2. setroubleshoot
3. main/plugins
4. Danish
5. Browse

1 / 12

/ 12

All strings

• Untranslated strings • state:empty
• Unfinished strings • state:<translated
• Translated strings • state:>=translated
• Strings marked for edit • state:needs-editing
• Strings with suggestions • has:suggestion
• Strings with variants • has:variant
• Strings with labels • has:label
• Strings with context • has:context
• Unfinished strings without suggestions • state:<translated AND NOT has:suggestion
• Strings with comments • has:comment
• Strings with any failing checks • has:check
• Approved strings • state:approved
• Strings waiting for review • state:translated

Position and priority

• Position and priority
• Position
• Priority
• Labels
• Source string
• Target string
• String age
• Number of words
• Number of comments
• Number of failing checks
• Key

	English	Danish
	SELinux policy is preventing an httpd script from writing to a public directory.
	SELinux policy is preventing an httpd script from writing to a public directory. If httpd is not setup to write to public directories, this could signal an intrusion attempt.
	If httpd scripts should be allowed to write to public directories you need to turn on the $BOOLEAN boolean and change the file context of the public directory to public_content_rw_t. Read the httpd_selinux man page for further information: "setsebool -P $BOOLEAN=1; chcon -t public_content_rw_t <path>" You must also change the default file context labeling files on the system in order to preserve public directory labeling even on a full relabel. "semanage fcontext -a -t public_content_rw_t <path>"
	If you want to allow $SOURCE_PATH to be able to write to shared public content
	you need to change the label on $TARGET_PATH to public_content_rw_t, and potentially turn on the allow_httpd_sys_script_anon_write boolean.
	SELinux is preventing $SOURCE_PATH from changing the access protection of memory on the heap.
	The $SOURCE application attempted to change the access protection of memory on the heap (e.g., allocated using malloc). This is a potential security problem. Applications should not be doing this. Applications are sometimes coded incorrectly and request this permission. The <a href="http://people.redhat.com/drepper/selinux-mem.html">SELinux Memory Protection Tests</a> web page explains how to remove this requirement. If $SOURCE does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed. Please file a bug report against this package.
	If you want $SOURCE to continue, you must turn on the $BOOLEAN boolean. Note: This boolean will affect all applications on the system.
	If you do not think $SOURCE_PATH should need to map heap memory that is both writable and executable.
	you need to report a bug. This is a potentially dangerous access.
	Contact your security administrator and report this issue.
	SELinux is preventing $SOURCE_PATH from loading $TARGET_PATH which requires text relocation.
	The $SOURCE application attempted to load $TARGET_PATH which requires text relocation. This is a potential security problem. Most libraries do not need this permission. Libraries are sometimes coded incorrectly and request this permission. The <a href="http://people.redhat.com/drepper/selinux-mem.html">SELinux Memory Protection Tests</a> web page explains how to remove this requirement. You can configure SELinux temporarily to allow $TARGET_PATH to use relocation as a workaround, until the library is fixed. Please file a bug report.
	The $SOURCE application attempted to load $TARGET_PATH which requires text relocation. This is a potential security problem. Most libraries should not need this permission. The <a href="http://people.redhat.com/drepper/selinux-mem.html"> SELinux Memory Protection Tests</a> web page explains this check. This tool examined the library and it looks like it was built correctly. So setroubleshoot can not determine if this application is compromised or not. This could be a serious issue. Your system may very well be compromised. Contact your security administrator and report this issue.
	If you trust $TARGET_PATH to run correctly, you can change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t '$TARGET_PATH'" You must also change the default file context files on the system in order to preserve them even on a full relabel. "semanage fcontext -a -t textrel_shlib_t '$FIX_TARGET_PATH'"
	Change label on the library.
	SELinux is preventing $SOURCE_PATH from making the program stack executable.
	The $SOURCE application attempted to make its stack executable. This is a potential security problem. This should never ever be necessary. Stack memory is not executable on most OSes these days and this will not change. Executable stack memory is one of the biggest security problems. An execstack error might in fact be most likely raised by malicious code. Applications are sometimes coded incorrectly and request this permission. The <a href="http://people.redhat.com/drepper/selinux-mem.html">SELinux Memory Protection Tests</a> web page explains how to remove this requirement. If $SOURCE does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed. Please file a bug report.
	Sometimes a library is accidentally marked with the execstack flag, if you find a library with this flag you can clear it with the execstack -c LIBRARY_PATH. Then retry your application. If the app continues to not work, you can turn the flag back on with execstack -s LIBRARY_PATH.
	If you do not think $SOURCE_PATH should need to map stack memory that is both writable and executable.