First Last Prev Next    This bug is not in your last search results.
Bug 222179 - tzdata-update prevented from searching /var/spool/postfix
tzdata-update prevented from searching /var/spool/postfix
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
6
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-01-10 14:22 EST by David Juran
Modified: 2007-11-30 17:11 EST (History)
3 users (show)

See Also:
Fixed In Version: selinux-policy-2.4.6-25
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-11 07:40:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description David Juran 2007-01-10 14:22:47 EST 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.8.0.9) Gecko/20061219 Fedora/1.5.0.9-1.fc6 Firefox/1.5.0.9 pango-text

Description of problem:
When updating glibc to -2.5-10.fc6, setroubleshoot popped up the following deny message:

avc: denied { search } for comm="tzdata-update" dev=dm-0 egid=0 euid=0 exe="/usr/sbin/tzdata-update" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="postfix" pid=3865 scontext=user_u:system_r:tzdata_t:s0 sgid=0 subj=user_u:system_r:tzdata_t:s0 suid=0 tclass=dir tcontext=system_u:object_r:postfix_spool_t:s0 tty=(none) uid=0 

Version-Release number of selected component (if applicable):
selinux-policy-targeted-2.4.6-17.fc6

How reproducible:
Always


Steps to Reproduce:
1. sudo rpm -Uvh glibc-* nscd-2.5-10.fc6.x86_64.rpm


Actual Results:


Expected Results:


Additional info:
Comment 1 Daniel Walsh 2007-01-10 15:51:50 EST 
Were you sitting in the /var/spool/postfix directory when you did the rpm?
Comment 2 Nicola Soranzo 2007-01-10 19:48:30 EST 
I saw the same and I was in my user home directory when I executed sudo yum update.
Comment 3 David Juran 2007-01-11 03:48:31 EST 
No, but on line 534 in ./glibc-2.5-20061008T1257/fedora/tzdata-update.c there is
a reference to /var/spool/postfix/etc/localtime. I'm not quite sure what
tzdata-update is supposed to be doing, but I suspect this line is causing the
denial. Now whether tzdata-update should be messing with postfix files or not is
another question...
Comment 4 Daniel Walsh 2007-01-11 08:17:15 EST 
Fixed in selinux-policy-2.4.6-25
Comment 5 Nicola Soranzo 2007-06-08 11:59:09 EDT 
This bug should be closed!
Comment 6 David Juran 2007-06-11 07:40:01 EDT 
In deed.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.