This is what I am getting : -
Summary
SELinux is preventing ifdown (hotplug_t) "getattr" to /usr/sbin/
usernetctl (usernetctl_exec_t). Detailed DescriptionSELinux denied
access requested by ifdown. It is not expected that this access is
required by ifdown and this access may signal an intrusion attempt. It
is also possible that the specific version or configuration of the
application is causing it to require additional access. Allowing
AccessSometimes labeling problems can cause SELinux denials. You could
try to restore the default system file context for /usr/sbin/
usernetctl, restorecon -v '/usr/sbin/usernetctl' If this does not
work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access -
see FAQ Or you can disable SELinux protection altogether. Disabling
SELinux protection is not recommended. Please file a bug report
against this package.
Additional Information
Source Context: unconfined_u:system_r:hotplug_t:s0Target
Context: system_u:object_r:usernetctl_exec_t:s0Target Objects: /usr/
sbin/usernetctl [ file ]Source: ifupSource Path: /bin/
bashPort: <Unknown>Host: localhost.localdomainSource RPM
Packages: bash-3.2-29.fc10Target RPM
Packages: initscripts-8.86-1Policy RPM: selinux-
policy-3.5.13-18.fc10Selinux Enabled: TruePolicy Type: targetedMLS
Enabled: TrueEnforcing Mode: EnforcingPlugin
Name: catchall_fileHost Name: localhost.localdomainPlatform: Linux
localhost.localdomain 2.6.27.8 #2 SMP Sat Dec 13 11:34:17 IST 2008
x86_64 x86_64Alert Count: 2First Seen: Sun 14 Dec 2008 06:00:01 PM
ISTLast Seen: Sun 14 Dec 2008 06:00:01 PM ISTLocal ID: 8450ba92-
ea90-4d2e-8176-90f3ce6dab9fLine Numbers:
Raw Audit Messages :
node=localhost.localdomain type=AVC msg=audit(1229257801.88:38): avc:
denied { getattr } for pid=2275 comm="ifdown" path="/usr/sbin/
usernetctl" dev=sda1 ino=1041653
scontext=unconfined_u:system_r:hotplug_t:s0
tcontext=system_u:object_r:usernetctl_exec_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1229257801.88:38):
arch=c000003e syscall=4 success=no exit=-13 a0=1414f00 a1=7fff046b0560
a2=7fff046b0560 a3=7fff046b03a0 items=0 ppid=2251 pid=2275 auid=500
uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500
fsgid=500 tty=(none) ses=1 comm="ifdown" exe="/bin/bash"
subj=unconfined_u:system_r:hotplug_t:s0 key=(null)
On Dec 14, 7:58 am, "Rambilas Varma" <[email protected]> wrote:
> Hi Sid,
>
> can u send the ACL denial details so that the related SeLinux policy can be
> enabled.
>
> Regards,
> Rambilas
>
> On Sun, Dec 14, 2008 at 7:56 AM, sid <[email protected]> wrote:
>
> > Hi!
> > I am using fedora 10. I am unable to connect to the internet using the
> > wireless module, because of selinux denial. I tried disabling selinux
> > using the file /etc/selinux/config, but the problem is still there.
> > Kindly help.
>
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Linux Users Group.
To post a message, send email to [email protected]
To unsubscribe, send email to [email protected]
For more options, visit our group at
http://groups.google.com/group/linuxusersgroup
-~----------~----~----~----~------~----~------~--~---
