Red Hat Bugzilla – Bug 437663
Dbus isn't allowed to look at NFS-mounted home directories
Last modified: 2008-11-10 08:40:05 EST
Description of problem: With home directories mounted via NFS, I get these errors: Mar 15 23:01:59 freddi kernel: audit(1205618519.328:7): avc: denied { search } for pid=2500 comm="dbus-daemon" name="" dev=0:15 ino=5963786 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:object_r:nfs_t:s0 tclass=dir I get these errors although I do have the boolean to allow NFS home directories set: freddi$ getsebool use_nfs_home_dirs use_nfs_home_dirs --> on freddi$ rpm -q selinux-policy selinux-policy-targeted selinux-policy-3.0.8-93.fc8 selinux-policy-targeted-3.0.8-93.fc8
Any idea why the systembus would be looking in your home directories? You can allow this for now by executing # audit2allow -M mypol -i /var/log/audit/audit.log # semodule -i mypol.pp Will be dontaudited in selinux-policy-3.0.8-94.fc8
In order to answer your question, I have investigated this a bit further. It turns out tge systembus isn't actually looking in the home directories, it's looking at /usr/local. Which I also have NFS mounted on this host. So while nothing what I wrote in comment 0 is incorrect, it is misleading. I still don't know why the systembus looks at /usr/local, but it seems to be a reasonable thing for it to do. So maybe it makes more sense for me to allow this locally, rather than for the default policy to hide it. I guess NFS-mounted /usr/local isn't something that is expected by the default policy. Sorry for the noise.