SELinux is preventing access to files with the label, file_t.
Andrew Farris
lordmorgul at gmail.com
Tue Mar 4 19:52:13 UTC 2008
Andrew Farris wrote:
> I have hundreds of denials that happened with gconfd-2 a few days ago
> (socket files in tmp mostly). Now I see many of these accesses
> prevented to file_t.
>
> Files such as:
> ./keyring-vaxTjg
> /tmp/fahcore-iolock.txt <- I'm running folding at home, it is doing that
> ./kdecache-lordmorgul
> /tmp/pulse-lordmorgul/pid
> /tmp/banshee-NDesk.DBus.Bus.txt
> /tmp/gnome-system-monitor.lordmorgul.777456431
> ./virtual-lordmorgul.4FvBXq
> ./.esd-500
> ./fah
> ./virtual-lordmorgul.xxxxx/
>
> And more. These are all accesses denied to /usr/sbin/tmpwatch, files
> (normal and sockets) and directories all labeled file_t.
Most of these are older files and directories as well. Is autorelabel *not*
clearing out tmp when it labels? I wonder if it is failing to apply any label
to these at that time?
Andrew Farris <lordmorgul at gmail.com> www.lordmorgul.net
gpg 0xC99B1DF3 fingerprint CDEC 6FAD BA27 40DF 707E A2E0 F0F6 E622 C99B 1DF3
No one now has, and no one will ever again get, the big picture. - Daniel Geer
---- ----
More information about the fedora-test-list
mailing list