Bug 151930 - avc: denied { getattr } for pid=2388 exe=/bin/mktemp path=/tmp dev=tmpfs ino=5312 scontext=user_u:system_r:dhcpc_t tcontext=user_u:object_r:tmpfs_t tclass=dir
Summary: avc: denied { getattr } for pid=2388 exe=/bin/mktemp path=/tmp dev=tmpfs i...
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-03-23 17:35 UTC by Orion Poplawski
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-04-07 16:22:17 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Add restorcon patch (425 bytes, patch)
2005-03-24 21:38 UTC, Daniel Walsh 		no flags Details | Diff
View All

Description Orion Poplawski 2005-03-23 17:35:42 UTC 
Description of problem:

Get the following audit on a freshly installed rawhide system:

avc:  denied  { getattr } for  pid=2388 exe=/bin/mktemp path=/tmp dev=tmpfs
ino=5312 scontext=user_u:system_r:dhcpc_t tcontext=user_u:object_r:tmpfs_t
tclass=dir

appears to prevent dhcp from setting /etc/resolv.conf properly.  

/tmp is a tmpfs filesystem


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.23.3-2.noarch.
Comment 1 Daniel Walsh 2005-03-24 21:38:38 UTC 
Created attachment 112338 [details]
Add restorcon patch
Comment 2 Daniel Walsh 2005-03-24 21:39:39 UTC 
Could you apply the above patch to /etc/rc.d/rc.sysinit 
and see if this fixes your problem
Comment 3 Orion Poplawski 2005-04-07 16:22:17 UTC 
Did not see this with a fresh install from today's rawhide.  rc.sysinit does not
appear to have this patch, so apparently it's not necessary anymore?

/tmp is labeled as tmp_t:

drwxrwxrwt  root     root     system_u:object_r:tmp_t          .
Note You need to log in before you can comment on or make changes to this bug.