installing xine from source yields lots of selinux denials
Antonio Olivares
olivares14031 at yahoo.com
Tue Nov 18 13:49:15 UTC 2008
Dear all,
Trying to install xine-lib from source *to put in the missing pieces* gives selinux denials with chcon
Summary:
SELinux is preventing chcon (unconfined_t) "mac_admin" unconfined_t.
Detailed Description:
SELinux denied access requested by chcon. It is not expected that this access is
required by chcon and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context unconfined_u:unconfined_r:unconfined_t:s0
Target Context unconfined_u:unconfined_r:unconfined_t:s0
Target Objects None [ capability2 ]
Source chcon
Source Path /usr/bin/chcon
Port <Unknown>
Host emachines-3
Source RPM Packages coreutils-6.12-17.fc10
Target RPM Packages
Policy RPM selinux-policy-3.5.13-18.fc10
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name emachines-3
Platform Linux emachines-3 2.6.27.5-109.fc10.x86_64 #1 SMP
Thu Nov 13 20:12:05 EST 2008 x86_64 x86_64
Alert Count 60
First Seen Tue 18 Nov 2008 07:47:03 AM CST
Last Seen Tue 18 Nov 2008 07:48:36 AM CST
Local ID 395c28ed-1aab-4d88-9105-57cecfd55b14
Line Numbers
Raw Audit Messages
node=emachines-3 type=AVC msg=audit(1227016116.77:132): avc: denied { mac_admin } for pid=3757 comm="chcon" capability=33 scontext=unconfined_u:unconfined_r:unconfined_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=capability2
node=emachines-3 type=SYSCALL msg=audit(1227016116.77:132): arch=c000003e syscall=188 success=no exit=-22 a0=133e670 a1=6236f9 a2=133fa40 a3=21 items=0 ppid=3751 pid=3757 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="chcon" exe="/usr/bin/chcon" subj=unconfined_u:unconfined_r:unconfined_t:s0 key=(null)
Thanks,
Antonio
More information about the selinux
mailing list