Description of problem: used `locate` SELinux is preventing /usr/bin/bash from 'write' accesses on the fifo_file . ***** Plugin leaks (86.2 confidence) suggests ***************************** If you want to ignore bash trying to write access the fifo_file, because you believe it should not need this access. Then you should report this as a bug. You can generate a local policy module to dontaudit this access. Do # grep /usr/bin/bash /var/log/audit/audit.log | audit2allow -D -M mypol # semodule -i mypol.pp ***** Plugin catchall (14.7 confidence) suggests ************************** If you believe that bash should be allowed write access on the fifo_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep mlocate /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:locate_t:s0-s0:c0.c1023 Target Context system_u:object_r:systemd_logind_sessions_t:s0 Target Objects [ fifo_file ] Source mlocate Source Path /usr/bin/bash Port <Unknown> Host (removed) Source RPM Packages bash-4.2.45-6.fc21.x86_64 Target RPM Packages Policy RPM selinux-policy-3.13.1-27.fc21.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.14.0-0.rc4.git0.2.fc21.x86_64 #1 SMP Mon Feb 24 15:34:53 UTC 2014 x86_64 x86_64 Alert Count 1 First Seen 2014-02-27 21:19:02 IST Last Seen 2014-02-27 21:19:02 IST Local ID a22eb9cb-eb3f-451f-a2e0-a6d50d4da7dd Raw Audit Messages type=AVC msg=audit(1393528742.887:163): avc: denied { write } for pid=21093 comm="mlocate" path=2F72756E2F73797374656D642F73657373696F6E732F322E726566202864656C6574656429 dev="tmpfs" ino=725446 scontext=system_u:system_r:locate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:systemd_logind_sessions_t:s0 tclass=fifo_file type=SYSCALL msg=audit(1393528742.887:163): arch=x86_64 syscall=execve success=yes exit=0 a0=156b840 a1=1570dc0 a2=1568f40 a3=7ffffb31aca0 items=0 ppid=19766 pid=21093 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm=mlocate exe=/usr/bin/bash subj=system_u:system_r:locate_t:s0-s0:c0.c1023 key=(null) Hash: mlocate,locate_t,systemd_logind_sessions_t,fifo_file,write Additional info: reporter: libreport-2.1.12 hashmarkername: setroubleshoot kernel: 3.14.0-0.rc4.git0.2.fc21.x86_64 type: libreport
Were you updating your system when this happened?
Can't remember, sorry
*** This bug has been marked as a duplicate of bug 1070268 ***
I just received this error as well while installing group "Development and Creative Workstation". Not sure what to make of it, though; I thought mlocate was a cron job in the background.