-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/01/2010 11:07 AM, Dominick Grift wrote:
On Fri, Oct 01, 2010 at 07:30:38AM -0700, Dan Thurman wrote:
>
> Below happened 224 times.
>
> How can I fix this?
I do not think samba_share_t is a type usable for filesystems. What are you trying to do
and did that type end up on a filesystem object?
>
> ===========================================================================
> Summary:
>
> SELinux is preventing /usr/sbin/smbd "quotaget" access .
>
> Detailed Description:
>
> SELinux denied access requested by smbd. It is not expected that this
> access is
> required by smbd and this access may signal an intrusion attempt. It is also
> possible that the specific version or configuration of the application is
> causing it to require additional access.
>
> Allowing Access:
>
> You can generate a local policy module to allow this access - see FAQ
> (
http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
> report.
>
> Additional Information:
>
> Source Context system_u:system_r:smbd_t:s0
> Target Context system_u:object_r:samba_share_t:s0
> Target Objects None [ filesystem ]
> Source smbd
> Source Path /usr/sbin/smbd
> Port <Unknown>
> Host (removed)
> Source RPM Packages samba-3.5.5-68.fc13
> Target RPM Packages
> Policy RPM selinux-policy-3.7.19-57.fc13
> Selinux Enabled True
> Policy Type targeted
> Enforcing Mode Enforcing
> Plugin Name catchall
> Host Name (removed)
> Platform Linux
host.domain.com
> 2.6.34.6-54.fc13.i686 #1 SMP
> Sun Sep 5 17:52:31 UTC 2010 i686 i686
> Alert Count 224
> First Seen Thu 30 Sep 2010 11:32:04 AM PDT
> Last Seen Thu 30 Sep 2010 09:18:41 PM PDT
> Local ID 01035ab1-2396-4e92-9b1e-09645d976534
> Line Numbers
>
> Raw Audit Messages
>
>
node=host.domain.com type=AVC msg=audit(1285906721.444:102672): avc:
> denied { quotaget } for pid=17451 comm="smbd"
> scontext=system_u:system_r:smbd_t:s0
> tcontext=system_u:object_r:samba_share_t:s0 tclass=filesystem
>
>
node=host.domain.com type=SYSCALL msg=audit(1285906721.444:102672):
> arch=40000003 syscall=131 success=no exit=-13 a0=80000701 a1=1282200
> a2=1f5 a3=bfdb5d7c items=0 ppid=2144 pid=17451 auid=4294967295 uid=0
> gid=0 euid=501 suid=501 fsuid=501 egid=501 sgid=501 fsgid=501 tty=(none)
> ses=4294967295 comm="smbd" exe="/usr/sbin/smbd"
> subj=system_u:system_r:smbd_t:s0 key=(null)
>
>
> --
> selinux mailing list
> selinux(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
> --
> selinux mailing list
> selinux(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/selinux -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAkyl+9AACgkQrlYvE4MpobM3hACfUoU/yMdpb9zHonJaBq4QCdr0
05QAoL0XzlUCI482LIWpAXJJnziMe1hC
=acNi
-----END PGP SIGNATURE-----