| Summary: | SELinux is preventing /usr/bin/python2.7 from 'write' accesses on the directory /usr/lib64/python2.7/site-packages/gobject. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Carlos Natividade <carlos.natividade> |
| Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
| Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 19 | CC: | dominick.grift, dwalsh, lvrabec, mgrepl |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Unspecified | ||
| Whiteboard: | abrt_hash:f940c293a5178ab4f36274c1c82996518750e24f0a72a513fc219010c1ad64cc | ||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-10-16 20:06:32 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
This looks like a new py file got added to /usr/lib64/python2.7/site-packages/gobject without being precompiled. Could you run python on files in that directory which will fix this problem. |
Description of problem: SELinux is preventing /usr/bin/python2.7 from 'write' accesses on the directory /usr/lib64/python2.7/site-packages/gobject. ***** Plugin catchall (100. confidence) suggests *************************** If você acredita que o python2.7 deva ser permitido acesso de write em gobject directory por default. Then você precisa reportar este como um erro. Você pode gerar um módulo de política local para permitir este acesso. Do permitir este acesso agora executando: # grep blueman-mechani /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:blueman_t:s0-s0:c0.c1023 Target Context system_u:object_r:lib_t:s0 Target Objects /usr/lib64/python2.7/site-packages/gobject [ dir ] Source blueman-mechani Source Path /usr/bin/python2.7 Port <Desconhecido> Host (removed) Source RPM Packages python-2.7.5-8.fc19.x86_64 Target RPM Packages pygobject2-2.28.6-11.fc19.x86_64 Policy RPM selinux-policy-3.12.1-74.9.fc19.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.11.4-201.fc19.x86_64 #1 SMP Thu Oct 10 14:11:18 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-10-16 08:51:18 BRT Last Seen 2013-10-16 08:51:18 BRT Local ID aad04975-13b1-42a9-846d-155bf8d0f1a0 Raw Audit Messages type=AVC msg=audit(1381924278.35:460): avc: denied { write } for pid=1732 comm="blueman-mechani" name="gobject" dev="sda3" ino=1970990 scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lib_t:s0 tclass=dir type=SYSCALL msg=audit(1381924278.35:460): arch=x86_64 syscall=unlink success=no exit=EACCES a0=c39890 a1=221a0 a2=81a4 a3=34dc5c15d0 items=0 ppid=1731 pid=1732 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=blueman-mechani exe=/usr/bin/python2.7 subj=system_u:system_r:blueman_t:s0-s0:c0.c1023 key=(null) Hash: blueman-mechani,blueman_t,lib_t,dir,write Additional info: reporter: libreport-2.1.8 hashmarkername: setroubleshoot kernel: 3.11.4-201.fc19.x86_64 type: libreport