Hide Forgot
Description of problem: SELinux is preventing /usr/bin/bash from 'getattr' accesses on the file /usr/sbin/ldconfig. ***** Plugin catchall (100. confidence) suggests *************************** If 您确定应默认允许 bash getattr 访问 ldconfig file。 Then 您应该将这个情况作为 bug 报告。 您可以生成本地策略模块允许这个访问。 Do 请执行以下命令此时允许这个访问: # grep sh /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:smoltclient_t:s0-s0:c0.c1023 Target Context system_u:object_r:ldconfig_exec_t:s0 Target Objects /usr/sbin/ldconfig [ file ] Source sh Source Path /usr/bin/bash Port <未知> Host (removed) Source RPM Packages bash-4.2.45-1.fc19.x86_64 Target RPM Packages glibc-2.17-19.fc19.x86_64 Policy RPM selinux-policy-3.12.1-74.13.fc19.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.11.8-200.fc19.x86_64 #1 SMP Wed Nov 13 16:29:59 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-11-22 10:20:06 CST Last Seen 2013-11-22 10:20:06 CST Local ID 19889b11-8508-4827-b134-5898382052d9 Raw Audit Messages type=AVC msg=audit(1385086806.404:2236): avc: denied { getattr } for pid=27985 comm="sh" path="/usr/sbin/ldconfig" dev="sda6" ino=796578 scontext=system_u:system_r:smoltclient_t:s0-s0:c0.c1023 tcontext=system_u:object_r:ldconfig_exec_t:s0 tclass=file type=SYSCALL msg=audit(1385086806.404:2236): arch=x86_64 syscall=stat success=no exit=EACCES a0=cdbd20 a1=7fff14b3d390 a2=7fff14b3d390 a3=0 items=0 ppid=27984 pid=27985 auid=999 uid=999 gid=996 euid=999 suid=999 fsuid=999 egid=996 sgid=996 fsgid=996 ses=17 tty=(none) comm=sh exe=/usr/bin/bash subj=system_u:system_r:smoltclient_t:s0-s0:c0.c1023 key=(null) Hash: sh,smoltclient_t,ldconfig_exec_t,file,getattr Additional info: reporter: libreport-2.1.9 hashmarkername: setroubleshoot kernel: 3.11.8-200.fc19.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 1033486 ***