updatedb (locate_t) "read" fusefs_t.
Arthur Dent
misc.lists at blueyonder.co.uk
Wed Jan 13 13:42:30 UTC 2010
Hello All,
I have a NTFS partition mounted by fstab at boot time on my F11 system.
Recently I have been getting screeds and screeds of AVCs each time
updatedb runs (daily) - See below for an example.
A bit of googling revealed Bug 549602
https://bugzilla.redhat.com/show_bug.cgi?id=549602 which seems similar.
Although fixed, it relates to F12. Unless I have missed something (quite
probable) I can't see a similar fix for F11.
My questions are therefore:
1) Is there a similar fix for F11?
2) Will that solve my problem?
3) If not, what should I do?
I am running:
selinux-policy-targeted-3.6.12-92.fc11.noarch
selinux-policy-3.6.12-92.fc11.noarch
Thanks in advance
Mark
======================8<=================================================
Summary:
SELinux is preventing updatedb (locate_t) "read" fusefs_t.
Detailed Description:
SELinux denied access requested by updatedb. It is not expected that this access
is required by updatedb and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context system_u:system_r:locate_t:s0-s0:c0.c1023
Target Context system_u:object_r:fusefs_t:s0
Target Objects /mnt/ntfs/Users/Mark/Cookies [ lnk_file ]
Source updatedb
Source Path /usr/bin/updatedb
Port <Unknown>
Host localhost.localdomain
Source RPM Packages mlocate-0.22-1
Target RPM Packages
Policy RPM selinux-policy-3.6.12-92.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name localhost.localdomain
Platform Linux localhost.localdomain
2.6.30.10-105.fc11.i686.PAE #1 SMP Thu Dec 24
16:41:17 UTC 2009 i686 i686
Alert Count 3
First Seen Mon 11 Jan 2010 09:22:03 GMT
Last Seen Wed 13 Jan 2010 08:27:02 GMT
Local ID f5c7a401-052c-4149-b79c-d5bef7725b9d
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1263371222.110:58): avc: denied { read } for pid=4574 comm="updatedb" name="Cookies" dev=sda3 ino=86736 scontext=system_u:system_r:locate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file
node=localhost.localdomain type=SYSCALL msg=audit(1263371222.110:58): arch=40000003 syscall=12 success=no exit=-13 a0=8e1e6f9 a1=bfcd3510 a2=bfcd36f4 a3=bfcd3510 items=0 ppid=4568 pid=4574 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0-s0:c0.c1023 key=(null)
More information about the selinux
mailing list