Description of problem: SELinux denied access requested by /usr/sbin/tmpwatch. It is not expected that this access is required by /usr/sbin/tmpwatch and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Version-Release number of selected component (if applicable): How reproducible: selinux-policy-3.0.8-47.fc8 Steps to Reproduce: 1. 2. 3. Actual results: SELinux doesn't complain Expected results: See attachment Additional info:
Created attachment 260601 [details] Output from: setroubleshoot browser
Thanks for your report. Usually, log files in /var/log are handled by logrotate. Is running tmpwatch in /var/log necessary?
I don't particularly care where it runs. This is a default installation so the execution directory was not set by me. I'll have to rummage around to fix it. It should work out-of-the-box otherwise a real security issue gets lost in all the bogus ones.
kismet is setting up tmpwatch to look at the log files. You can allow this for now by executing # audit2allow -M mypol -i /var/log/audit/audit.log # semodule -i mypol.pp Fixed in selinux-policy-3.0.8-58.fc8
Bulk closing all bugs in Fedora updates in the modified state. If you bug is not fixed, please reopen.