This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
First Last Prev Next    This bug is not in your last search results.
Bug 241497 - f7-rc2 fresh install - audit messages
f7-rc2 fresh install - audit messages
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: policycoreutils (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
: 241613 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-05-26 16:01 EDT by Darwin H. Webb
Modified: 2008-01-21 10:52 EST (History)
1 user (show)

See Also:
Fixed In Version: Current
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-21 10:52:07 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
audit messages-file (5.71 KB, text/plain)
2007-05-26 16:01 EDT, Darwin H. Webb 		no flags Details
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Darwin H. Webb 2007-05-26 16:01:58 EDT 
Description of problem:
While creating a printer (Windows shared printer) cups triggers SETroubleshoot
with default_t

avc: denied { search } for comm="python" dev=dm-0 egid=7 euid=0
exe="/usr/bin/python" exit=-13 fsgid=7 fsuid=0 gid=7 items=0 name="root"
pid=3255 scontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 sgid=7
subj=system_u:system_r:cupsd_t:s0-s0:c0.c1023 suid=0 tclass=dir
tcontext=system_u:object_r:default_t:s0 tty=(none) uid=0 

Also there are some denials for rhgb during first boot - along with bluetooth
and smartd. Attached file from messages.


Version-Release number of selected component (if applicable):
selinux-policy-2.6.4-8.fc7

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Darwin H. Webb 2007-05-26 16:01:58 EDT 
Created attachment 155506 [details]
audit messages-file
Comment 2 Daniel Walsh 2007-05-29 11:08:50 EDT 
This looks like a problem with anaconda/install not labeling /root correctly.
Comment 3 Chris Lumens 2007-05-31 10:49:12 EDT 
*** Bug 241613 has been marked as a duplicate of this bug. ***
Comment 4 Chris Lumens 2007-05-31 17:15:19 EDT 
As discussed in the office - looks like genhomedircon needs to write out policy
for users if it can't tell if selinux is enabled or not (line 266, in
getHomeDirContext).
Comment 5 Daniel Walsh 2007-06-01 10:38:18 EDT 
Fixed in 
policycoreutils-2.0.19-2.fc8
policycoreutils-2.0.16-4.fc7

Also selinux-policy-2.6.4-12.fc7  will trigger relabel of /root.
Comment 6 Darwin H. Webb 2007-06-02 02:39:29 EDT 
selinux-policy-2.6.4-12.fc7 - This or tageted pakage got /temp/tmprpm segfault
at line 14 no jodcontrol FG
This has happened several times on the selinux package.

Policycoreutils is not available

Finally, all of these are in updates-testing and most would never know they exit.
I didn't know until you said here because I usually look in the rep structure of
a mirror but none I can get to have an updates testing for fc7 or it is empty.

I know it is early in the release but but can these ealy updates be tested on
the fedora side and released earlier.
Beciase something is causing erros in f7 and it needs to be found. My user space
bombs off fairly oftem back to the log on screen.
Fx is the key program and so what ever it is using is not right.

Also, did you get all those cups errors for /tmp/smbspool fixed? It is on
another bug.

That's been going on since fc6 and blocks smb windows shred printed.
The cups guy says it selinux and cifs but I say it Fedora.

Darwin
Comment 7 Daniel Walsh 2007-06-04 11:31:22 EDT 
Fixed will be in selinux-policy-2.6.4-13

What is the bugzilla number of the smbspool problem?
Comment 8 Darwin H. Webb 2007-06-04 14:21:54 EDT 
The smbspool bug # is 199631

thank you,

Darwin
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.