FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Laptop
Reload this Page SELinux alert message

 
 
LinkBack Thread Tools
 
Old 02-06-2012, 08:04 PM
Jiho Noh
 
Default SELinux alert message
Can anyone tell me why I am getting this error message, and how do I fix this?
SELinux is preventing /usr/sbin/tmpwatch from getattr access on the None /tmp/test.txt.
***** Â*Plugin catchall (100. confidence) suggests Â****************************

If you believe that tmpwatch should be allowed getattr access on the test.txt <Unknown> by default.Then you should report this as a bug.You can generate a local policy module to allow this access.
Doallow this access for now by executing:# grep tmpwatch /var/log/audit/audit.log | audit2allow -M mypol# semodule -i mypol.pp
Additional Information:
Source Context Â* Â* Â* Â* Â* Â* Â* Â*system_u:system_r:tmpreaper_t:s0-s0:c0.c1023Target Context Â* Â* Â* Â* Â* Â* Â* Â*unconfined_ubject_r:user_home_t:s0Target Objects Â* Â* Â* Â* Â* Â* Â* Â*/tmp/test.txt [ None ]
Source Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â*tmpwatchSource Path Â* Â* Â* Â* Â* Â* Â* Â* Â* /usr/sbin/tmpwatchPort Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â*<Unknown>Host Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â*romanegloo.iubSource RPM Packages Â* Â* Â* Â* Â* tmpwatch-2.10.3-1.fc16.i686
Target RPM Packages Â* Â* Â* Â* Â*Â*Policy RPM Â* Â* Â* Â* Â* Â* Â* Â* Â* Â*selinux-policy-3.10.0-75.fc16.noarchSelinux Enabled Â* Â* Â* Â* Â* Â* Â* TruePolicy Type Â* Â* Â* Â* Â* Â* Â* Â* Â* targetedEnforcing Mode Â* Â* Â* Â* Â* Â* Â* Â*Enforcing
Host Name Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* romanegloo.iubPlatform Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â*Linux romanegloo.iub 3.2.2-1.fc16.i686 #1 SMP ThuÂ* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Jan 26 03:38:31 UTC 2012 i686 i686
Alert Count Â* Â* Â* Â* Â* Â* Â* Â* Â* 1First Seen Â* Â* Â* Â* Â* Â* Â* Â* Â* Â*Mon 06 Feb 2012 03:08:09 PM ESTLast Seen Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Mon 06 Feb 2012 03:08:09 PM ESTLocal ID Â* Â* Â* Â* Â* Â* Â* Â* Â* Â* Â*83b9ac15-08ca-45e0-bcdb-4651d2bcc9a3

Raw Audit Messagestype=AVC msg=audit(1328558889.308:263): avc: Â*denied Â*{ getattr } for Â*pid=10824 comm="tmpwatch" path="/tmp/test.txt" dev=dm-1 ino=5340 scontext=system_u:system_r:tmpreaper_t:s0-s0:c0.c1023 tcontext=unconfined_ubject_r:user_home_t:s0 tclass=fifo_filenode=romanegloo.iub type=SYSCALL msg=audit(1328558889.308:263): arch=40000003 syscall=196 success=no exit=-13 a0=9a5bfdb a1=bfa3e6a8 a2=41ed3ff4 a3=9a5bfc8 items=0 ppid=10822 pid=10824 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=7 comm="tmpwatch" exe="/usr/sbin/tmpwatch" subj=system_u:system_r:tmpreaper_t:s0-s0:c0.c1023 key=(null)


Hash: tmpwatch,tmpreaper_t,user_home_t,None,getattr
audit2allow

audit2allow -R



--
노지호 (Jiho Noh)
Mobile: (+1) 812-345-7891Â* Home(US): (+82) 070-8289-0073Â* Fax: (+82) 0505-507-0555
Email: jihonoh@indiana.edu




_______________________________________________
laptop mailing list
laptop@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/laptop
 

Thread Tools




All times are GMT. The time now is 03:55 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -