239141 – fresh f7t4 install avc denied message for df

Bug 239141 - fresh f7t4 install avc denied message for df

Summary: fresh f7t4 install avc denied message for df

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-targeted
Sub Component:
Version:	rawhide
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:	Ben Levenson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-05-05 08:16 UTC by David Timms
Modified:	2007-11-30 22:12 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-07-17 09:39:49 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description David Timms 2007-05-05 08:16:47 UTC

Description of problem:
avc denied as shown by setroubleshoot

Version-Release number of selected component (if applicable):
coreutils-6.9-2.fc7
libselinux-2.0.13-1.fc7
libselinux-python-2.0.13-1.fc7
libsepol-2.0.3-1.fc7
policycoreutils-2.0.9-7.fc7
policycoreutils-gui-2.0.9-7.fc7
selinux-policy-2.6.1-1.fc7
selinux-policy-targeted-2.6.1-1.fc7

How reproducible:
running a freshly installed f7t4 default machine.

Actual results:
...
Additional Information        

Source Context                system_u:system_r:logwatch_t
Target Context                system_u:object_r:default_t
Target Objects                / [ dir ]
Affected RPM Packages         coreutils-6.9-2.fc7
                              [application]filesystem-2.4.6-1.fc7 [target]
Policy RPM                    selinux-policy-2.6.1-1.fc7
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.default
Host Name                     poweredge
Platform                      Linux poweredge 2.6.21-1.3116.fc7 #1 SMP Thu Apr
                              26 10:36:44 EDT 2007 i686 i686
Alert Count                   4
First Seen                    Sat 05 May 2007 02:53:10 PM EST
Last Seen                     Sat 05 May 2007 02:53:10 PM EST
Local ID                      bff171ec-d9f4-45cb-b76e-b37d56002e64
Line Numbers                  

Raw Audit Messages            

avc: denied { search } for comm="df" dev=sda5 egid=0 euid=0 exe="/bin/df"
exit=-13 fsgid=0 fsuid=0 gid=0 items=0 name="/" pid=4546
scontext=system_u:system_r:logwatch_t:s0 sgid=0
subj=system_u:system_r:logwatch_t:s0 suid=0 tclass=dir
tcontext=system_u:object_r:default_t:s0 tty=(none) uid=0

Expected:
no blocking or fixed app ?

Comment 1 Daniel Walsh 2007-05-17 16:50:12 UTC

Anaconda problem that caused /root to mislabeled.  Fixed in rawhide.

Comment 2 David Timms 2007-07-17 09:39:49 UTC

Not seen after numerous F7 installs, so closing.

Note You need to log in before you can comment on or make changes to this bug.