Bug 547180
Summary: | SELinux is preventing /usr/sbin/swat "search" access on /root. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Beau James <b_james> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 12 | CC: | dwalsh, mgrepl |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | setroubleshoot_trace_hash:b60cc782822fe412b57fae8cdf65c91e4e9db5ef91c08ad33ce9fe4b04892b81 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-12-22 20:42:33 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Beau James
2009-12-13 21:28:11 UTC
How I got here =============== Installed Fedora-12 x86_64. Got basic system configured and running on home network. Updated with latest fixes as of 12-13-2009 1:00PM PST. No major issues so far. Used "System->Administration->Add/Remove Programs" to download and install Samba and SWAT packages. (Only smb client apps had been installed with my initial installation - not sure why / what I may have failed to select or chosen incorrectly.) Used "System -> Administration -> Services" to enable and start smb, enable and start xinetd, enable swat. Launched Firefox, connected to "http://127.0.0.1:901". I see the SWAT main page, but the SELinux alert pops up. Rebooted and did same thing again, just to be sure. Same SELinux alert. Clicking the "Home" button at the top of the SWAT page generates the SELinux alert again. I will just dontaudit it. Does everything seem to work correctly. You can add these rules for now using # grep avc /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Fixed in selinux-policy-3.6.32-59.fc12.noarch Yes. Aside from the SELinux warnings (which are reported as warnings, with the access NOT being denied), SWAT seems to be working fine. Thank you. selinux-policy-3.6.32-59.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-59.fc12 selinux-policy-3.6.32-59.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2009-13384 |