Bug 585717
Summary: | SELinux is preventing /usr/bin/updatedb "getattr" access to /var/lib/qpidd. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Joshua Kramer <jkramer> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED NOTABUG | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 6.0 | CC: | dwalsh |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-04-29 12:25:36 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Joshua Kramer
2010-04-25 18:42:43 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux major release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Major release. This request is not yet committed for inclusion. A new install of qpid-cpp-server (0.7.935473-1.el6) on a fresh RHEL-6 (RHEL6.0-20100428.n.0_nfs-Server) shows that the /var/lib/qpidd dir has the following properties: [root@mrg10 ~]# history 1 history [root@mrg10 ~]# yum install qpid-cpp-server ... Complete! [root@mrg10 ~]# service qpidd start Starting Qpid AMQP daemon: [ OK ] [root@mrg10 ~]# ls -Z /var/lib ... drwxr-xr-x. qpidd qpidd system_u:object_r:qpidd_var_lib_t:s0 qpidd ... I am uncertain of how the condition described above arose. Is it possible that this was run prior to the recent updates to the base policy for qpidd? unlabeled_t means the directory has a label on it that the kernel does not understand. Perhaps you installed a bad policy from a previous version of RHEL6 that the current policy does not understand. You can run fixfiles restore to make sure the system is totally labeled the way SELinux expects. If this happens again reopen the bug. |