Description of problem: Using mock --shell as a staff_t user SELinux is preventing /usr/bin/tty from 'read' accesses on the directory /dev/pts. ***** Plugin catchall (100. confidence) suggests ************************** If vous pensez que tty devrait être autorisé à accéder read sur pts directory par défaut. Then vous devriez rapporter ceci en tant qu'anomalie. Vous pouvez générer un module de stratégie local pour autoriser cet accès. Do autoriser cet accès pour le moment en exécutant : # grep tty /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context staff_u:staff_r:mock_build_t:s0-s0:c0.c1023 Target Context staff_u:object_r:devpts_t:s0 Target Objects /dev/pts [ dir ] Source tty Source Path /usr/bin/tty Port <Unknown> Host (removed) Source RPM Packages coreutils-8.21-18.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-106.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 3.12.5-302.fc20.x86_64 #1 SMP Tue Dec 17 20:42:32 UTC 2013 x86_64 x86_64 Alert Count 7 First Seen 2013-12-22 15:43:09 CET Last Seen 2013-12-27 17:50:57 CET Local ID 5c2e4e59-b41d-4dba-b46e-f8a5e0dd0d66 Raw Audit Messages type=AVC msg=audit(1388163057.335:4032): avc: denied { read } for pid=23740 comm="tty" name="/" dev="devpts" ino=1 scontext=staff_u:staff_r:mock_build_t:s0-s0:c0.c1023 tcontext=staff_u:object_r:devpts_t:s0 tclass=dir type=SYSCALL msg=audit(1388163057.335:4032): arch=x86_64 syscall=openat success=yes exit=ESRCH a0=ffffffffffffff9c a1=7f02ab0364cb a2=90800 a3=0 items=0 ppid=23739 pid=23740 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=1 tty=pts10 comm=tty exe=/usr/bin/tty subj=staff_u:staff_r:mock_build_t:s0-s0:c0.c1023 key=(null) Hash: tty,mock_build_t,devpts_t,dir,read Additional info: reporter: libreport-2.1.10 hashmarkername: setroubleshoot kernel: 3.12.5-302.fc20.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 1046948 ***