=0 ppid=1468
pid=1498 auid=4294967295 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="httpd"
exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340874779.759:67): avc:  denied  { search } for
pid=1499 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=system_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340874779.759:67): arch=c000003e syscall=2
success=no exit=-13 a0=7fff18bbe590 a1=0 a2=1b6 a3=0 items=0 ppid=1468
pid=1499 auid=4294967295 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="httpd"
exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340876601.516:136): avc:  denied  { search } for
pid=9956 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340876601.516:136): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 ppid=9952
pid=9956 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340880561.939:231): avc:  denied  { search } for
pid=9958 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340880561.939:231): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 ppid=9952
pid=9958 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340880954.018:232): avc:  denied  { search } for
pid=9955 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340880954.018:232): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 ppid=9952
pid=9955 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881493.738:233): avc:  denied  { search } for
pid=9959 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881493.738:233): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 ppid=9952
pid=9959 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881548.972:234): avc:  denied  { search } for
pid=9961 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881548.972:234): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 ppid=9952
pid=9961 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881581.984:235): avc:  denied  { search } for
pid=9957 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881581.984:235): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 ppid=9952
pid=9957 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881653.445:236): avc:  denied  { search } for
pid=10829 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881653.445:236): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 ppid=9952
pid=10829 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340881703.664:237): avc:  denied  { search } for
pid=9960 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=SYSCALL msg=audit(1340881703.664:237): arch=c000003e syscall=2
success=no exit=-13 a0=7fffd8b5f190 a1=0 a2=1b6 a3=0 items=0 ppid=9952
pid=9960 auid=0 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500 sgid=500
fsgid=500 tty=(none) ses=4 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340885636.992:239): avc:  denied  { setattr } for
pid=11195 comm="httpd" name="cati.log" dev=dm-0 ino=552337
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1340885636.992:239): arch=c000003e syscall=90
success=no exit=-1 a0=7f470ff54d38 a1=1b0 a2=7f470444ebdd a3=7f470ff34978
items=0 ppid=11193 pid=11195 auid=500 uid=48 gid=500 euid=48 suid=48
fsuid=48 egid=500 sgid=500 fsgid=500 tty=(none) ses=9 comm="httpd"
exe="/usr/sbin/httpd" subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340885642.900:240): avc:  denied  { search } for
pid=11198 comm="httpd" name="cracklib" dev=dm-0 ino=525364
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=dir
type=AVC msg=audit(1340885642.900:240): avc:  denied  { read } for
pid=11198 comm="httpd" name="pw_dict.pwd" dev=dm-0 ino=525388
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=file
type=AVC msg=audit(1340885642.900:240): avc:  denied  { open } for
pid=11198 comm="httpd" name="pw_dict.pwd" dev=dm-0 ino=525388
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=file
type=SYSCALL msg=audit(1340885642.900:240): arch=c000003e syscall=2
success=yes exit=15 a0=7fffcf6a6fb0 a1=0 a2=1b6 a3=0 items=0 ppid=11193
pid=11198 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48 egid=500
sgid=500 fsgid=500 tty=(none) ses=9 comm="httpd" exe="/usr/sbin/httpd"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1340885642.900:241): avc:  denied  { getattr } for
pid=11198 comm="httpd" path="/usr/share/cracklib/pw_dict.pwi" dev=dm-0
ino=525389 scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:crack_db_t:s0 tclass=file
type=SYSCALL msg=audit(1340885642.900:241): arch=c000003e syscall=5
success=yes exit=0 a0=10 a1=7fffcf6a6a80 a2=7fffcf6a6a80 a3=0 items=0
ppid=11193 pid=11198 auid=500 uid=48 gid=500 euid=48 suid=48 fsuid=48
egid=500 sgid=500 fsgid=500 tty=(none) ses=9 comm="httpd"
exe="/usr/sbin/httpd" subj=unconfined_u:system_r:httpd_t:s0 key=(null)
[root at cleopatra httpd]#




Am 28.06.12 12:14 schrieb "Oliver Hausmann" unter
<oliver.hausmann at securepoint.de>:

>Hallo Oliver,
>
>schau mal bitte in den audit.log (cat /var/log/audit/audit.log|grep
>httpd).
>Kannst Du das Ergebnis mal posten?
>
>Gruß
>
>Oliver
>
>Am 2012-06-28 11:34, schrieb Oliver Wiemer:
>> Hallo Leute,
>>
>>
>> ich bin hier bi der Inbetriebnahme eines Browserbasierenden Systems
>> der
>> besonderen Art.
>> Das Original läuft auf einer Gentoo Maschine.
>>
>> Beim Weblogin bekomme ich im Apache errorlog folgende Fehlermeldung.
>>
>> [Thu Jun 28 11:37:39 2012] [notice] SELinux policy enabled; httpd
>> running
>> as context unconfined_u:system_r:httpd_t:s0
>> [Thu Jun 28 11:37:39 2012] [notice] suEXEC mechanism enabled
>> (wrapper:
>> /usr/sbin/suexec)
>> [Thu Jun 28 11:37:39 2012] [notice] Digest: generating secret for
>> digest
>> authentication ...
>> [Thu Jun 28 11:37:39 2012] [notice] Digest: done
>> [Thu Jun 28 11:37:39 2012] [notice] Apache/2.2.15 (Unix) DAV/2
>> PHP/5.3.3
>> configured -- resuming normal operations
>> /usr/share/cracklib/pw_dict.pwd: Permission denied
>> PWOpen: Invalid argument
>>
>>
>>
>> Ich stehe hier etwas auf dem Schlauch.
>> Hat jemand irgend eine Idee?
>>
>> LG Oliver Wiemer
>
>-- 
>_______________________________________________
>CentOS-de mailing list
>CentOS-de at centos.org
>http://lists.centos.org/mailman/listinfo/centos-de