This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 205320 - References to "None" in setroubleshoot reports
References to "None" in setroubleshoot reports
Product: Fedora
Classification: Fedora
Component: setroubleshoot (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Karl MacMillan
: 205467 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2006-09-05 20:06 EDT by Dave Malcolm
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-09-08 15:53:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Dave Malcolm 2006-09-05 20:06:59 EDT
Description of problem:
Some setroubleshoot reports contain references to None.  It looks like the
Python parsing code isn't getting something it's expecting.

SELinux is preventing /usr/sbin/showmount (automount_t) "getattr" access to None

Version-Release number of selected component (if applicable):

Actual results:
"SELinux is preventing /usr/sbin/showmount (automount_t) "getattr" access to
None (automount_t).

Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for None, restorecon -v $TARGETPATH. There is
currently no automatic way to allow this access. Instead, you can generate a
local policy module to allow this access - see FAQ - or you can disable SELinux
protection entirely for the application. Disabling SELinux protection is not
recommended. Please file a bug report against this package. Changing the
"automount_disable_trans" boolean to true will disable SELinux protection this
application: "setsebool -P automount_disable_trans=1."

Seeing similar problems with:
"SELinux is preventing /sbin/busybox (dhcpc_t) "setuid" access to None (dhcpc_t)."

Should I try and dig out the actual AVC denials?  (maybe the tool should have a
"show me the raw message" option for this?)
Comment 1 Karl MacMillan 2006-09-08 15:53:54 EDT
Fixed to give a default that indicates there is no path if the audit message
doesn't contain a path instead of None.
Comment 2 Karl MacMillan 2006-09-08 15:54:34 EDT
*** Bug 205467 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.