Pridať komentár

Príspevok, na ktorý odpovedáte

Re: wifi problem - module not found 15.04.2011 | 00:55
tomy   Návštevník
SELinux is preventing /usr/sbin/wpa_supplicant from using the sys_module capability.

***** Plugin sys_module (99.5 confidence) suggests *************************

If you do not believe that /usr/sbin/wpa_supplicant should be attempting to modify the kernel by loading a kernel module.
Then a process might be attempting to hack into your system.
Do
contact your security administrator and report this issue.

***** Plugin catchall (1.49 confidence) suggests ***************************

If you believe that wpa_supplicant should have the sys_module capability by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep wpa_supplicant /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0-s0:c0.c1023
Target Context system_u:system_r:NetworkManager_t:s0-s0:c0.c1023
Target Objects Unknown [ capability ]
Source wpa_supplicant
Source Path /usr/sbin/wpa_supplicant
Port <Unknown>
Host tomy
Source RPM Packages wpa_supplicant-0.6.8-10.fc14
Target RPM Packages
Policy RPM selinux-policy-3.9.7-37.fc14
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name tomy
Platform Linux tomy 2.6.35.12-88.fc14.x86_64 #1 SMP Thu Mar
31 21:21:57 UTC 2011 x86_64 x86_64
Alert Count 1
First Seen Št 14. apríl 2011, 22:50:09 EDT
Last Seen Št 14. apríl 2011, 22:50:09 EDT
Local ID d1d40e83-9df2-447c-a602-ce320769e7b7

Raw Audit Messages
type=AVC msg=audit(1302835809.580:31): avc: denied { sys_module } for pid=1496 comm="wpa_supplicant" capability=16 scontext=system_u:system_r:NetworkManager_t:s0-s0:c0.c1023 tcontext=system_u:system_r:NetworkManager_t:s0-s0:c0.c1023 tclass=capability


type=SYSCALL msg=audit(1302835809.580:31): arch=x86_64 syscall=ioctl success=no exit=ENODEV a0=8 a1=8933 a2=7fffdac585e0 a3=ffffffff items=0 ppid=1 pid=1496 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=wpa_supplicant exe=/usr/sbin/wpa_supplicant subj=system_u:system_r:NetworkManager_t:s0-s0:c0.c1023 key=(null)

Hash: wpa_supplicant,NetworkManager_t,NetworkManager_t,capability,sys_module

audit2allow

#============= NetworkManager_t ==============
allow NetworkManager_t self:capability sys_module;

audit2allow -R

#============= NetworkManager_t ==============
allow NetworkManager_t self:capability sys_module;

prihlásený som ako root a sem som sa dostal mám vypnúť SELinux ?
2 + 3 plus tisíc (číslom)

Maximálna veľkosť je: 2,0 MB