Timezones and SELinux...

enclair wifienclair at gmail.com
Tue Mar 27 21:45:06 UTC 2012 

Le 27 mars 2012 22:52, Daniel J Walsh <dwalsh at redhat.com> a écrit :

> Doubt it but did you try what I wrote to the first reporter?
>
> >
> > dac_overrride means that you have a process running as root trying to
> modify a file that is not owned by root.  Usually this means you have a
> file with the incorrect ownership.
> >
> > Now the audit log did not give you the full path, but you can get it by
> following the instructions detailed here.
> >
> > http://danwalsh.livejournal.com/34903.html
>

I've turned on full auditing and I have:

# ausearch -m avc -ts recent
----
time->Tue Mar 27 23:23:42 2012
type=PATH msg=audit(1332883422.739:90): item=0 name="/.config" inode=2
dev=fd:00 mode=040555 ouid=0 ogid=0 rdev=00:00
obj=system_u:object_r:root_t:s0
type=CWD msg=audit(1332883422.739:90):  cwd="/"
type=SYSCALL msg=audit(1332883422.739:90): arch=40000003 syscall=39
success=no exit=-13 a0=8c1a4a8 a1=1ff a2=419f24bc a3=8 items=1 ppid=1
pid=1959 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=4294967295 comm="kcmdatetimehelp"
exe="/usr/libexec/kde4/kcmdatetimehelper"
subj=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1332883422.739:90): avc:  denied  { dac_override } for
pid=1959 comm="kcmdatetimehelp" capability=1
scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023
tcontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tclass=capability
----
time->Tue Mar 27 23:23:46 2012
type=PATH msg=audit(1332883426.207:93): item=0 name="/" inode=2 dev=fd:00
mode=040555 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:root_t:s0
type=CWD msg=audit(1332883426.207:93):  cwd="/"
type=SYSCALL msg=audit(1332883426.207:93): arch=40000003 syscall=33
success=no exit=-13 a0=8c490d8 a1=2 a2=419f24bc a3=8c608b4 items=1 ppid=1
pid=1959 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=4294967295 comm="kcmdatetimehelp"
exe="/usr/libexec/kde4/kcmdatetimehelper"
subj=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1332883426.207:93): avc:  denied  { dac_override } for
pid=1959 comm="kcmdatetimehelp" capability=1
scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023
tcontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tclass=capability

I think I deleted /.config once because I thought it was a mistake.
If I create /.config, the error will be on: /.config/Trolltech.conf.MTxxxx
(xxxx is a number which change every time).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20120327/22aad989/attachment-0001.html>

More information about the users mailing list