Bug 238474 - SELinux is preventing /usr/sbin/useradd (useradd_t) "read write" to faillog (var_log_t)
SELinux is preventing /usr/sbin/useradd (useradd_t) "read write" to faillog (...
Status: CLOSED DUPLICATE of bug 236774
Product: Fedora
Classification: Fedora
Component: anaconda (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Anaconda Maintenance Team
Depends On:
  Show dependency treegraph
Reported: 2007-04-30 15:36 EDT by Ben Levenson
Modified: 2007-11-30 17:12 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-05-01 08:14:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ben Levenson 2007-04-30 15:36:21 EDT
Description of problem:

SELinux is preventing /usr/sbin/useradd (useradd_t) "read write" to faillog

Source Context:  system_u:system_r:useradd_t
Target Context:  system_u:object_r:var_log_t
Target Objects:  faillog [ file ]
Affected RPM Packages:  shadow-utils- [application]
Policy RPM:  selinux-policy-2.6.1-1.fc7
Selinux Enabled:  True
Policy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Enforcing
Plugin Name:  plugins.catchall_file
Platform:  Linux <hostname> 2.6.20-1.3104.fc7 #1 SMP Sat Apr 21 22:20:43 EDT
2007 i686 i686
Alert Count:  1
First Seen:  Mon 30 Apr 2007 03:07:49 PM EDT
Last Seen:  Mon 30 Apr 2007 03:07:49 PM EDT
Local ID:  69550c8a-3a80-4281-ba26-036a07f5884a
Line Numbers:  

Raw Audit Messages :avc: denied { read, write } for comm="useradd" dev=dm-4
egid=0 euid=0 exe="/usr/sbin/useradd" exit=-13 fsgid=0 fsuid=0 gid=0 items=0
name="faillog" pid=6832 scontext=system_u:system_r:useradd_t:s0 sgid=0
subj=system_u:system_r:useradd_t:s0 suid=0 tclass=file
tcontext=system_u:object_r:var_log_t:s0 tty=(none) uid=0

Steps to Reproduce:
1. Fresh F-7 install
2. Enable "Personal File Sharing" (not sure if this matters)
3. Install/upgrade a bunch of packages via pirut
4. avc denial

Additional info:
Unfortunately I don't know which package triggered the write attempt to faillog.
I can try to reproduce this if needed.
Comment 1 Daniel Walsh 2007-05-01 08:02:47 EDT
This is an install problem, and should be cleaned up at the end of install with
a restorecon -R -v /var/log.

You can do this now to fix the problem.
Comment 2 Jeremy Katz 2007-05-01 08:14:25 EDT

*** This bug has been marked as a duplicate of 236774 ***

Note You need to log in before you can comment on or make changes to this bug.