Bug 915104
Summary: | SELinux is preventing /usr/bin/bash from 'getattr' accesses on the filesystem /tmp. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Stan King <stanley.king> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 18 | CC: | dominick.grift, dwalsh, mgrepl |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:85f5c000e853ebb04ecd8b1d9d390e752d8d4771524409e22afc10616fe53d1b | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-03-03 22:42:47 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Stan King
2013-02-24 21:10:55 UTC
Have you been ever running in permissive mode? And are you able to get this again? Miroslav, this is a recent Fedora 18 installation, and I have never changed the SELinux mode. I've got two other systems that I've recently installed Fedora 18 on, but they have not yet reached the point of needing to rotate their chronyd log files. I'll keep an eye out to see what happens the next time it rotates the log files, and I'll clear this report's "needinfo" flag at that point. I see that I had reported this problem before on Fedora 16 (RHBZ 797578), but in that case, I had modified the file system assignment of /tmp; this time, I haven't made any change. Also, I don't seem to have ever had this problem on Fedora 17. Link to prior bug: https://bugzilla.redhat.com/show_bug.cgi?id=797578 I think you should just add fs_getattr_all_fs(logrotate_t) 4bb325d5d3c0b7b4bd2e81d9f6a2625f6e65e8a6 in rawhide fixes this. Backported. commit df0ebac32e68edb1ad20f771a4f135aa44c0c513 Author: Dan Walsh <dwalsh> Date: Tue Feb 26 16:18:43 2013 -0500 Allow logrotote to getattr on all file sytems selinux-policy-3.11.1-82.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/selinux-policy-3.11.1-82.fc18 Package selinux-policy-3.11.1-82.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.11.1-82.fc18' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-3309/selinux-policy-3.11.1-82.fc18 then log in and leave karma (feedback). selinux-policy-3.11.1-82.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report. |