Bug 221704
| Summary: | SELinux is preventing /usr/sbin/readahead (readahead_t) "getattr" access to SELinux is preventing /usr/sbin/readahead (readahead_t) "getattr" access to /dev/pts/1 (pppd_devpts_t) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Nirmal Tom <nirmaltom> | ||||
| Component: | readahead | Assignee: | Karel Zak <kzak> | ||||
| Status: | CLOSED WONTFIX | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 6 | CC: | triage | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | bzcl34nup | ||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2008-05-06 17:18:19 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 144968 [details]
setroubleshoot program's report
Fedora apologizes that these issues have not been resolved yet. We're sorry it's taken so long for your bug to be properly triaged and acted on. We appreciate the time you took to report this issue and want to make sure no important bugs slip through the cracks. If you're currently running a version of Fedora Core between 1 and 6, please note that Fedora no longer maintains these releases. We strongly encourage you to upgrade to a current Fedora release. In order to refocus our efforts as a project we are flagging all of the open bugs for releases which are no longer maintained and closing them. http://fedoraproject.org/wiki/LifeCycle/EOL If this bug is still open against Fedora Core 1 through 6, thirty days from now, it will be closed 'WONTFIX'. If you can reporduce this bug in the latest Fedora version, please change to the respective version. If you are unable to do this, please add a comment to this bug requesting the change. Thanks for your help, and we apologize again that we haven't handled these issues to this point. The process we are following is outlined here: http://fedoraproject.org/wiki/BugZappers/F9CleanUp We will be following the process here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this doesn't happen again. And if you'd like to join the bug triage team to help make things better, check out http://fedoraproject.org/wiki/BugZappers This bug is open for a Fedora version that is no longer maintained and will not be fixed by Fedora. Therefore we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen thus bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed. |
Description of problem: SELinux denied access requested by /usr/sbin/readahead. It is not expected that this access is required by /usr/sbin/readahead and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package Version-Release number of selected component (if applicable): Affected RPM Packages: readahead-1.3-5 [application] Policy RPM: selinux-policy-2.3.18-10 How reproducible: i am not sure,but i am unable to mount foreign partitions with write rights especially ntfs,vfat with fuse and other packages required for ntfs-3g installed.chmod command doesnt change the rights of directories if given as shown below.So i run setroubleshoot which shows me the error i have attached and asked me to file a bug report Actual results: [root@server mnt]# ls -l total 64 drwxr-xr-x 14 root root 8192 Jan 1 1970 Backup_hda6 drwxr-xr-x 19 root root 8192 Jan 1 1970 Documents_hda7 drwxr-xr-x 3 root root 16384 Jan 1 1970 empty_sda1 drwxrwxrwx 1 root root 4096 Dec 18 02:20 GamesImageFiles_sda6 drwxr-xr-x 14 root root 16384 Jan 1 1970 Media_sda5 drwxrwxrwx 1 root root 4096 Dec 27 02:09 Software_hda5 drwxrwxrwx 2 root root 1024 Dec 12 19:01 temp drwxrwxrwx 2 root root 1024 Dec 18 16:09 virtualos_deb drwxrwxrwx 1 root root 4096 Jan 4 18:51 WindowsXP_hda1 [root@server mnt]# chmod 755 /mnt/* [root@server mnt]# ls -l total 64 drwxr-xr-x 14 root root 8192 Jan 1 1970 Backup_hda6 drwxr-xr-x 19 root root 8192 Jan 1 1970 Documents_hda7 drwxr-xr-x 3 root root 16384 Jan 1 1970 empty_sda1 drwxrwxrwx 1 root root 4096 Dec 18 02:20 GamesImageFiles_sda6 drwxr-xr-x 14 root root 16384 Jan 1 1970 Media_sda5 drwxrwxrwx 1 root root 4096 Dec 27 02:09 Software_hda5 drwxr-xr-x 2 root root 1024 Dec 12 19:01 temp drwxr-xr-x 2 root root 1024 Dec 18 16:09 virtualos_deb drwxrwxrwx 1 root root 4096 Jan 4 18:51 WindowsXP_hda1 [root@server mnt]# chmod 777 /mnt/* [root@server mnt]# ls -l total 64 drwxr-xr-x 14 root root 8192 Jan 1 1970 Backup_hda6 drwxr-xr-x 19 root root 8192 Jan 1 1970 Documents_hda7 drwxr-xr-x 3 root root 16384 Jan 1 1970 empty_sda1 drwxrwxrwx 1 root root 4096 Dec 18 02:20 GamesImageFiles_sda6 drwxr-xr-x 14 root root 16384 Jan 1 1970 Media_sda5 drwxrwxrwx 1 root root 4096 Dec 27 02:09 Software_hda5 drwxrwxrwx 2 root root 1024 Dec 12 19:01 temp drwxrwxrwx 2 root root 1024 Dec 18 16:09 virtualos_deb drwxrwxrwx 1 root root 4096 Jan 4 18:51 WindowsXP_hda1 Additional info: Raw Audit Messages: avc: denied { getattr } for comm="readahead" dev=devpts egid=0 euid=0 exe="/usr/sbin/readahead" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="1" path="/dev/pts/1" pid=2637 scontext=system_u:system_r:readahead_t:s0 sgid=0 subj=system_u:system_r:readahead_t:s0 suid=0 tclass=chr_file tcontext=system_u:object_r:pppd_devpts_t:s0 tty=(none) uid=0