[SATLUG] kismet selinux avc denials fc 11

riugakusei at aim.com riugakusei at aim.com
Mon Jun 8 15:01:02 CDT 2009

?hi i am try to run kismet . am running Fc 11? how can make selinux to allow kismet to run witout disbaling selinux?
?this is my source for kismet
any help is gladly appreciated

?this is? what comes on selinux:

SELinux is preventing kismet_server (kismet_t) "search" sysctl_net_t.

Detailed Description:

SELinux denied access requested by kismet_server. It is not expected that this
access is required by kismet_server and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context??????????????? unconfined_u:unconfined_r:kismet_t:s0-s0:c0.c1023
Target Context??????????????? system_u:object_r:sysctl_net_t:s0
Target Objects??????????????? None [ dir ]
Source??????????????????????? kismet_server
Source Path?????????????????? /usr/bin/kismet_server
Port????????????????????????? <Unknown>
Host????????????????????????? mimor
Source RPM Packages?????????? kismet-0.0.2008.05.R1-5.fc11
Target RPM Packages?????????? 
Policy RPM??????????????????? selinux-policy-3.6.12-39.fc11
Selinux Enabled?????????????? True
Policy Type?????????????????? targeted
MLS Enabled?????????????????? True
Enforcing Mode??????????????? Enforcing
Plugin Name?????????????????? catchall
Host Name???????????????????? mimor
Platform????????????????????? Linux mimor #1 SMP Wed
????????????????????????????? May 27 17:28:22 EDT 2009 i686 athlon
Alert Count?????????????????? 36
First Seen??????????????????? Tue 02 Jun 2009 02:05:13 PM EDT
Last Seen???????????????????? Mon 08 Jun 2009 03:52:10 PM EDT
Local ID????????????????????? e8a7cb55-04fa-4071-8271-d04b96d3044d
Line Numbers????????????????? 

Raw Audit Messages??????????? 

node=mimor type=AVC msg=audit(1244490730.506:40): avc:? denied? { search } for? pid=3337 comm="kismet_server" scontext=unconfined_u:unconfined_r:kismet_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=dir

node=mimor type=SYSCALL msg=audit(1244490730.506:40): arch=40000003 syscall=5 success=no exit=-13 a0=9443e64 a1=8000 a2=1b6 a3=0 items=0 ppid=3336 pid=3337 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=2 comm="kismet_server" exe="/usr/bin/kismet_server" subj=unconfined_u:unconfined_r:kismet_t:s0-s0:c0.c1023 key=(null)

More information about the SATLUG mailing list