Description of problem: Summary SELinux is preventing /usr/sbin/in.tftpd (tftpd_t) "create" to <Unknown> (tftpd_t). Detailed Description SELinux denied access requested by /usr/sbin/in.tftpd. It is not expected that this access is required by /usr/sbin/in.tftpd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access You can generate a local policy module to allow this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. Additional Information Source Context user_u:system_r:tftpd_t Target Context user_u:system_r:tftpd_t Target Objects None [ netlink_route_socket ] Affected RPM Packages tftp-server-0.42-4 [application] Policy RPM selinux-policy-2.6.4-33.fc7 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name plugins.catchall Host Name yoyo.ms.unimelb.edu.au Platform Linux yoyo.ms.unimelb.edu.au 2.6.22.1-41.fc7 #1 SMP Fri Jul 27 18:10:34 EDT 2007 i686 i686 Alert Count 10 First Seen Wed 22 Aug 2007 11:05:24 AM EST Last Seen Wed 22 Aug 2007 11:12:32 AM EST Local ID c1a0385e-7512-45ec-a8ae-6aa0ff6bfc71 Line Numbers Raw Audit Messages avc: denied { create } for comm="in.tftpd" egid=0 euid=0 exe="/usr/sbin/in.tftpd" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 pid=14399 scontext=user_u:system_r:tftpd_t:s0 sgid=0 subj=user_u:system_r:tftpd_t:s0 suid=0 tclass=netlink_route_socket tcontext=user_u:system_r:tftpd_t:s0 tty=(none) uid=0 Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Fixed in selinux-policy-2.6.4-40
Bulk closing all bugs in Fedora updates in the modified state. If you bug is not fixed, please reopen.