From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041008 Firefox/0.10.1 Description of problem: I put a USB stick (256MB USB2 Sandisk) and firewire iPOD and tried to edit text files. Nautilus says I don't have permissions to edit files, nor can I create any files on the disks. Working folder: /media/usbdisk/unix_help Editing a text file from double-clicking a text file in Nautilus brings up gEdit. I make a change and try to save, it gives a permissions error. I chmod 777 * on the text files and the command executes but the permissions of the text files dont reflect the change. I check dmesg and I get this error: audit(1097420510.446:0): avc: denied { associate } for pid=4607 exe=/usr/bin/gedit name=.gedit-save-dRYCB1 scontext=user_u:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem I try to create a new "empty file" in nautilus and again I get permission denied. dmesg reports this: audit(1097421666.756:0): avc: denied { associate } for pid=4539 exe=/usr/bin/nautilus name=.vfs-write.tmp scontext=user_u:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem Attempting to copy an existing file and pasting to the same folder gives a permissions error and dmesg reports: audit(1097421730.569:0): avc: denied { associate } for pid=4539 exe=/usr/bin/nautilus name=.vfs-write.tmp scontext=user_u:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem However, editing a text file from the command line using vim, the kernel does allow the file to save my edits. But there is still errors in dmesg: audit(1097421875.980:0): avc: denied { associate } for pid=4721 exe=/usr/bin/vim name=.cheat_sheet.txt.swp scontext=user_u:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem audit(1097421875.980:0): avc: denied { associate } for pid=4721 exe=/usr/bin/vim name=.cheat_sheet.txt.swp scontext=user_u:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem audit(1097421883.100:0): avc: denied { associate } for pid=4721 exe=/usr/bin/vim name=4913 scontext=user_u:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem audit(1097421883.100:0): avc: denied { associate } for pid=4721 exe=/usr/bin/vim name=cheat_sheet.txt~ scontext=user_u:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem Attempting to edit a text file on a floppy gives this: SELinux: initialized (dev fd0, type vfat), uses genfs_contexts audit(1097542494.684:0): avc: denied { associate } for pid=8393 exe=/usr/bin/vim name=.readme.txt.swp scontext=root:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem audit(1097542494.684:0): avc: denied { associate } for pid=8393 exe=/usr/bin/vim name=.readme.txt.swp scontext=root:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem audit(1097542499.205:0): avc: denied { associate } for pid=8393 exe=/usr/bin/vim name=4913 scontext=root:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem audit(1097542499.205:0): avc: denied { associate } for pid=8393 exe=/usr/bin/vim name=readme.txt~ scontext=root:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem audit(1097542510.677:0): avc: denied { associate } for pid=4821 exe=/usr/bin/nautilus name=.vfs-write.tmp scontext=user_u:object_r:removable_t tcontext=system_u:object_r:removable_t tclass=filesystem Switching to root user and editing the files has no effect. Are these due to permissions not being set correctly in SELinux? How do I fix this so I can save/edit/copy/create files on removable storage? Joe Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Mount an removable storage device. 2. Edit a text file using gedit or vim. Or create a new file. Or copy an existing file to the same device. 3. Attempt to save. Actual Results: Can't write files to removable storage (floppy, ipod, usb key) regardless of being user or root. Nautilus states there is a per Expected Results: Saving files on removable storage should not give permission errors or give alerts in dmesg output. Additional info: Example error message from gedit attempting to save to floppy (write protect tab is not set on floppy, and there is sufficient space): Error while copying to "/media/floppy". You do not have permissions to write to this folder.
There was an error in policy that is fixed in policy-1.17.30 and newer.