SELinux is preventing access to files with the label, file_t.

Andrew Farris lordmorgul at gmail.com
Tue Mar 4 19:48:51 UTC 2008


Antonio Olivares wrote:
>>> SELinux is preventing access to files with the
>> label,
>>> file_t.

>> Is this file being created from a virtual machine? 
>> How is this file
>> getting there?

In my case it is definitely not a virtual machine (I'm not running any on that 
box), but I'm seeing the same thing happen with a variety of files in /tmp. 
They all seem to be session data files of some type.

I have hundreds of denials that happened with gconfd-2 a few days ago (socket 
files in tmp mostly).  Now I see many of these accesses prevented to file_t.

Files such as:
./keyring-vaxTjg
/tmp/fahcore-iolock.txt  <- I'm running folding at home, it is doing that
./kdecache-lordmorgul
/tmp/pulse-lordmorgul/pid
/tmp/banshee-NDesk.DBus.Bus.txt
/tmp/gnome-system-monitor.lordmorgul.777456431
./virtual-lordmorgul.4FvBXq
./.esd-500
./fah
./virtual-lordmorgul.xxxxx/

And more.  These are all accesses denied to /usr/sbin/tmpwatch, files (normal 
and sockets) and directories all labeled file_t.

This list is about a third of the denials I've seen pop up just this morning. 
I've seen this occurring for several days (if not more than a week) just have 
not dealt with it yet.  The issue is probably not a very recent change.  I've 
had several relabels, new kernels, and new policy while seeing this same issue, 
many denials to /usr/bin/tmpwatch for file_t.

-- 
Andrew Farris <lordmorgul at gmail.com> www.lordmorgul.net
  gpg 0xC99B1DF3 fingerprint CDEC 6FAD BA27 40DF 707E A2E0 F0F6 E622 C99B 1DF3
No one now has, and no one will ever again get, the big picture. - Daniel Geer
----                                                                       ----




More information about the test mailing list