Bug 433175 - SELinux is preventing crond (crond_t) "search" to root (dir_root_t).
SELinux is preventing crond (crond_t) "search" to root (dir_root_t).
Status: CLOSED DUPLICATE of bug 433173
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
i686 Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2008-02-17 01:27 EST by Tim McConnell
Modified: 2008-02-18 12:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-02-18 12:07:12 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Tim McConnell 2008-02-17 01:27:34 EST
Description of problem:
SELinux denied access requested by crond. It is not expected that this
    access is required by crond and this access may signal an intrusion attempt.
    It is also possible that the specific version or configuration of the
    application is causing it to require additional access.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Allowing Access
    Sometimes labeling problems can cause SELinux denials.  You could try to
    restore the default system file context for root, restorecon -v root If this
    does not work, there is currently no automatic way to allow this access.
    Instead,  you can generate a local policy module to allow this access - see
    http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable
    SELinux protection altogether. Disabling SELinux protection is not
    recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
    against this package.

Additional Information        

Source Context                system_u:system_r:crond_t:SystemLow-SystemHigh
Target Context                system_u:object_r:dir_root_t
Target Objects                root [ dir ]
Affected RPM Packages         filesystem-2.4.6-1.fc7 [target]
Policy RPM                    selinux-policy-2.6.4-70.fc7
Selinux Enabled               True
Policy Type                   seedit
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.catchall_file
Host Name                     timmieland.private
Platform                      Linux timmieland.private #1 SMP
                              Sun Jan 20 23:54:08 EST 2008 i686 athlon
Alert Count                   7
First Seen                    Sat 16 Feb 2008 04:00:01 PM MST
Last Seen                     Sat 16 Feb 2008 11:00:01 PM MST
Local ID                      4cac8590-8695-4f60-8651-a6e0ff5882b3
Line Numbers                  

Raw Audit Messages            

avc: denied { search } for comm="crond" dev=dm-0 name="root" pid=4147
scontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tclass=dir
Comment 1 Daniel Walsh 2008-02-18 12:07:12 EST
These bugs are all related to experimentation?

*** This bug has been marked as a duplicate of 433173 ***

Note You need to log in before you can comment on or make changes to this bug.