From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1FhoS6-0003Xd-04 for garchives@archives.gentoo.org; Sun, 21 May 2006 13:58:38 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.6/8.13.6) with SMTP id k4LDsPCe032274; Sun, 21 May 2006 13:54:25 GMT Received: from kakou.org (kakou.org [82.246.200.240]) by robin.gentoo.org (8.13.6/8.13.6) with ESMTP id k4LDsJML028205 for ; Sun, 21 May 2006 13:54:23 GMT Received: (qmail 22512 invoked by uid 210); 21 May 2006 15:54:20 +0200 Received: from 10.0.0.6 by wakka (envelope-from , uid 201) with qmail-scanner-1.25st (f-prot: 4.5.4/3.16.6. spamassassin: 3.0.3. perlscan: 1.25st. Clear:RC:1(10.0.0.6):. Processed in 0.363252 secs); 21 May 2006 13:54:20 -0000 Received: from unknown (HELO ?10.0.0.6?) (10.0.0.6) by 0 with SMTP; 21 May 2006 15:54:19 +0200 Message-ID: <44707236.9070209@kakou.org> Date: Sun, 21 May 2006 15:59:18 +0200 From: kakou Organization: ENSI LIFO User-Agent: Thunderbird 1.5.0.2 (X11/20060308) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] SELinux problem -> avc: denied {execmem} References: <200605211541.00448.jan@codejunky.org> In-Reply-To: <200605211541.00448.jan@codejunky.org> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit X-Archives-Salt: eb574b87-c31f-4a74-917f-d43244e04d40 X-Archives-Hash: f6bf64b24b489dc3a6cee260c74dec27 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jan Meier wrote: > Hello, > > I am running SELinux and at boot time I get the following avc: denied > messages: > > May 21 16:01:40 jeeves audit(1148220069.887:0): avc: denied { execmem } for > pid=1 comm=init scontext=system_u:system_r:kernel_t > tcontext=system_u:system_r:kernel_t tclass=process > May 21 16:01:40 jeeves audit(1148220069.905:0): avc: denied { execmem } for > pid=1 comm=init scontext=system_u:system_r:init_t > tcontext=system_u:system_r:init_t tclass=process > May 21 16:01:40 jeeves audit(1148220070.475:0): avc: denied { execmem } for > pid=896 comm=rc scontext=system_u:system_r:initrc_t > tcontext=system_u:system_r:initrc_t tclass=process > May 21 16:01:40 jeeves audit(1148220070.920:0): avc: denied { execmem } for > pid=904 comm=mount scontext=system_u:system_r:mount_t > tcontext=system_u:system_r:mount_t tclass=process > May 21 16:01:40 jeeves audit(1148220071.457:0): avc: denied { execmem } for > pid=934 comm=swapon scontext=system_u:system_r:fsadm_t > tcontext=system_u:system_r:fsadm_t tclass=process > May 21 16:01:40 jeeves audit(1148220072.480:0): avc: denied { execmem } for > pid=974 comm=modules-update scontext=system_u:system_r:update_modules_t > tcontext=system_u:system_r:update_modules_t tclass=process > > What can I do to get rid of them? > When I execute `setenforce 1` I get a "Killed" after each command I execute, > does this have something to do with the denied messages? > > Best regards, > > Jan > > > You boot in enforcing or permissive mode? You are using an other security protection (grsecurity, PAX, ...) ? You are in stable or ~x86? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEcHIw3RS+hG/PB/URApMKAJ9DD8zAhSyJQ0NHwQStWvzsnhZ+4wCfXv1k jvWILLlRUskWkUmtk9w0haw= =w7UJ -----END PGP SIGNATURE----- -- gentoo-hardened@gentoo.org mailing list