Changes between Initial Version and Version 2 of Ticket #1819
- Timestamp:
- Nov 17, 2008 7:57:42 AM (15 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #1819
- Property Component other → installer
-
Ticket #1819 – Description
initial v2 3 3 SElinux-entry (example): 4 4 5 Zusammenfassung 5 '''Zusammenfassung'''[[BR]] 6 6 SELinux is preventing tmpwatch (tmpreaper_t) "getattr" to /tmp/vbox.1/r0drv/linux/thread-r0drv-linux.c (usr_t). 7 7 8 Detaillierte Beschreibung 8 '''Detaillierte Beschreibung'''[[BR]] 9 9 SELinux denied access requested by tmpwatch. It is not expected that this access is required by tmpwatch and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. 10 10 11 Zugriff erlauben 11 '''Zugriff erlauben'''[[BR]] 12 12 Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /tmp/vbox.1/r0drv/linux/thread-r0drv-linux.c, restorecon -v '/tmp/vbox.1/r0drv/linux/thread-r0drv-linux.c' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package. 13 13 14 Zusätzliche Informationen 15 14 '''Zusätzliche Informationen''' 15 {{{ 16 16 Quellkontext: system_u:system_r:tmpreaper_t:s0 17 17 Zielkontext: system_u:object_r:usr_t:s0 … … 36 36 Lokale ID: e537c7ad-5b7a-4209-b64d-2e84da7c6588 37 37 Zeilennummern: 38 }}} 39 '''Raw-Audit-Meldungen:''' 40 {{{ 41 host=localhost.localdomain type=AVC msg=audit(1215342893.145:140): 42 avc: denied { getattr } for pid=8878 comm="tmpwatch" 43 path="/tmp/vbox.1/r0drv/linux/thread-r0drv-linux.c" dev=dm-0 44 ino=1516418 scontext=system_u:system_r:tmpreaper_t:s0 45 tcontext=system_u:object_r:usr_t:s0 tclass=file 38 46 39 Raw-Audit-Meldungen:40 host=localhost.localdomain type=AVC msg=audit(1215342893.145:140): avc: denied { getattr } for pid=8878 comm="tmpwatch" path="/tmp/vbox.1/r0drv/linux/thread-r0drv-linux.c" dev=dm-0 ino=1516418 scontext=system_u:system_r:tmpreaper_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=file 41 42 host=localhost.localdomain type=SYSCALL msg=audit(1215342893.145:140): arch=c000003e syscall=6 success=no exit=-13 a0=1910bdb a1=7ffff8d67190 a2=7ffff8d67190 a3=7f6cf0d516f0 items=0 ppid=8876 pid=8878 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)ses=4294967295 comm="tmpwatch" exe="/usr/sbin/tmpwatch" subj=system_u:system_r:tmpreaper_t:s0 key=(null)43 47 host=localhost.localdomain type=SYSCALL msg=audit(1215342893.145:140): 48 arch=c000003e syscall=6 success=no exit=-13 a0=1910bdb a1=7ffff8d67190 a2=7ffff8d67190 a3=7f6cf0d516f0 49 items=0 ppid=8876 pid=8878 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) 50 ses=4294967295 comm="tmpwatch" exe="/usr/sbin/tmpwatch" subj=system_u:system_r:tmpreaper_t:s0 key=(null) 51 }}} 44 52 Please contact dwalsh on irc.freenode.net channel #selinux to solve this issue. 45 53 Regards