[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

SELinux is preventing access to files with the label, file_t.

Is anybody else seeing this?

I have seen it before.  I have not added other
disks/drives.  I do not know what file_t is?

I ask why should I do this:

"touch /.autorelabel; reboot"

It takes a big while.  I have already allowed a stack
from new firefox3.0 beta.  

[root localhost ~]# chcon -t unconfined_execmem_exec_t

because it complains as well.  




SELinux is preventing access to files with the label,

Detailed Description:

SELinux permission checks on files labeled file_t are
being denied. file_t is
the context the SELinux kernel gives to files that do
not have a label. This
indicates a serious labeling problem. No files on an
SELinux box should ever be
labeled file_t. If you have just added a new disk
drive to the system you can
relabel it using the restorecon command. Otherwise you
should relabel the entire
files system.

Allowing Access:

You can execute the following command as root to
relabel your computer system:
"touch /.autorelabel; reboot"

Additional Information:

Source Context               
Target Context                system_u:object_r:file_t
Target Objects               
/tmp/virtual-olivares.p28akz [ dir ]
Port                          <Unknown>
Host                          localhost
Source RPM Packages           
Target RPM Packages           
Policy RPM                   
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   file
Host Name                     localhost
Platform                      Linux localhost
2.6.24-0.150.rc7.git4.fc9 #1 SMP
                              Sat Jan 12 11:44:09 EST
2008 i686 athlon
Alert Count                   1
First Seen                    Wed 16 Jan 2008 08:48:19
Last Seen                     Wed 16 Jan 2008 08:48:19
Local ID                     
Line Numbers                  

Raw Audit Messages            

host=localhost type=AVC msg=audit(1200494899.124:38):
avc:  denied  { getattr } for  pid=3073
comm="tmpwatch" path="/tmp/virtual-olivares.p28akz"
dev=dm-0 ino=31391794
tcontext=system_u:object_r:file_t:s0 tclass=dir

host=localhost type=SYSCALL
msg=audit(1200494899.124:38): arch=40000003
syscall=196 success=no exit=-13 a0=99f65bb a1=bfc24780
a2=5feff4 a3=99f6008 items=0 ppid=3071 pid=3073
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="tmpwatch"
subj=system_u:system_r:tmpreaper_t:s0 key=(null)

Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]