Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 296241 Details for
Bug 434873
setroubleshooter browser report -
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
Just like the name - current compilation of setroubleshoot log entries.
selinux_alert_compilation1.txt (text/plain), 165.56 KB, created by
Robert Gray
on 2008-02-28 18:22:59 UTC
(
hide
)
Description:
Just like the name - current compilation of setroubleshoot log entries.
Filename:
MIME Type:
Creator:
Robert Gray
Created:
2008-02-28 18:22:59 UTC
Size:
165.56 KB
patch
obsolete
>Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/asm.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/iprt/asm.h, > restorecon -v /tmp/vbox.0/include/iprt/asm.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/asm.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:25 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 38071f6a-d1fa-4de6-8967-f5e8e5312141 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/asm.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/nocrt/limits.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/nocrt/limits.h, restorecon -v > /tmp/vbox.0/include/iprt/nocrt/limits.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/nocrt/limits.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:25 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 666d4aef-45fe-41e2-b823-d3b52ec0004c >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/nocrt/limits.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/string.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/string.h, restorecon -v > /tmp/vbox.0/include/iprt/string.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/string.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:25 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 5095f3da-d936-4565-90da-d957fb876d74 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/string.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/alloc.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/alloc.h, restorecon -v > /tmp/vbox.0/include/iprt/alloc.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/alloc.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:25 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID a061f649-482d-4b83-823d-d9fbaccb7162 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/alloc.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/VBox/sup.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/VBox/sup.h, > restorecon -v /tmp/vbox.0/include/VBox/sup.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/VBox/sup.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 90e8bb39-1fba-4e27-9e3c-55f381c8ac8f >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/VBox/sup.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/VBox/types.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/VBox/types.h, restorecon -v > /tmp/vbox.0/include/VBox/types.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/VBox/types.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID ff1eab32-58b9-4044-b1b4-b753ca916651 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/VBox/types.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/VBox/log.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/VBox/log.h, > restorecon -v /tmp/vbox.0/include/VBox/log.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/VBox/log.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID daf1d03d-75d7-4d99-aa49-54aae9e60014 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/VBox/log.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/VBox/cdefs.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/VBox/cdefs.h, restorecon -v > /tmp/vbox.0/include/VBox/cdefs.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/VBox/cdefs.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 1c013345-8ee1-4123-9f90-ab72d4024cd1 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/VBox/cdefs.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/VBox/err.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/VBox/err.h, > restorecon -v /tmp/vbox.0/include/VBox/err.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/VBox/err.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 38f55050-cc82-4c00-8bcc-9b2679fe0e0e >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/VBox/err.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/Makefile (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/Makefile, restorecon > -v /tmp/vbox.0/Makefile If this does not work, there is currently no > automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/Makefile [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 03d533c2-9214-4292-9f13-d755f7c0e0d8 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/Makefile pid=13502 scontext=system_u:system_r:tmpreaper_t:s0 >sgid=0 subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/SUPDRVShared.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/SUPDRVShared.c, > restorecon -v /tmp/vbox.0/SUPDRVShared.c If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/SUPDRVShared.c [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID add209dc-87fa-4f9a-8973-5c8e453f9808 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/SUPDRVShared.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/SUPDRV.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/SUPDRV.h, restorecon > -v /tmp/vbox.0/SUPDRV.h If this does not work, there is currently no > automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/SUPDRV.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID e85af74b-bbda-4d0c-81c7-50852f595425 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/SUPDRV.h pid=13502 scontext=system_u:system_r:tmpreaper_t:s0 >sgid=0 subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/alloc-r0drv.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/alloc-r0drv.c, > restorecon -v /tmp/vbox.0/r0drv/alloc-r0drv.c If this does not work, there > is currently no automatic way to allow this access. Instead, you can > generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/alloc-r0drv.c [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:28 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 51cef8a1-2574-4fd5-ba8c-a3c8e2d18ea7 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/alloc-r0drv.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/initterm-r0drv.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/initterm- > r0drv.c, restorecon -v /tmp/vbox.0/r0drv/initterm-r0drv.c If this does not > work, there is currently no automatic way to allow this access. Instead, > you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/initterm-r0drv.c [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID f4e3112d-3981-4104-84bb-adef71cb6d4f >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/initterm-r0drv.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/alloc-r0drv.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/alloc-r0drv.h, > restorecon -v /tmp/vbox.0/r0drv/alloc-r0drv.h If this does not work, there > is currently no automatic way to allow this access. Instead, you can > generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/alloc-r0drv.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 142f45f5-fa04-4dd1-8384-39c154db551e >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/alloc-r0drv.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/process-r0drv-linux.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/linux/process- > r0drv-linux.c, restorecon -v /tmp/vbox.0/r0drv/linux/process-r0drv-linux.c > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/process-r0drv-linux.c [ > file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 113eca82-db5b-42e4-a050-dba28eb74610 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/process-r0drv-linux.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/alloc-r0drv-linux.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/linux/alloc- > r0drv-linux.c, restorecon -v /tmp/vbox.0/r0drv/linux/alloc-r0drv-linux.c If > this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/alloc-r0drv-linux.c [ file > ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID f0d134f1-4e80-4f00-84f5-7b1c0f16aa39 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/alloc-r0drv-linux.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/thread-r0drv-linux.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/linux/thread- > r0drv-linux.c, restorecon -v /tmp/vbox.0/r0drv/linux/thread-r0drv-linux.c If > this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/thread-r0drv-linux.c [ > file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 566b2c07-836d-45a9-ac0f-19d91264a9c1 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/thread-r0drv-linux.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/memobj-r0drv-linux.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/linux/memobj- > r0drv-linux.c, restorecon -v /tmp/vbox.0/r0drv/linux/memobj-r0drv-linux.c If > this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/memobj-r0drv-linux.c [ > file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID f7647d69-f772-4809-94ed-4057febe081e >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/memobj-r0drv-linux.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/initterm-r0drv-linux.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/linux > /initterm-r0drv-linux.c, restorecon -v /tmp/vbox.0/r0drv/linux/initterm- > r0drv-linux.c If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/initterm-r0drv-linux.c [ > file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID e9a39abf-799e-4e3b-a6eb-b4d460ac245d >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/initterm-r0drv-linux.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "setattr" to > <Unknown> (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for <Unknown>, restorecon -v > <Unknown> If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects None [ dir ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 241 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID e2f3942c-b2db-4390-97d3-37fbe224df8c >Line Numbers > >Raw Audit Messages > >avc: denied { setattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=linux >pid=13502 scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=dir >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/spinlock-r0drv-linux.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/linux > /spinlock-r0drv-linux.c, restorecon -v /tmp/vbox.0/r0drv/linux/spinlock- > r0drv-linux.c If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/spinlock-r0drv-linux.c [ > file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 5ec6e5fb-f1ea-4001-b393-d2813d9a659f >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/spinlock-r0drv-linux.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/memobj-r0drv.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/memobj- > r0drv.c, restorecon -v /tmp/vbox.0/r0drv/memobj-r0drv.c If this does not > work, there is currently no automatic way to allow this access. Instead, > you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/memobj-r0drv.c [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID c24edf08-99b2-4416-9b2b-dc4ce72a0ee1 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/memobj-r0drv.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/string.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/r0drv/linux/string.h, restorecon -v > /tmp/vbox.0/r0drv/linux/string.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/string.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 7adc1bde-6400-438f-90ad-e6fe3a39f82a >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/string.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/semaphore-r0drv-linux.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/linux > /semaphore-r0drv-linux.c, restorecon -v /tmp/vbox.0/r0drv/linux/semaphore- > r0drv-linux.c If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/semaphore-r0drv-linux.c [ > file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID 2189804a-81b4-41d3-939f-8d6eeb6c4c06 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/semaphore-r0drv-linux.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/r0drv/linux/the-linux-kernel.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/r0drv/linux/the- > linux-kernel.h, restorecon -v /tmp/vbox.0/r0drv/linux/the-linux-kernel.h If > this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/r0drv/linux/the-linux-kernel.h [ file > ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:30 PM PST >Last Seen Thu 28 Feb 2008 09:49:32 AM PST >Local ID ac83e796-67a1-4e39-9178-1f0889c1e414 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/r0drv/linux/the-linux-kernel.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/SUPDRVIOC.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/SUPDRVIOC.h, > restorecon -v /tmp/vbox.0/SUPDRVIOC.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/SUPDRVIOC.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 7ace0685-e5ab-47d9-b21b-c7773e4d7c2f >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/SUPDRVIOC.h pid=13502 scontext=system_u:system_r:tmpreaper_t:s0 >sgid=0 subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/version-generated.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/version-generated.h, > restorecon -v /tmp/vbox.0/version-generated.h If this does not work, there > is currently no automatic way to allow this access. Instead, you can > generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/version-generated.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID f74c887f-abe6-42b5-9020-1f5dae0c68b7 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 path=/tmp/vbox.0 >/version-generated.h pid=13502 scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/alloc/heapsimple.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/alloc/heapsimple.c, > restorecon -v /tmp/vbox.0/alloc/heapsimple.c If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/alloc/heapsimple.c [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 4566914e-310b-424e-8099-701069f0140b >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/alloc/heapsimple.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/math/gcc/divdi3.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/math/gcc/divdi3.c, > restorecon -v /tmp/vbox.0/math/gcc/divdi3.c If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/math/gcc/divdi3.c [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 460a1cc5-980f-42ad-8cfb-04f9271d85e0 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/math/gcc/divdi3.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/math/gcc/qdivrem.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/math/gcc/qdivrem.c, > restorecon -v /tmp/vbox.0/math/gcc/qdivrem.c If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/math/gcc/qdivrem.c [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 9201326c-185d-49ef-b71e-79c8cfe8c827 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/math/gcc/qdivrem.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/math/gcc/quad.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/math/gcc/quad.h, > restorecon -v /tmp/vbox.0/math/gcc/quad.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/math/gcc/quad.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID f55233e2-5298-4c1c-b732-690214094830 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/math/gcc/quad.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/linux/SUPDrv-linux.c (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/linux/SUPDrv- > linux.c, restorecon -v /tmp/vbox.0/linux/SUPDrv-linux.c If this does not > work, there is currently no automatic way to allow this access. Instead, > you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/linux/SUPDrv-linux.c [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID d47d4405-b128-463e-95b2-b2b440a95304 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/linux/SUPDrv-linux.c pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/build_in_tmp (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/build_in_tmp, > restorecon -v /tmp/vbox.0/build_in_tmp If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/build_in_tmp [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 2ba76537-7348-4a3e-b9d8-b13b4412742f >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/build_in_tmp pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/internal/magics.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/internal/magics.h, restorecon -v > /tmp/vbox.0/include/internal/magics.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/internal/magics.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 55b663c5-9cc8-49b7-a666-8efa9c47d96b >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/internal/magics.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/assert.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/assert.h, restorecon -v > /tmp/vbox.0/include/iprt/assert.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/assert.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 1eb1f525-c5a6-4361-828c-91f9d8e7eb38 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/assert.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/stdarg.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/stdarg.h, restorecon -v > /tmp/vbox.0/include/iprt/stdarg.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/stdarg.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 93a7c93c-8df0-4d8d-b2fa-b6290ab3927e >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/stdarg.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/internal/memobj.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/internal/memobj.h, restorecon -v > /tmp/vbox.0/include/internal/memobj.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/internal/memobj.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID c7ce34b9-0abe-40b8-ac6e-4378beb8313b >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/internal/memobj.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/timer.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/timer.h, restorecon -v > /tmp/vbox.0/include/iprt/timer.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/timer.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID f4d9d8f1-ae09-44b7-a289-c5796d23ba52 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/timer.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/heap.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/iprt/heap.h, > restorecon -v /tmp/vbox.0/include/iprt/heap.h If this does not work, there > is currently no automatic way to allow this access. Instead, you can > generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/heap.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 5da5c1e7-91ef-4804-b7af-bd9345fb6041 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/heap.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/types.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/types.h, restorecon -v > /tmp/vbox.0/include/iprt/types.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/types.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 924996b3-bd99-44c7-9197-1f0d0a63a21b >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/types.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/internal/initterm.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/internal/initterm.h, restorecon -v > /tmp/vbox.0/include/internal/initterm.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/internal/initterm.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID fba2950e-5d68-447c-b527-09ab648f687e >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/internal/initterm.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/internal/thread.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/internal/thread.h, restorecon -v > /tmp/vbox.0/include/internal/thread.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/internal/thread.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 75de7737-4ea4-46a8-bd7e-bf5d3229ccef >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/internal/thread.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/semaphore.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/semaphore.h, restorecon -v > /tmp/vbox.0/include/iprt/semaphore.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/semaphore.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 2c26b558-e1b5-4fcb-82bf-399ec0270ff1 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/semaphore.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/memobj.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/memobj.h, restorecon -v > /tmp/vbox.0/include/iprt/memobj.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/memobj.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 8657876c-e6a5-431e-96e4-3975e5686604 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/memobj.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/cdefs.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/cdefs.h, restorecon -v > /tmp/vbox.0/include/iprt/cdefs.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/cdefs.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 346beec7-8f8c-4412-804e-34cdc752bb0b >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/cdefs.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/initterm.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/initterm.h, restorecon -v > /tmp/vbox.0/include/iprt/initterm.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/initterm.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID f709a093-49ac-479b-9a2d-6f73252883ed >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/initterm.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/stdint.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/stdint.h, restorecon -v > /tmp/vbox.0/include/iprt/stdint.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/stdint.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 843ec0cc-a270-4c7a-98bb-d36e5243e370 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/stdint.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/avl.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/iprt/avl.h, > restorecon -v /tmp/vbox.0/include/iprt/avl.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/avl.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 1a2a6027-c8e7-474b-833c-82d5ac7db1ca >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/avl.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/thread.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/thread.h, restorecon -v > /tmp/vbox.0/include/iprt/thread.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/thread.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 1d4a987a-aeb9-416c-9d4d-f5808edbf876 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/thread.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/process.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/process.h, restorecon -v > /tmp/vbox.0/include/iprt/process.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/process.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 22 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 1c19118c-3c01-41f0-98fa-a201fd90e281 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/process.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/err.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/iprt/err.h, > restorecon -v /tmp/vbox.0/include/iprt/err.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/err.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 6985389e-1258-4159-a84e-79a9a9ade566 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/err.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/time.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/iprt/time.h, > restorecon -v /tmp/vbox.0/include/iprt/time.h If this does not work, there > is currently no automatic way to allow this access. Instead, you can > generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/time.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID b59ebb26-82f9-499c-8781-bf12db87686d >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/time.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/param.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/param.h, restorecon -v > /tmp/vbox.0/include/iprt/param.h If this does not work, there is currently > no automatic way to allow this access. Instead, you can generate a local > policy module to allow this access - see http://fedora.redhat.com/docs > /selinux-faq-fc5/#id2961385 Or you can disable SELinux protection > altogether. Disabling SELinux protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/param.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 3fdb55a9-3e4e-47e8-9493-75f0153ee12b >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/param.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/log.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/iprt/log.h, > restorecon -v /tmp/vbox.0/include/iprt/log.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/log.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID c5c6e096-da68-4530-bafe-04374d9627f8 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/log.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/spinlock.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for > /tmp/vbox.0/include/iprt/spinlock.h, restorecon -v > /tmp/vbox.0/include/iprt/spinlock.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/spinlock.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:25 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 21b60b09-00ec-41a7-b5dd-fc09e867f2c7 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/spinlock.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "getattr" to > /tmp/vbox.0/include/iprt/mem.h (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /tmp/vbox.0/include/iprt/mem.h, > restorecon -v /tmp/vbox.0/include/iprt/mem.h If this does not work, there is > currently no automatic way to allow this access. Instead, you can generate > a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects /tmp/vbox.0/include/iprt/mem.h [ file ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 21 >First Seen Sun 03 Feb 2008 03:48:25 PM PST >Last Seen Thu 28 Feb 2008 09:49:31 AM PST >Local ID 936bf4c1-6b70-4e7b-9613-f2b12662b6a7 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 >path=/tmp/vbox.0/include/iprt/mem.h pid=13502 >scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=file >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /sbin/pam_console_apply (pam_console_t) "getattr" to > /dev/fb0 (device_t). > >Detailed Description > SELinux denied access requested by /sbin/pam_console_apply. It is not > expected that this access is required by /sbin/pam_console_apply and this > access may signal an intrusion attempt. It is also possible that the > specific version or configuration of the application is causing it to > require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /dev/fb0, restorecon -v /dev/fb0 > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:pam_console_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects /dev/fb0 [ file ] >Affected RPM Packages pam-0.99.8.1-17.1.fc8 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 69 >First Seen Wed 23 Jan 2008 11:02:37 PM PST >Last Seen Thu 28 Feb 2008 09:23:37 AM PST >Local ID 79c5c44f-94a8-4b21-8d28-f98fcbb1e25a >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0 >exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0 >path=/dev/fb0 pid=2192 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 >sgid=500 subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /sbin/pam_console_apply (pam_console_t) "getattr" to > /dev/fb1 (device_t). > >Detailed Description > SELinux denied access requested by /sbin/pam_console_apply. It is not > expected that this access is required by /sbin/pam_console_apply and this > access may signal an intrusion attempt. It is also possible that the > specific version or configuration of the application is causing it to > require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /dev/fb1, restorecon -v /dev/fb1 > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:pam_console_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects /dev/fb1 [ file ] >Affected RPM Packages pam-0.99.8.1-17.1.fc8 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 69 >First Seen Wed 23 Jan 2008 11:02:37 PM PST >Last Seen Thu 28 Feb 2008 09:23:37 AM PST >Local ID 1d590458-26e2-480d-9b8e-e6a5751c9b98 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0 >exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0 >path=/dev/fb1 pid=2192 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 >sgid=500 subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /sbin/pam_console_apply (pam_console_t) "getattr" to > /dev/fb2 (device_t). > >Detailed Description > SELinux denied access requested by /sbin/pam_console_apply. It is not > expected that this access is required by /sbin/pam_console_apply and this > access may signal an intrusion attempt. It is also possible that the > specific version or configuration of the application is causing it to > require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /dev/fb2, restorecon -v /dev/fb2 > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:pam_console_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects /dev/fb2 [ file ] >Affected RPM Packages pam-0.99.8.1-17.1.fc8 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 68 >First Seen Fri 25 Jan 2008 07:11:44 AM PST >Last Seen Thu 28 Feb 2008 09:23:37 AM PST >Local ID fb5ae565-dcba-4162-af86-198d85a5ad8d >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0 >exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0 >path=/dev/fb2 pid=2192 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 >sgid=500 subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /sbin/pam_console_apply (pam_console_t) "getattr" to > /dev/fb3 (device_t). > >Detailed Description > SELinux denied access requested by /sbin/pam_console_apply. It is not > expected that this access is required by /sbin/pam_console_apply and this > access may signal an intrusion attempt. It is also possible that the > specific version or configuration of the application is causing it to > require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /dev/fb3, restorecon -v /dev/fb3 > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:pam_console_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects /dev/fb3 [ file ] >Affected RPM Packages pam-0.99.8.1-17.1.fc8 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 68 >First Seen Fri 25 Jan 2008 07:11:44 AM PST >Last Seen Thu 28 Feb 2008 09:23:37 AM PST >Local ID 8c31108c-d483-4204-a767-cc17e8ca9d08 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0 >exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0 >path=/dev/fb3 pid=2192 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 >sgid=500 subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /sbin/pam_console_apply (pam_console_t) "getattr" to > /dev/fb4 (device_t). > >Detailed Description > SELinux denied access requested by /sbin/pam_console_apply. It is not > expected that this access is required by /sbin/pam_console_apply and this > access may signal an intrusion attempt. It is also possible that the > specific version or configuration of the application is causing it to > require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /dev/fb4, restorecon -v /dev/fb4 > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:pam_console_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects /dev/fb4 [ file ] >Affected RPM Packages pam-0.99.8.1-17.1.fc8 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 68 >First Seen Fri 25 Jan 2008 07:11:44 AM PST >Last Seen Thu 28 Feb 2008 09:23:37 AM PST >Local ID 2a1c43c5-3036-4e87-bbee-49d361899a96 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0 >exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0 >path=/dev/fb4 pid=2192 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 >sgid=500 subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /sbin/pam_console_apply (pam_console_t) "getattr" to > /dev/fb5 (device_t). > >Detailed Description > SELinux denied access requested by /sbin/pam_console_apply. It is not > expected that this access is required by /sbin/pam_console_apply and this > access may signal an intrusion attempt. It is also possible that the > specific version or configuration of the application is causing it to > require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /dev/fb5, restorecon -v /dev/fb5 > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:pam_console_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects /dev/fb5 [ file ] >Affected RPM Packages pam-0.99.8.1-17.1.fc8 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 68 >First Seen Fri 25 Jan 2008 07:11:44 AM PST >Last Seen Thu 28 Feb 2008 09:23:37 AM PST >Local ID 1b501867-6c0d-4b0a-bce0-c89a75d0fb15 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0 >exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0 >path=/dev/fb5 pid=2192 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 >sgid=500 subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /sbin/pam_console_apply (pam_console_t) "getattr" to > /dev/fb6 (device_t). > >Detailed Description > SELinux denied access requested by /sbin/pam_console_apply. It is not > expected that this access is required by /sbin/pam_console_apply and this > access may signal an intrusion attempt. It is also possible that the > specific version or configuration of the application is causing it to > require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /dev/fb6, restorecon -v /dev/fb6 > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:pam_console_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects /dev/fb6 [ file ] >Affected RPM Packages pam-0.99.8.1-17.1.fc8 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 68 >First Seen Fri 25 Jan 2008 07:11:44 AM PST >Last Seen Thu 28 Feb 2008 09:23:37 AM PST >Local ID 1591b127-f3e5-4b9a-8dbd-816260adf257 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0 >exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0 >path=/dev/fb6 pid=2192 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 >sgid=500 subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /sbin/pam_console_apply (pam_console_t) "getattr" to > /dev/fb7 (device_t). > >Detailed Description > SELinux denied access requested by /sbin/pam_console_apply. It is not > expected that this access is required by /sbin/pam_console_apply and this > access may signal an intrusion attempt. It is also possible that the > specific version or configuration of the application is causing it to > require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for /dev/fb7, restorecon -v /dev/fb7 > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:pam_console_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects /dev/fb7 [ file ] >Affected RPM Packages pam-0.99.8.1-17.1.fc8 [application] >Policy RPM selinux-policy-3.0.8-84.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.15-137.fc8 #1 > SMP Sun Feb 10 17:48:34 EST 2008 i686 athlon >Alert Count 68 >First Seen Fri 25 Jan 2008 07:11:44 AM PST >Last Seen Thu 28 Feb 2008 09:23:37 AM PST >Local ID 2090da1f-727e-411f-8cc1-4ccfaa282176 >Line Numbers > >Raw Audit Messages > >avc: denied { getattr } for comm=pam_console_app dev=tmpfs egid=500 euid=0 >exe=/sbin/pam_console_apply exit=-13 fsgid=500 fsuid=0 gid=500 items=0 >path=/dev/fb7 pid=2192 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 >sgid=500 subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "write" to <Unknown> > (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for <Unknown>, restorecon -v > <Unknown> If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects None [ dir ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-81.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.14-107.fc8 #1 > SMP Mon Jan 14 21:37:30 EST 2008 i686 athlon >Alert Count 6 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Sun 03 Feb 2008 03:48:30 PM PST >Local ID fb006a43-d3ea-4614-8477-d95703c348b0 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=r0drv >pid=5380 scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=dir >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/sbin/tmpwatch (tmpreaper_t) "rmdir" to <Unknown> > (usr_t). > >Detailed Description > SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected > that this access is required by /usr/sbin/tmpwatch and this access may > signal an intrusion attempt. It is also possible that the specific version > or configuration of the application is causing it to require additional > access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for <Unknown>, restorecon -v > <Unknown> If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:tmpreaper_t:s0 >Target Context system_u:object_r:usr_t:s0 >Target Objects None [ dir ] >Affected RPM Packages tmpwatch-2.9.11-2 [application] >Policy RPM selinux-policy-3.0.8-81.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.14-107.fc8 #1 > SMP Mon Jan 14 21:37:30 EST 2008 i686 athlon >Alert Count 5 >First Seen Sun 03 Feb 2008 03:48:23 PM PST >Last Seen Sun 03 Feb 2008 03:48:30 PM PST >Local ID c67f0125-6b8e-45dd-8553-7e39a27274aa >Line Numbers > >Raw Audit Messages > >avc: denied { rmdir } for comm=tmpwatch dev=dm-0 egid=0 euid=0 >exe=/usr/sbin/tmpwatch exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name=r0drv >pid=5380 scontext=system_u:system_r:tmpreaper_t:s0 sgid=0 >subj=system_u:system_r:tmpreaper_t:s0 suid=0 tclass=dir >tcontext=system_u:object_r:usr_t:s0 tty=(none) uid=0 > > >Summary > SELinux is preventing /usr/bin/Xorg (xdm_xserver_t) "create" to <Unknown> > (device_t). > >Detailed Description > SELinux denied access requested by /usr/bin/Xorg. It is not expected that > this access is required by /usr/bin/Xorg and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for <Unknown>, restorecon -v > <Unknown> If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 >Target Context system_u:object_r:device_t:s0 >Target Objects None [ file ] >Affected RPM Packages xorg-x11-server-Xorg-1.3.0.0-33.fc8 [application] >Policy RPM selinux-policy-3.0.8-44.fc8 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name localhost.localdomain >Platform Linux localhost.localdomain 2.6.23.1-42.fc8 #1 SMP > Tue Oct 30 13:55:12 EDT 2007 i686 athlon >Alert Count 7 >First Seen Wed 23 Jan 2008 02:17:05 AM PST >Last Seen Wed 23 Jan 2008 02:17:05 AM PST >Local ID 57ee4b23-39e9-4a46-95f4-a6a98b097a5e >Line Numbers > >Raw Audit Messages > >avc: denied { create } for comm=X egid=0 euid=0 exe=/usr/bin/Xorg exit=-13 >fsgid=0 fsuid=0 gid=0 items=0 name=fb6 pid=2395 >scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 sgid=0 >subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 suid=0 tclass=file >tcontext=system_u:object_r:device_t:s0 tty=tty7 uid=0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=296241">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 434873
: 296241