Hide Forgot
Description of problem: I'm getting a selinux error when logwatch reads /etc/mdadm.conf Source Context system_u:system_r:logwatch_t:s0-s0:c0.c1023 Target Context system_u:object_r:mdadm_conf_t:s0 Target Objects /etc/mdadm.conf [ file ] Source perl Source Path /usr/bin/perl Port <Unknown> Host xxxxxxxxxx Source RPM Packages perl-5.18.1-288.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-105.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name xxxxxxxxxxxxx Platform Linux xxxxxxxxx 3.11.9-300.fc20.x86_64 #1 SMP Wed Nov 20 22:23:25 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-11-28 03:42:05 CET Last Seen 2013-11-28 03:42:05 CET Local ID c220e277-733f-43dc-9867-5672025290da The policy I get after running audit2allow is module mypol 1.0; require { type logwatch_t; type mdadm_conf_t; class file read; } #============= logwatch_t ============== allow logwatch_t mdadm_conf_t:file read;
This seems fixed in the current policy selinux-policy-3.12.1-119 (and probably before). I'm closing the bug