FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Laptop

 
 
LinkBack Thread Tools
 
Old 02-06-2012, 08:04 PM
Jiho Noh
 
Default SELinux alert message

Can anyone tell me why I am getting this error message, and how do I fix this?
SELinux is preventing /usr/sbin/tmpwatch from getattr access on the None /tmp/test.txt.
***** *Plugin catchall (100. confidence) suggests ****************************

If you believe that tmpwatch should be allowed getattr access on the test.txt <Unknown> by default.Then you should report this as a bug.You can generate a local policy module to allow this access.
Doallow this access for now by executing:# grep tmpwatch /var/log/audit/audit.log | audit2allow -M mypol# semodule -i mypol.pp
Additional Information:
Source Context * * * * * * * *system_u:system_r:tmpreaper_t:s0-s0:c0.c1023Target Context * * * * * * * *unconfined_ubject_r:user_home_t:s0Target Objects * * * * * * * */tmp/test.txt [ None ]
Source * * * * * * * * * * * *tmpwatchSource Path * * * * * * * * * /usr/sbin/tmpwatchPort * * * * * * * * * * * * *<Unknown>Host * * * * * * * * * * * * *romanegloo.iubSource RPM Packages * * * * * tmpwatch-2.10.3-1.fc16.i686
Target RPM Packages * * * * **Policy RPM * * * * * * * * * *selinux-policy-3.10.0-75.fc16.noarchSelinux Enabled * * * * * * * TruePolicy Type * * * * * * * * * targetedEnforcing Mode * * * * * * * *Enforcing
Host Name * * * * * * * * * * romanegloo.iubPlatform * * * * * * * * * * *Linux romanegloo.iub 3.2.2-1.fc16.i686 #1 SMP Thu* * * * * * * * * * * * * * * Jan 26 03:38:31 UTC 2012 i686 i686
Alert Count * * * * * * * * * 1First Seen * * * * * * * * * *Mon 06 Feb 2012 03:08:09 PM ESTLast Seen * * * * * * * * * * Mon 06 Feb 2012 03:08:09 PM ESTLocal ID * * * * * * * * * * *83b9ac15-08ca-45e0-bcdb-4651d2bcc9a3

Raw Audit Messagestype=AVC msg=audit(1328558889.308:263): avc: *denied *{ getattr } for *pid=10824 comm="tmpwatch" path="/tmp/test.txt" dev=dm-1 ino=5340 scontext=system_u:system_r:tmpreaper_t:s0-s0:c0.c1023 tcontext=unconfined_ubject_r:user_home_t:s0 tclass=fifo_filenode=romanegloo.iub type=SYSCALL msg=audit(1328558889.308:263): arch=40000003 syscall=196 success=no exit=-13 a0=9a5bfdb a1=bfa3e6a8 a2=41ed3ff4 a3=9a5bfc8 items=0 ppid=10822 pid=10824 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=7 comm="tmpwatch" exe="/usr/sbin/tmpwatch" subj=system_u:system_r:tmpreaper_t:s0-s0:c0.c1023 key=(null)


Hash: tmpwatch,tmpreaper_t,user_home_t,None,getattr
audit2allow

audit2allow -R



--
노지호 (Jiho Noh)
Mobile: (+1) 812-345-7891* Home(US): (+82) 070-8289-0073* Fax: (+82) 0505-507-0555
Email: jihonoh@indiana.edu




_______________________________________________
laptop mailing list
laptop@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/laptop
 

Thread Tools




All times are GMT. The time now is 11:57 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org