FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 05-23-2008, 01:54 AM
Antonio Olivares
 
Default SELinux prevented umount from mounting on the file or directory "/media/.hal-mtab-lock" (type "mnt_t").

Dear all,

I have gotten a new avc., after applying the updates, the other ones disappeared Hope that was just it.

Regards,

Antonio


Summary:

SELinux prevented umount from mounting on the file or directory
"/media/.hal-mtab-lock" (type "mnt_t").

Detailed Description:

SELinux prevented umount from mounting a filesystem on the file or directory
"/media/.hal-mtab-lock" of type "mnt_t". By default SELinux limits the mounting
of filesystems to only some files or directories (those with types that have the
mountpoint attribute). The type "mnt_t" does not have this attribute. You can
either relabel the file or directory or set the boolean "allow_mount_anyfile" to
true to allow mounting on any file or directory.

Allowing Access:

Changing the "allow_mount_anyfile" boolean to true will allow this access:
"setsebool -P allow_mount_anyfile=1."

Fix Command:

setsebool -P allow_mount_anyfile=1

Additional Information:

Source Context system_u:system_r:mount_t:s0
Target Context system_ubject_r:mnt_t:s0
Target Objects /media/.hal-mtab-lock [ file ]
Source umount
Source Path /bin/umount
Port <Unknown>
Host localhost.localdomain
Source RPM Packages util-linux-ng-2.13.1-6.fc9
Target RPM Packages
Policy RPM selinux-policy-3.3.1-51.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name allow_mount_anyfile
Host Name localhost.localdomain
Platform Linux localhost.localdomain 2.6.25.3-18.fc9.x86_64
#1 SMP Tue May 13 04:54:47 EDT 2008 x86_64 x86_64
Alert Count 1
First Seen Thu 22 May 2008 03:52:14 PM CDT
Last Seen Thu 22 May 2008 03:52:14 PM CDT
Local ID b4ecd96d-7c1b-4016-84f4-b9edb6aa30c9
Line Numbers

Raw Audit Messages

host=localhost.localdomain type=AVC msg=audit(1211489534.822:146): avc: denied { read write } for pid=16678 comm="umount" path="/media/.hal-mtab-lock" dev=dm-0 ino=1785858 scontext=system_u:system_r:mount_t:s0 tcontext=system_ubject_r:mnt_t:s0 tclass=file

host=localhost.localdomain type=SYSCALL msg=audit(1211489534.822:146): arch=c000003e syscall=59 success=yes exit=0 a0=403665 a1=7fff62ce68d0 a2=7fff62ce6f58 a3=0 items=0 ppid=16677 pid=16678 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="umount" exe="/bin/umount" subj=system_u:system_r:mount_t:s0 key=(null)




--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 10:13 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org