API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 3rd, 2017
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.55 KB | None | 0 0
raw download clone embed print report
  1. [l3info@localhost ~]$ id
  2. uid=1001(l3info) gid=1001(l3info) groupes=10(wheel),1001(l3info)contexte=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
  3.  
  4. [l3info@localhost ~]$ ps axZ | less
  5. system_u:system_r:rpcd_t:s0 1562 ? Ss 0:00 rpc.statd
  6. system_u:system_r:kernel_t:s0 1590 ? S< 0:00 [rpciod/0]
  7. system_u:system_r:rpcd_t:s0 1602 ? Ss 0:00 rpc.idmapd
  8. system_u:system_r:bluetooth_t:s0 1620 ? Ss 0:00 /usr/sbin/bluetoothd
  9. system_u:system_r:kernel_t:s0 1635 ? S< 0:00 [bluetooth]
  10. system_u:system_r:sshd_t:s0-s0:c0.c1023 1651 ? Ss 0:00 /usr/sbin/sshd
  11. system_u:system_r:dhcpc_t:s0 1671 ? S 0:00 /sbin/dhclient -d -sf /usr/libexec/nm-dhcp-client.action -pf /var/r
  12. system_u:system_r:mysqld_safe_t:s0 1695 ? S 0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var
  13. system_u:system_r:mysqld_t:s0 1783 ? Sl 0:00 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=
  14. system_u:system_r:gpm_t:s0 1831 ? Ss 0:00 /usr/sbin/gpm -m /dev/input/mice -t exps2
  15. system_u:system_r:httpd_t:s0 1840 ? Ss 0:00 /usr/sbin/httpd
  16. system_u:system_r:crond_t:s0-s0:c0.c1023 1853 ? Ss 0:00 crond
  17. system_u:system_r:crond_t:s0-s0:c0.c1023 1864 ? Ss 0:00 /usr/sbin/atd
  18.  
  19. [l3info@localhost ~]$ ls -lZ
  20. drwxr-xr-x. l3info l3info unconfined_u:object_r:user_home_t:s0 Bureau
  21. drwxr-xr-x. l3info l3info unconfined_u:object_r:user_home_t:s0 Documents
  22. drwxr-xr-x. l3info l3info unconfined_u:object_r:user_home_t:s0 Images
  23. drwxr-xr-x. l3info l3info unconfined_u:object_r:user_home_t:s0 Mod�les
  24. drwxr-xr-x. l3info l3info unconfined_u:object_r:user_home_t:s0 Musique
  25. drwxr-xr-x. l3info l3info unconfined_u:object_r:user_home_t:s0 Public
  26. drwxr-xr-x. l3info l3info unconfined_u:object_r:user_home_t:s0 T�l�chargement
  27. drwxr-xr-x. l3info l3info unconfined_u:object_r:user_home_t:s0 Vid�os
  28.  
  29. [l3info@localhost bin]$ ls -lZ
  30. -rwsr-xr-x. root root system_u:object_r:su_exec_t:s0 su
  31. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 sync
  32. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 tar
  33. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 taskset
  34. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 touch
  35. -rwxr-xr-x. root root system_u:object_r:traceroute_exec_t:s0 tracepath
  36. -rwxr-xr-x. root root system_u:object_r:traceroute_exec_t:s0 tracepath6
  37. -rwxr-xr-x. root root system_u:object_r:traceroute_exec_t:s0 traceroute
  38. lrwxrwxrwx. root root system_u:object_r:bin_t:s0 traceroute6 -> traceroute
  39. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 true
  40. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 ulockmgr_server
  41. -rwsr-xr-x. root root system_u:object_r:mount_exec_t:s0 umount
  42. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 uname
  43. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 unicode_start
  44. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 unicode_stop
  45.  
  46. [l3info@localhost bin]$ runcon system_u:system_r:unconfined_t:s0 id
  47. uid=1001(l3info) gid=1001(l3info) groupes=10(wheel),1001(l3info)contexte=system_u:system_r:unconfined_t:s0
  48.  
  49. [l3info@localhost bin]$ runcon root:system_r:kernel_t:s0 ls
  50. runcon: ls: Permission non accord�e
  51.  
  52. tail messages
  53. Jan 25 14:21:40 localhost kernel: type=1400 audit(1264425700.419:12): avc: denied { create } for pid=4546 comm="cp" name="alternatives" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=dir
  54. Jan 25 14:21:40 localhost kernel: type=1400 audit(1264425700.419:13): avc: denied { create } for pid=4546 comm="cp" name="anacrontab" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=file
  55. Jan 25 14:21:40 localhost kernel: type=1400 audit(1264425700.419:14): avc: denied { create } for pid=4546 comm="cp" name="anthy-conf" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=file
  56. Jan 25 14:21:40 localhost kernel: type=1400 audit(1264425700.419:15): avc: denied { create } for pid=4546 comm="cp" name="asound.conf" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=file
  57. Jan 25 14:21:40 localhost kernel: type=1400 audit(1264425700.419:16): avc: denied { create } for pid=4546 comm="cp" name="audisp" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=dir
  58. Jan 25 14:21:40 localhost kernel: type=1400 audit(1264425700.419:17): avc: denied { create } for pid=4546 comm="cp" name="audit" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=dir
  59. Jan 25 14:22:19 localhost kernel: __ratelimit: 780 callbacks suppressed
  60. Jan 25 14:22:19 localhost kernel: type=1400 audit(1264425739.023:278): avc: denied { create } for pid=4565 comm="cp" name="hosts" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=file
  61. Jan 25 14:25:59 localhost kernel: type=1400 audit(1264425959.077:279): avc: denied { transition } for pid=4699 comm="runcon" path="/usr/bin/id" dev=sda1 ino=109544 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=root:system_r:kernel_t:s0 tclass=process
  62. Jan 25 14:26:04 localhost kernel: type=1400 audit(1264425964.567:280): avc: denied { transition } for pid=4718 comm="runcon" path="/bin/ls" dev=sda1 ino=445328 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=root:system_r:kernel_t:s0 tclass=process
  63.  
  64. guest_u guest_r
  65. root staff_r sysadmin_r system_r unconfined_r
  66. staff_u staff_r sysadmin_r system_r
  67. sysadm_u sysadm_r
  68. system_u system_r
  69. unconfined_u system_r unconfined_r
  70. user_u user_r
  71. xguest_u xguest_r
  72.  
  73. [l3info@localhost bin]$ runcon system_u:system_r:unconfined_t:s0 id
  74. uid=1001(l3info) gid=1001(l3info) groupes=10(wheel),1001(l3info)contexte=system_u:system_r:unconfined_t:s0
  75.  
  76. audit2allow - generate SELinux policy allow rules from logs of
  77. denied operations
  78.  
  79. audit2why - translates SELinux audit messages into a description
  80. of why the access was denied (audit2allow -w)
  81.  
  82. en utilisant audit2why, on peut lire:
  83. Jan 25 14:21:40 localhost kernel: type=1400 audit(1264425700.419:12): avc: denied { create } for pid=4546 comm="cp" name="alternatives" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=dir
  84. Was caused by:
  85. Missing type enforcement (TE) allow rule.
  86.  
  87. You can use audit2allow to generate a loadable module to allow this access.
  88.  
  89.  
  90. Avant de saisir l'entier:
  91. [l3info@localhost ~]$ ps axZ | grep ex3
  92. unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 5700 pts/1 S+ 0:00 ./ex3
  93. apr�s
  94. [l3info@localhost ~]$ ps axZ | grep cat
  95. unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 5810 pts/1 S+ 0:00 cat
  96.  
  97.  
  98. [l3info@localhost ~]$ ls -lZ /bin/cat
  99. -rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/cat
  100.  
  101. [l3info@localhost ~]$ ps axZ | grep passwd
  102. unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 6258 pts/1 S+ 0:00 passwd
  103.  
  104. [l3info@localhost ~]$ ls -lZ /usr/bin/pass*
  105. -rwsr-xr-x. root root system_u:object_r:passwd_exec_t:s0 /usr/bin/passwd
  106.  
  107.  
  108. [l3info@localhost ~]$ runcon unconfined_u:unconfined_r:passwd_t:s0 ./ex3
  109. runcon: ./ex3: Permission non accord�e
  110.  
  111. 4)
  112. [l3info@localhost attr]$ cat current
  113. unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
  114.  
  115. [l3info@localhost attr]$ id -Z
  116. unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
  117.  
  118. [l3info@localhost ~]$ getsebool -a
  119. allow_console_login --> off
  120. allow_cvs_read_shadow --> off
  121. allow_daemons_dump_core --> on
  122. allow_daemons_use_tty --> on
  123. allow_domain_fd_use --> on
  124. allow_execheap --> off
  125. allow_execmem --> off
  126. allow_execmod --> off
  127. allow_execstack --> on
  128. allow_ftpd_anon_write --> off
  129. allow_ftpd_full_access --> off
  130. allow_ftpd_use_cifs --> off
  131. allow_ftpd_use_nfs --> off
  132. ...
  133.  
  134. ssh 10.14.2.105:
  135. [l3info@localhost attr]$ cat current
  136. unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
  137. [l3info@localhost attr]$ cat prev
  138. system_u:system_r:sshd_t:s0-s0:c0.c1023
  139.  
  140.  
  141.  
  142. [root@localhost ~]# cat /proc/self/attr/prev
  143. unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
  144. apr�s changement:
  145. [root@localhost ~]# cat /proc/self/attr/prev
  146. sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023
  147.  
  148. [l3info@localhost booleans]$ ssh -l root/sysadm_r localhost
  149. root/sysadm_r@localhost's password:
  150. Last login: Wed Oct 28 11:53:55 2009 from mssi08
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!