F13: SELinux is preventing /usr/sbin/smbd "quotaget" access

Dan Thurman dant at cdkkt.com
Fri Oct 1 14:30:38 UTC 2010 

Below happened 224 times.

How can I fix this?

===========================================================================
Summary:

SELinux is preventing /usr/sbin/smbd "quotaget" access .

Detailed Description:

SELinux denied access requested by smbd. It is not expected that this
access is
required by smbd and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                system_u:system_r:smbd_t:s0
Target Context                system_u:object_r:samba_share_t:s0
Target Objects                None [ filesystem ]
Source                        smbd
Source Path                   /usr/sbin/smbd
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           samba-3.5.5-68.fc13
Target RPM Packages
Policy RPM                    selinux-policy-3.7.19-57.fc13
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     (removed)
Platform                      Linux host.domain.com
2.6.34.6-54.fc13.i686 #1 SMP
                              Sun Sep 5 17:52:31 UTC 2010 i686 i686
Alert Count                   224
First Seen                    Thu 30 Sep 2010 11:32:04 AM PDT
Last Seen                     Thu 30 Sep 2010 09:18:41 PM PDT
Local ID                      01035ab1-2396-4e92-9b1e-09645d976534
Line Numbers

Raw Audit Messages

node=host.domain.com type=AVC msg=audit(1285906721.444:102672): avc:
denied  { quotaget } for  pid=17451 comm="smbd"
scontext=system_u:system_r:smbd_t:s0
tcontext=system_u:object_r:samba_share_t:s0 tclass=filesystem

node=host.domain.com type=SYSCALL msg=audit(1285906721.444:102672):
arch=40000003 syscall=131 success=no exit=-13 a0=80000701 a1=1282200
a2=1f5 a3=bfdb5d7c items=0 ppid=2144 pid=17451 auid=4294967295 uid=0
gid=0 euid=501 suid=501 fsuid=501 egid=501 sgid=501 fsgid=501 tty=(none)
ses=4294967295 comm="smbd" exe="/usr/sbin/smbd"
subj=system_u:system_r:smbd_t:s0 key=(null)

More information about the selinux mailing list