Description of problem: SELinux is preventing /usr/bin/python2.7 from 'getattr' accesses on the file /run/wicd.pid. ***** Plugin catchall (100. confidence) suggests *************************** If si crede che python2.7 dovrebbe avere possibilità di accesso getattr sui wicd.pid file in modo predefinito. Then si dovrebbe riportare il problema come bug. E' possibile generare un modulo di politica locale per consentire questo accesso. Do consentire questo accesso per il momento eseguendo: # grep wicd /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:NetworkManager_t:s0 Target Context unconfined_u:object_r:var_run_t:s0 Target Objects /run/wicd.pid [ file ] Source wicd Source Path /usr/bin/python2.7 Port <Sconosciuto> Host (removed) Source RPM Packages python-2.7.5-8.fc19.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-74.9.fc19.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 3.11.4-201.fc19.x86_64 #1 SMP Thu Oct 10 14:11:18 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-10-18 16:33:02 CEST Last Seen 2013-10-18 16:33:02 CEST Local ID d0b40e7f-befd-4d47-8442-d9fe3b61d461 Raw Audit Messages type=AVC msg=audit(1382106782.749:898): avc: denied { getattr } for pid=23477 comm="wicd" path="/run/wicd.pid" dev="tmpfs" ino=87320 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file type=SYSCALL msg=audit(1382106782.749:898): arch=x86_64 syscall=stat success=yes exit=0 a0=1428e70 a1=7fffef4e6ba0 a2=7fffef4e6ba0 a3=0 items=0 ppid=1 pid=23477 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=wicd exe=/usr/bin/python2.7 subj=system_u:system_r:NetworkManager_t:s0 key=(null) Hash: wicd,NetworkManager_t,var_run_t,file,getattr Additional info: reporter: libreport-2.1.8 hashmarkername: setroubleshoot kernel: 3.11.4-201.fc19.x86_64 type: libreport Potential duplicate: bug 809739
You probably ran wicd as a user which causes the pid file to be created with the wrong label on it. f75dae3422a733645266718dc8eda1ca82ca1ccb in git will cause /run/wicd.pid to get created with the correct label on it.
back ported.
You're right. Thanks GI3003