Bug 239140 - default f7t4 fresh install - avc denied for procmail
default f7t4 fresh install - avc denied for procmail
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-05-05 04:08 EDT by David Timms
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-17 12:51:36 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Timms 2007-05-05 04:08:29 EDT
Description of problem:
As a fresh install {keeping old /home folder}, setroubleshooter shows the following 

Version-Release number of selected component (if applicable):
libselinux-2.0.13-1.fc7
libselinux-python-2.0.13-1.fc7
libsepol-2.0.3-1.fc7
policycoreutils-2.0.9-7.fc7
policycoreutils-gui-2.0.9-7.fc7
procmail-3.22-19.fc7
selinux-policy-2.6.1-1.fc7
selinux-policy-targeted-2.6.1-1.fc7

How reproducible:
boot the freshly installed f7t4 machine.
 
Actual results:
Summary
    SELinux is preventing access to files with the default label, default_t.

Additional Information        

Source Context                system_u:system_r:procmail_t
Target Context                system_u:object_r:default_t
Target Objects                root [ dir ]
Affected RPM Packages         procmail-3.22-19.fc7
                              [application]filesystem-2.4.6-1.fc7 [target]
Policy RPM                    selinux-policy-2.6.1-1.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.default
Host Name                     poweredge
Platform                      Linux poweredge 2.6.21-1.3116.fc7 #1 SMP Thu Apr
                              26 10:36:44 EDT 2007 i686 i686
Alert Count                   2
First Seen                    Sat 05 May 2007 02:53:10 PM EST
Last Seen                     Sat 05 May 2007 03:20:52 PM EST
Local ID                      eb8ffc28-9833-40c6-bcad-f83f134b1fb4
Line Numbers                  

Raw Audit Messages            

avc: denied { search } for comm="procmail" dev=sda3 egid=0 euid=0
exe="/usr/bin/procmail" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="root"
pid=14201 scontext=system_u:system_r:procmail_t:s0 sgid=0
subj=system_u:system_r:procmail_t:s0 suid=0 tclass=dir
tcontext=system_u:object_r:default_t:s0 tty=(none) uid=0

Expected result:
If this is legit: no error.
else fix procmail ?
Comment 1 Daniel Walsh 2007-05-17 12:51:36 EDT
This was caused by an anaconda bug which labeled /root incorrectly.
Fixed in Rawhide.

Note You need to log in before you can comment on or make changes to this bug.