Bug 836434
Summary: | SELinux is preventing /usr/sbin/tmpwatch from 'getattr' accesses on the directory /tmp/pulse-PKdhtXMmr18n. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | frywalker <fry.futurateam> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED CANTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 17 | CC: | dominick.grift, dwalsh, fedorabugmail, mgrepl, Prescience500 |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:a86deebec59e235431ad2e28ae776ca21c50b12f20d83ecf80da6fb696cb2321 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-06-29 22:25:09 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
frywalker
2012-06-29 05:39:43 UTC
This looks like you had some files with labels that the kernel no longer understands. rm -rf /tmp/pulse-PKdhtXMmr18 If you believe you no longer need these. chcon -t user_tmp_t /tmp/pulse-PKdhtXMmr18 -r If you want them around for a while, I have no idea how this content got there. I see this message as well about once a day. Fedora 17 + XFCE. What does this output getfattr -n security.selinux /tmp/pulse-* I'm having a similar problem, except that it's happening on the directory kdecache-root. I tried using the automatic bug reporting tool to make a new bug report, but it kept telling me it was a dupe of this one. It happens all the time on both of my Fedora 17 + KDE computers. If this is indeed the same problem, I'd be happy to help you get the info you need to investigate it. Michael just delete the directory you should not see this again. I already did on my main computer. I was more concerned about it affecting large numbers of Fedora KDE users. This is a one time thing, which should be fixed by the latest policy update. Basically what happened is we removed a label for content created by firstboot during install. This content in /tmp became unlabeled_t and tmpwatch was not able to look at it. The latest policy has an "Alias" for the label we removed so if a users is fully up2date, this problem will cease to happen. |