SELinux is preventing dbus-daemon(/bin/dbus-daemon) (system_dbusd_t) "read" to <Unknown> (inotifyfs_t).
Antonio Olivares
olivares14031 at yahoo.com
Tue Jan 22 12:49:57 UTC 2008
Dear all,
as of yesterday's updates, I get a bunch of
dbus-deamon denials, the cpu went to 99-100% during
the update and running top showed dbus-daemon to be up
there causing trouble. When I rebooted the machine,
Selinux caught the act which is summarized below.
Thanks,
Antonio
Summary:
SELinux is preventing dbus-daemon(/bin/dbus-daemon)
(system_dbusd_t) "read" to <Unknown>
(inotifyfs_t).
Detailed Description:
SELinux denied access requested by
dbus-daemon(/bin/dbus-daemon). It is not
expected that this access is required by
dbus-daemon(/bin/dbus-daemon) and this
access may signal an intrusion attempt. It is also
possible that the specific
version or configuration of the application is causing
it to require additional
access.
Allowing Access:
Sometimes labeling problems can cause SELinux denials.
You could try to restore
the default system file context for <Unknown>,
restorecon -v <Unknown>
If this does not work, there is currently no automatic
way to allow this access.
Instead, you can generate a local policy module to
allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385)
Or you can disable
SELinux protection altogether. Disabling SELinux
protection is not recommended.
Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context
system_u:system_r:system_dbusd_t
Target Context
system_u:object_r:inotifyfs_t
Target Objects None [ dir ]
Source
dbus-daemon(/bin/dbus-daemon)
Port <Unknown>
Host localhost
Source RPM Packages
Target RPM Packages
Policy RPM
selinux-policy-3.2.5-12.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall_file
Host Name localhost
Platform Linux localhost
2.6.24-0.155.rc7.git6.fc9 #1 SMP
Tue Jan 15 17:52:31 EST
2008 i686 athlon
Alert Count 1026
First Seen Mon 21 Jan 2008 07:18:32
AM CST
Last Seen Mon 21 Jan 2008 07:19:08
AM CST
Local ID
4b1ce20c-c683-40fb-a014-85dbe8d69052
Line Numbers
Raw Audit Messages
host=localhost type=AVC
msg=audit(1200921548.546:1057): avc: denied { read }
for pid=1898 comm="dbus-daemon" path="inotify"
dev=inotifyfs ino=1
scontext=system_u:system_r:system_dbusd_t:s0
tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir
host=localhost type=SYSCALL
msg=audit(1200921548.546:1057): arch=40000003
syscall=3 success=no exit=-13 a0=5 a1=bfae1fe0 a2=10
a3=b8608508 items=0 ppid=1 pid=1898 auid=4294967295
uid=81 gid=81 euid=81 suid=81 fsuid=81 egid=81 sgid=81
fsgid=81 tty=(none) comm="dbus-daemon"
exe="/bin/dbus-daemon"
subj=system_u:system_r:system_dbusd_t:s0 key=(null)
____________________________________________________________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs
More information about the test
mailing list