Description of problem: SELinux is preventing /usr/lib64/tumbler-1/tumblerd from 'add_name' accesses on the directory . ***** Plugin catchall (100. confidence) suggests ************************** If 您确定应默认允许 tumblerd add_name 访问 directory。 Then 您应该将这个情况作为 bug 报告。 您可以生成本地策略模块允许这个访问。 Do 请执行以下命令此时允许这个访问: # grep pool /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:home_root_t:s0 Target Objects [ dir ] Source pool Source Path /usr/lib64/tumbler-1/tumblerd Port <Unknown> Host (removed) Source RPM Packages tumbler-0.1.30-1.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-177.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.15.5-200.fc20.x86_64 #1 SMP Mon Jul 14 15:40:08 UTC 2014 x86_64 x86_64 Alert Count 389 First Seen 2014-07-20 13:25:34 CST Last Seen 2014-07-20 17:24:43 CST Local ID d695d5da-9d93-419b-8dfb-8876a5a5d350 Raw Audit Messages type=AVC msg=audit(1405848283.758:993): avc: denied { add_name } for pid=4773 comm="pool" name="eeb44b03c67d28cbb651a9dff9d997c2-1405848283-759798.png" scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1405848283.758:993): arch=x86_64 syscall=open success=no exit=EACCES a0=7fe864718dd0 a1=c1 a2=1b6 a3=aaaaaaaaaaaaaaab items=0 ppid=1 pid=4773 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=1 comm=pool exe=/usr/lib64/tumbler-1/tumblerd subj=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 key=(null) Hash: pool,thumb_t,home_root_t,dir,add_name Additional info: reporter: libreport-2.2.2 hashmarkername: setroubleshoot kernel: 3.15.5-200.fc20.x86_64 type: libreport
It looks you have badly labeled your homedir. Try to execute $ restorecon -R -v ~ to fix labeling.