selinux is now denying its own manager
Daniel J Walsh
dwalsh at redhat.com
Tue Aug 5 13:12:04 UTC 2008
Gene Heskett wrote:
> On Monday 04 August 2008, Daniel J Walsh wrote:
>> Gene Heskett wrote:
>>> Greetings;
>>>
>>> I just did a yumex update which included the python and semanage updates,
>>> and selinux positively threw a fit.
>>>
>>> setroubleshooter says I now have 47 brand new copies of this:
>>>
>>> host=coyote.coyote.den type=AVC msg=audit(1217637926.43:906): avc: denied
>>> { sys_tty_config } for pid=2768 comm="semanage" capability=26
>>> scontext=system_u:system_r:semanage_t:s0
>>> tcontext=system_u:system_r:semanage_t:s0 tclass=capability
>>>
>>> host=coyote.coyote.den type=SYSCALL msg=audit(1217637926.43:906):
>>> arch=40000003 syscall=54 success=yes exit=0 a0=1 a1=5401 a2=bfd9796c
>>> a3=bfd97a8c items=0 ppid=2762 pid=2768 auid=0 uid=0 gid=0 euid=0 suid=0
>>> fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="semanage"
>>> exe="/usr/bin/python" subj=system_u:system_r:semanage_t:s0 key=(null)
>>>
>>> Fixable?
>>>
>>> Thanks.
>> These should be fixed in latest Rawhide and Fedora 9 policy.
>
> I'm running F8 Daniel. This s/b backported to F8, that is where the problem
> came from. I haven't changed my repos in ages.
>
> Thanks.
>
Ok, such and old OS. :^)
Dontaudited in selinux-policy-3.0.8-113.fc8
More information about the users
mailing list