Attachment 3338 Details for Bug 5524 – Output of sealert

Output of sealert

sealert_output.txt (text/plain), 2.40 KB, created by venca on 2008-06-06 15:06:17 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: venca

Created: 2008-06-06 15:06:17 UTC

Size: 2.40 KB

patch

obsolete

>Summary:
>
>SELinux is preventing the samba daemon from reading users' home directories.
>
>Detailed Description:
>
>SELinux has denied the samba daemon access to users' home directories. Someone
>is attempting to access your home directories via your samba daemon. If you only
>setup samba to share non-home directories, this probably signals a intrusion
>attempt. For more information on SELinux integration with samba, look at the
>samba_selinux man page. (man samba_selinux)
>
>Allowing Access:
>
>If you want samba to share home directories you need to turn on the
>samba_enable_home_dirs boolean: "setsebool -P samba_enable_home_dirs=1"
>
>Fix Command:
>
>setsebool -P samba_enable_home_dirs=1
>
>Additional Information:
>
>Source Context                unconfined_u:system_r:smbd_t:s0
>Target Context                system_u:object_r:home_root_t:s0
>Target Objects                /home [ dir ]
>Source                        smbd
>Source Path                   /usr/sbin/smbd
>Port                          <Unknown>
>Host                          my_hostname
>Source RPM Packages           samba-3.2.0-1.rc1.14.fc9
>Target RPM Packages           filesystem-2.4.13-1.fc9
>Policy RPM                    selinux-policy-3.3.1-55.fc9
>Selinux Enabled               True
>Policy Type                   targeted
>MLS Enabled                   True
>Enforcing Mode                Enforcing
>Plugin Name                   samba_enable_home_dirs
>Host Name                     my_hostname
>Platform                      Linux my_hostname 2.6.25.4-30.fc9.i686 #1 SMP Wed May 21
>                              18:12:35 EDT 2008 i686 athlon
>Alert Count                   7621
>First Seen                    Thu Jun  5 18:32:21 2008
>Last Seen                     Fri Jun  6 21:00:00 2008
>Local ID                      914f986c-f627-4444-8d60-305ad1e553f2
>Line Numbers                  
>
>Raw Audit Messages            
>
>host=my_hostname type=AVC msg=audit(1212778800.465:105): avc:  denied  { getattr } for  pid=8793 comm="smbd" path="/home" dev=md3 ino=2 scontext=unconfined_u:system_r:smbd_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir
>
>host=my_hostname type=SYSCALL msg=audit(1212778800.465:105): arch=40000003 syscall=195 success=no exit=-13 a0=bf9fecd5 a1=bf9ff0cc a2=514ff4 a3=bf9fecdb items=0 ppid=8789 pid=8793 auid=500 uid=500 gid=0 euid=500 suid=0 fsuid=500 egid=500 sgid=0 fsgid=500 tty=(none) ses=1 comm="smbd" exe="/usr/sbin/smbd" subj=unconfined_u:system_r:smbd_t:s0 key=(null)
>

Actions: View

Attachments on bug 5524: 3337 | 3338