Using SELinux on an ICE-Linux CMS
8
Appendix B: Sample Violation
Summary
SELinux is preventing rsync (/usr/bin/rsync) "getattr" to /bin (bin_t).
Detailed Description
SELinux denied rsync access to /bin. If this is an RSYNC repository, it has to have a file context label
of rsync_data_t. If you did not intend to use /bin as an rsync repository, it could indicate either a
bug or it could signal an intrusion attempt.
Allowing Access
You can alter the file context by executing the following command:
# chcon -R -t rsync_data_t /bin
Additional Information
Source Context: system_u:system_r:rsync_t
Target Context: system_u:object_r:bin_t
Target Objects: /bin [ dir ]
Affected RPM Packages: rsync-2.6.8-3.1 [application]filesystem-2.4.0-1 [target]
Policy RPM: selinux-policy-2.4.6-104.el5
Selinux Enabled: True
Policy Type: targeted
MLS Enabled: True
Enforcing Mode: Permissive
Plugin Name: plugins.rsync_data
Host Name: terra.example.com
Platform: Linux terra.example.com 2.6.18-53.el5 #1 SMP
Wed Oct 10 16:34:19 EDT 2007 x86_64 x86_64
Alert Count: 1
Line Numbers:
Raw Audit Messages :
avc: denied { getattr } for comm="rsync" dev=dm-0 egid=99 euid=99
exe="/usr/bin/rsync" exit=0 fsgid=99 fsuid=99 gid=99 items=0 path="/bin"
pid=18167 scontext=system_u:system_r:rsync_t:s0 sgid=99
subj=system_u:system_r:rsync_t:s0 suid=99 tclass=dir
tcontext=system_u:object_r:bin_t:s0 tty=(none) uid=99