分类: LINUX
2009-05-22 10:59:07
概述:
SELinux is preventing the npviewer.bin (nsplugin_t) from connecting to port
39000.
详细描述:
SELinux has denied the npviewer.bin from connecting to a network port 39000
which does not have an SELinux type associated with it. If npviewer.bin is
supposed to be allowed to connect on this port, you can use the semanage command
to add this port to a port type that nsplugin_t can connect to. semanage port -L
will list all port types. Please file a bug report
() against the selinux-policy
package. If npviewer.bin is not supposed to bind to this port, this could signal
a intrusion attempt.
允许访问:
If you want to allow npviewer.bin to connect to this port semanage port -a -t
PORT_TYPE -p PROTOCOL 39000 Where PORT_TYPE is a type that nsplugin_t can
connect.
附加信息:
源上下文 unconfined_u:unconfined_r:nsplugin_t:s0
目标上下文 system_u:object_r:port_t:s0
目标对象 None [ tcp_socket ]
源 npviewer.bin
源路径 /usr/lib/nspluginwrapper/npviewer.bin
端口 39000
主机 eec.ly
源 RPM 软件包 nspluginwrapper-1.1.2-4.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 connect_ports
主机名 eec.ly
平台 Linux eec.ly 2.6.27.5-117.fc10.i686 #1 SMP Tue Nov
18 12:19:59 EST 2008 i686 i686
警报计数 9
第一个 2009年05月22日 星期五 10时54分55秒
最后一个 2009年05月22日 星期五 10时56分34秒
本地 ID 032bbc7a-4ea4-43d7-a9e7-cb02b755a451
行号
原始核查信息
node=eec.ly type=AVC msg=audit(1242960994.568:30): avc: denied { name_connect } for pid=13816 comm="npviewer.bin" dest=39000 scontext=unconfined_u:unconfined_r:nsplugin_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket
node=eec.ly type=SYSCALL msg=audit(1242960994.568:30): arch=40000003 syscall=102 success=no exit=-13 a0=3 a1=b55042c0 a2=17136cc a3=0 items=0 ppid=3403 pid=13816 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=2 comm="npviewer.bin" exe="/usr/lib/nspluginwrapper/npviewer.bin" subj=unconfined_u:unconfined_r:nsplugin_t:s0 key=(null)