Is anybody else seeing this?
I have seen it before. I have not added other
disks/drives. I do not know what file_t is?
I ask why should I do this:
"touch /.autorelabel; reboot"
?
It takes a big while. I have already allowed a stack
from new firefox3.0 beta.
[root@localhost ~]# chcon -t unconfined_execmem_exec_t
/usr/lib/firefox-3.0b3pre/firefox
because it complains as well.
Thanks,
Antonio
Summary:
SELinux is preventing access to files with the label,
file_t.
Detailed Description:
SELinux permission checks on files labeled file_t are
being denied. file_t is
the context the SELinux kernel gives to files that do
not have a label. This
indicates a serious labeling problem. No files on an
SELinux box should ever be
labeled file_t. If you have just added a new disk
drive to the system you can
relabel it using the restorecon command. Otherwise you
should relabel the entire
files system.
Allowing Access:
You can execute the following command as root to
relabel your computer system:
"touch /.autorelabel; reboot"
Additional Information:
Source Context
system_u:system_r:tmpreaper_t
Target Context system_u:object_r:file_t
Target Objects
/tmp/virtual-olivares.p28akz [ dir ]
Source
tmpwatch(/usr/sbin/tmpwatch)
Port <Unknown>
Host localhost
Source RPM Packages
Target RPM Packages
Policy RPM
selinux-policy-3.2.5-12.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name file
Host Name localhost
Platform Linux localhost
2.6.24-0.150.rc7.git4.fc9 #1 SMP
Sat Jan 12 11:44:09 EST
2008 i686 athlon
Alert Count 1
First Seen Wed 16 Jan 2008 08:48:19
AM CST
Last Seen Wed 16 Jan 2008 08:48:19
AM CST
Local ID
ac67f7f5-25da-43ef-8f11-682504e2a274
Line Numbers
Raw Audit Messages
host=localhost type=AVC msg=audit(1200494899.124:38):
avc: denied { getattr } for pid=3073
comm="tmpwatch" path="/tmp/virtual-olivares.p28akz"
dev=dm-0 ino=31391794
scontext=system_u:system_r:tmpreaper_t:s0
tcontext=system_u:object_r:file_t:s0 tclass=dir
host=localhost type=SYSCALL
msg=audit(1200494899.124:38): arch=40000003
syscall=196 success=no exit=-13 a0=99f65bb a1=bfc24780
a2=5feff4 a3=99f6008 items=0 ppid=3071 pid=3073
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) comm="tmpwatch"
exe="/usr/sbin/tmpwatch"
subj=system_u:system_r:tmpreaper_t:s0 key=(null)
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now.
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ