Re: [BackupPC-users] Having Several Issues

After having re-labeled the drives... I'm not getting this from selinux.... I'm getting closer and I think chcon is going to be what's need to change the context of all the files on the drive... Off to work now so I'll give it another go tomorrow morning.

[root@localhost ~]# sealert -l b6efc218-d030-40f7-b393-10050c7036f5

Summary:

SELinux is preventing access to files with the default label, default_t.

Detailed Description:

SELinux permission checks on files labeled default_t are being denied. These
files/directories have the default label on them. This can indicate a labeling
problem, especially if the files being referred to are not top level
directories. Any files/directories under standard system directories, /usr,
/var. /dev, /tmp, ..., should not be labeled with the default label. The default
label is for files/directories which do not have a label on a parent directory.
So if you create a new directory in / you might legitimately get this label.

Allowing Access:

If you want a confined domain to use these files you will probably need to
relabel the file/directory with chcon. In some cases it is just easier to
relabel the system, to relabel execute: "touch /.autorelabel; reboot"

Additional Information:

Source Context                system_u:system_r:httpd_t
Target Context                system_u:object_r:default_t
Target Objects                / [ dir ]
Source                        perl5.8.8
Source Path                   /usr/bin/perl5.8.8
Port                          <Unknown>
Host                          localhost
Source RPM Packages           perl-5.8.8-18.el5_3.1
Target RPM Packages           filesystem-2.4.0-2.el5.centos
Policy RPM                    selinux-policy-2.4.6-203.el5
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   default
Host Name                     localhost
Platform                      Linux localhost 2.6.18-128.1.14.el5 #1 SMP Wed Jun 17
                              06:40:54 EDT 2009 i686 i686
Alert Count                   24
First Seen                    Wed Jun 24 20:33:39 2009
Last Seen                     Wed Jun 24 20:33:55 2009
Local ID                      b6efc218-d030-40f7-b393-10050c7036f5
Line Numbers

Raw Audit Messages

host=localhost type=AVC msg=audit(1245900835.372:35): avc: denied { search } for pid=3040 comm="perl5.8.8" name="/" dev=dm-4 ino=2 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:default_t:s0 tclass=dir

host=localhost type=SYSCALL msg=audit(1245900835.372:35): arch=40000003 syscall=195 success=no exit=-13 a0=97a27f0 a1=963c0c8 a2=aa4ff4 a3=97a27f0 items=0 ppid=2765 pid=3040 auid=4294967295 uid=101 gid=48 euid=101 suid=101 fsuid=101 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="perl5.8.8" exe="/usr/bin/perl5.8.8" subj=system_u:system_r:httpd_t:s0 key=(null)

------------------------------------------------------------------------------

_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/