When I debug (local compiled executable) as user with gdb I get this
d:
[selinux-policy-3.7.19-39.fc13.noarch]
gene/
------------------------------
Summary:
SELinux is preventing /usr/bin/gdb "write" access on
/usr/share/glib-2.0/gdb.
Detailed Description:
SELinux denied access requested by gdb. It is not expected that this
access is
required by gdb and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.
...
Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:usr_t:s0
Target Objects /usr/share/glib-2.0/gdb [ dir ]
Source gdb
Source Path /usr/bin/gdb
Port <Unknown>
Host
lap1.prv.sapience.com
Source RPM Packages gdb-7.1-23.fc13
Target RPM Packages glib2-devel-2.24.1-1.fc13
Policy RPM selinux-policy-3.7.19-21.fc13
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name catchall
Host Name
lap1.prv.sapience.com
Platform Linux
lap1.prv.sapience.com
2.6.33.5-112.fc13.x86_64 #1 SMP Thu May 27
02:28:31 UTC 2010 x86_64 x86_64
Alert Count 2
First Seen Mon 31 May 2010 06:39:33 PM EDT
Last Seen Mon 31 May 2010 06:39:33 PM EDT
Local ID 93cf7fa2-26ba-4ce9-8bec-2d73222d4602
Line Numbers
Raw Audit Messages
node=lap1.prv.sapience.com type=AVC msg=audit(1275345573.390:33574):
avc: denied { write } for pid=6060 comm="gdb" name="gdb" dev=sda8
ino=929092 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:usr_t:s0 tclass=dir
node=lap1.prv.sapience.com type=SYSCALL msg=audit(1275345573.390:33574):
arch=c000003e syscall=2 success=no exit=-13 a0=7fffc10c7b30 a1=2c1
a2=81a4 a3=7fcbd6e98ad0 items=0 ppid=6058 pid=6060 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="gdb" exe="/usr/bin/gdb"
subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
It seems odd to me that gdb is running as xdm_t. Can you give the output
of ls -Z /usr/bin/gdb and also matchpathcon /usr/bin/gdb
Dave