Re: SELinux is preventing access to files with the label, file_t.
--- Daniel J Walsh <dwalsh(a)redhat.com> wrote:
> Great to hear that Andrew, I
thought I was the
only
> one experiencing this kind of denials with the
file_t.
> I have done touch ./autorelabel; reboot several
times
> already and that is why I submit the
setroubleshoot
> complaints.
> Regards,
> Antonio
>
____________________________________________________________________________________
https://www.redhat.com/mailman/listinfo/fedora-test-list
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now.
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Antonio Olivares wrote:
> --- Andrew Farris <lordmorgul(a)gmail.com> wrote:
>> Antonio Olivares wrote:
>>>>> SELinux is preventing access to files with the
>>>> label,
>>>>> file_t.
>>>> Is this file being created from a virtual
>> machine?
>>>> How is this file
>>>> getting there?
>> In my case it is definitely not a virtual machine
>> (I'm not running any on that
>> box), but I'm seeing the same thing happen with a
>> variety of files in /tmp.
>> They all seem to be session data files of some
type.
>>
>> I have hundreds of denials that happened with
>> gconfd-2 a few days ago (socket
>> files in tmp mostly). Now I see many of these
>> accesses prevented to file_t.
>>
>> Files such as:
>> ./keyring-vaxTjg
>> /tmp/fahcore-iolock.txt <- I'm running folding
at
>> home, it is doing that
>> ./kdecache-lordmorgul
>> /tmp/pulse-lordmorgul/pid
>> /tmp/banshee-NDesk.DBus.Bus.txt
>> /tmp/gnome-system-monitor.lordmorgul.777456431
>> ./virtual-lordmorgul.4FvBXq
>> ./.esd-500
>> ./fah
>> ./virtual-lordmorgul.xxxxx/
>>
>> And more. These are all accesses denied to
>> /usr/sbin/tmpwatch, files (normal
>> and sockets) and directories all labeled file_t.
>>
>> This list is about a third of the denials I've
seen
>> pop up just this morning.
>> I've seen this occurring for several days (if not
>> more than a week) just have
>> not dealt with it yet. The issue is probably not
a
>> very recent change. I've
>> had several relabels, new kernels, and new policy
>> while seeing this same issue,
>> many denials to /usr/bin/tmpwatch for file_t.
>>
>> --
>> Andrew Farris <lordmorgul(a)gmail.com>
>> www.lordmorgul.net
>> gpg 0xC99B1DF3 fingerprint CDEC 6FAD BA27 40DF
>> 707E A2E0 F0F6 E622 C99B 1DF3
>> No one now has, and no one will ever again get,
the
>> big picture. - Daniel Geer
>> ----
>> ----
>>
>> --
>> fedora-test-list mailing list
>> fedora-test-list(a)redhat.com
>> To unsubscribe:
>>
>
https://www.redhat.com/mailman/listinfo/fedora-test-list
> Never miss a thing. Make Yahoo your home page.
> http://www.yahoo.com/r/hs
Can you just delete these files from /tmp/
They may have been there before the relabel.
restorecon and fixfiles do not touch certain
directories /tmp being one
of them.
Do I remove everything from /tmp/?
Is there a nice script that can do the job?
Thanks,
Antonio
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iEYEARECAAYFAkfNu4MACgkQrlYvE4MpobObeQCgnNaaSY23kdHIRx9BWsLHe+YX
PrcAn3AZslkmVE/YB6VKH1x1Aupr/xAF
=ntpr
-----END PGP SIGNATURE-----
--
fedora-test-list mailing list
fedora-test-list(a)redhat.com
To unsubscribe: