os: dedora18 64
請問我應該如何解決這個問題呢?
似乎是因為diablo client 要存取而造成權限的問題
SELinux is preventing wine-preloader from mmap_zero access on the memprotect
.
***** Plugin mmap_zero (91.4 confidence) suggests
**************************
If 您不認為 wine-preloader 應需要在內核中 mmap low memory。
Then 您可能遭受駭客攻擊,這是相當危險的存取動作。
Do
請聯絡您的安全管理員,並回報此議題。
***** Plugin catchall (9.59 confidence) suggests
***************************
If 您認為 wine-preloader 就預設值應擁有 memprotect 的 mmap_zero 存取權。
Then 您應將此回報為錯誤。
您可產生本機模組,以允許這項存取。
Do
現在透過執行以下指令來允許此存取:
# grep wine-preloader /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
這裡我照著打說沒有此指令,該如何解決呢?
Additional Information:
Source Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
Target Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
Target Objects [ memprotect ]
Source wine-preloader
Source Path wine-preloader
Port <Unknown>
Host localhost.localdomain
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.11.1-66.fc18.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.localdomain
Platform Linux localhost.localdomain
3.6.10-4.fc18.x86_64
#1 SMP Tue Dec 11 18:01:27 UTC 2012 x86_64
x86_64
Alert Count 7
First Seen 2013-03-26 17:04:03 CST
Last Seen 2013-03-26 17:04:18 CST
Local ID 4507af9c-4ef2-4a85-ab19-942c0de6f552
Raw Audit Messages
type=AVC msg=audit(1364288658.465:442): avc: denied { mmap_zero } for
pid=4237 comm="wine-preloader"
scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
Hash: wine-preloader,wine_t,wine_t,memprotect,mmap_zero
audit2allow
audit2allow -R
--
請問我應該如何解決這個問題呢?
似乎是因為diablo client 要存取而造成權限的問題
SELinux is preventing wine-preloader from mmap_zero access on the memprotect
.
***** Plugin mmap_zero (91.4 confidence) suggests
**************************
If 您不認為 wine-preloader 應需要在內核中 mmap low memory。
Then 您可能遭受駭客攻擊,這是相當危險的存取動作。
Do
請聯絡您的安全管理員,並回報此議題。
***** Plugin catchall (9.59 confidence) suggests
***************************
If 您認為 wine-preloader 就預設值應擁有 memprotect 的 mmap_zero 存取權。
Then 您應將此回報為錯誤。
您可產生本機模組,以允許這項存取。
Do
現在透過執行以下指令來允許此存取:
# grep wine-preloader /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
這裡我照著打說沒有此指令,該如何解決呢?
Additional Information:
Source Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
Target Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
Target Objects [ memprotect ]
Source wine-preloader
Source Path wine-preloader
Port <Unknown>
Host localhost.localdomain
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.11.1-66.fc18.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.localdomain
Platform Linux localhost.localdomain
3.6.10-4.fc18.x86_64
#1 SMP Tue Dec 11 18:01:27 UTC 2012 x86_64
x86_64
Alert Count 7
First Seen 2013-03-26 17:04:03 CST
Last Seen 2013-03-26 17:04:18 CST
Local ID 4507af9c-4ef2-4a85-ab19-942c0de6f552
Raw Audit Messages
type=AVC msg=audit(1364288658.465:442): avc: denied { mmap_zero } for
pid=4237 comm="wine-preloader"
scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
Hash: wine-preloader,wine_t,wine_t,memprotect,mmap_zero
audit2allow
audit2allow -R
--
All Comments