F13: SELinux is preventing /usr/bin/updatedb "read" access on My Documents

Dan Thurman dant at cdkkt.com
Fri Oct 1 14:32:51 UTC 2010 

I get this often too, how to fix?

====================================================================
Summary:

SELinux is preventing /usr/bin/updatedb "read" access on My Documents.

Detailed Description:

SELinux denied access requested by updatedb. It is not expected that
this access
is required by updatedb and this access may signal an intrusion attempt.
It is
also possible that the specific version or configuration of the
application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                system_u:system_r:locate_t:s0-s0:c0.c1023
Target Context                system_u:object_r:samba_share_t:s0
Target Objects                My Documents [ lnk_file ]
Source                        updatedb
Source Path                   /usr/bin/updatedb
Port                          <Unknown>
Host                          host.domain.com
Source RPM Packages           mlocate-0.22.4-1.fc13
Target RPM Packages
Policy RPM                    selinux-policy-3.7.19-57.fc13
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     host.domain.com
Platform                      Linux host.domain.com
2.6.34.6-54.fc13.i686 #1 SMP
                              Sun Sep 5 17:52:31 UTC 2010 i686 i686
Alert Count                   130
First Seen                    Thu 30 Sep 2010 03:43:09 AM PDT
Last Seen                     Fri 01 Oct 2010 03:37:52 AM PDT
Local ID                      4ee4e27f-095e-4186-a718-dfeb6cb22169
Line Numbers

Raw Audit Messages

node=host.domain.com type=AVC msg=audit(1285929472.607:103678): avc:
denied  { read } for  pid=22716 comm="updatedb"
name=4D7920446F63756D656E7473 dev=sdc3 ino=83907
scontext=system_u:system_r:locate_t:s0-s0:c0.c1023
tcontext=system_u:object_r:samba_share_t:s0 tclass=lnk_file

node=host.domain.com type=SYSCALL msg=audit(1285929472.607:103678):
arch=40000003 syscall=12 success=no exit=-13 a0=9e9c8f9 a1=bfe5b6f0
a2=bfe5b8e4 a3=bfe5b6f0 items=0 ppid=22709 pid=22716 auid=0 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=6602
comm="updatedb" exe="/usr/bin/updatedb"
subj=system_u:system_r:locate_t:s0-s0:c0.c1023 key=(null)

More information about the selinux mailing list