[DSE-Dev] Bug#700326: selinux-policy-default: should be added dac_override for fail2ban_t
Alexander Kudrevatykh
kudrevatykh at gmail.com
Mon Feb 11 17:00:39 UTC 2013
Package: selinux-policy-default
Version: 2:2.20110726-12
Severity: normal
fail2ban server should read files with rights like
-rw-r-----. 1 syslog adm 165426 Feb 11 20:55 /var/log/auth.log
but dac_override permission is missed in default policy
here redhat bugreport for that problem https://bugzilla.redhat.com/show_bug.cgi?id=640796
-- System Information:
Debian Release: 7.0
APT prefers testing
APT policy: (500, 'testing'), (1, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages selinux-policy-default depends on:
ii libpam-modules 1.1.3-7.1
ii libselinux1 2.1.9-5
ii libsepol1 2.1.4-3
ii policycoreutils 2.1.10-9
ii python 2.7.3~rc2-1
Versions of packages selinux-policy-default recommends:
ii checkpolicy 2.1.8-2
pn setools <none>
Versions of packages selinux-policy-default suggests:
ii logcheck 1.3.15
pn syslog-summary <none>
-- Configuration Files:
/etc/selinux/default/modules/active/file_contexts.local [Errno 13] Permission denied: u'/etc/selinux/default/modules/active/file_contexts.local'
-- no debconf information
More information about the SELinux-devel
mailing list