Ask Your Question
0

selinux problem

asked 2014-04-30 08:57:44 -0600

SDas gravatar image

updated 2014-09-30 15:07:27 -0600

mether gravatar image

The following problem detected by SELinux -

SELinux is preventing /usr/bin/journalctl from read access on the directory journal.

Plugin catchall (100. confidence) suggests *******

If you believe that journalctl should be allowed read access on the journal directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing:

grep journalctl /var/log/audit/audit.log | audit2allow -M mypol

semodule -i mypol.pp

Additional Information: Source Context system_u:system_r:abrt_t:s0-s0:c0.c1023 Target Context system_u:object_r:syslogd_var_run_t:s0 Target Objects journal [ dir ] Source journalctl Source Path /usr/bin/journalctl Port <unknown> Host (removed) Source RPM Packages systemd-208-9.fc20.i686 Target RPM Packages
Policy RPM selinux-policy-3.12.1-106.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux localhost.localdomain 3.11.10-301.fc20.i686+PAE #1 SMP Thu Dec 5 14:12:06 UTC 2013 i686 i686 Alert Count 3 First Seen 2014-04-30 14:23:10 IST Last Seen 2014-04-30 19:00:17 IST Local ID af84f277-e467-46f9-8824-0ecf283a142d</unknown>

Raw Audit Messages type=AVC msg=audit(1398864617.931:496): avc: denied { read } for pid=2894 comm="journalctl" name="journal" dev="tmpfs" ino=1412 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:syslogd_var_run_t:s0 tclass=dir

type=SYSCALL msg=audit(1398864617.931:496): arch=i386 syscall=openat success=no exit=EACCES a0=ffffff9c a1=bfd03b49 a2=98800 a3=0 items=0 ppid=2891 pid=2894 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=journalctl exe=/usr/bin/journalctl subj=system_u:system_r:abrt_t:s0-s0:c0.c1023 key=(null)

Hash: journalctl,abrt_t,syslogd_var_run_t,dir,read

And giving the following command to solve it

grep journalctl /var/log/audit/audit.log | audit2allow -M mypol

semodule -i mypol.pp

but when I am entering this command in root mode the following reply I got-

compilation failed: sh: /usr/bin/checkmodule: No such file or directory semodule: Failed on mypol.pp!

Is there any solution? After this was happened the Installed applications are became slow in performance. Is there available any option to system restore.

edit retag flag offensive close merge delete

Comments

yum provides checkmodule

checkpolicy-2.2-1.fc21.i686

yum install checkpolilcy

fidelleon gravatar imagefidelleon ( 2014-04-30 10:21:01 -0600 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2014-04-30 14:51:38 -0600

You shouldn't have this error with the default policy. Try relabelling:

fixfiles -B onboot && reboot

edit flag offensive delete link more

Comments

It doesn't worked.

SDas gravatar imageSDas ( 2014-05-05 08:38:54 -0600 )edit

Question Tools

1 follower

Stats

Asked: 2014-04-30 08:57:44 -0600

Seen: 562 times

Last updated: Apr 30 '14