Description of problem: When I open service configuration SElinux sends the following message: SELinux is preventing gam_server (gamin_t) "sys_ptrace" to <Unknown> (gamin_t). could not fix with audit2allow -m local -l -i /var/log/messages > local.te Version-Release number of selected component (if applicable): How reproducible: reproducible Steps to Reproduce: 1.open service configuration 2. 3. Actual results: AVC denial Expected results: Additional info:
Please attach the AVC messages.
SummarySELinux is preventing gam_server (gamin_t) "sys_ptrace" to <Unknown> (gamin_t). Detailed DescriptionSELinux denied access requested by gam_server. It is not expected that this access is required by gam_server and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing AccessYou can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package. Additional Information Source Context: system_u:system_r:gamin_t:s0 Target Context: system_u:system_r:gamin_t:s0 Target Objects: None [ capability ] Source: gam_server Source Path: /usr/libexec/gam_server Port: <Unknown> Host: buoySource RPM Packages: gamin-0.1.9-5.fc9 Target RPM Packages: Policy RPM: selinux-policy-3.3.1-28.fc9 Selinux Enabled: TruePolicy Type: targeted MLS Enabled: True Enforcing Mode: Enforcing Plugin Name: catchall Host Name: buoy Platform: Linux buoy 2.6.25-0.195.rc8.git1.fc9.i686 #1 SMP Thu Apr 3 09:42:34 EDT 2008 i686 i686 Alert Count: 2838 First Seen: Sun 06 Apr 2008 10:27:16 PM CESTLast Seen: Tue 08 Apr 2008 09:17:43 AM CESTLocal ID: fd3ca823-e0e2-4101-bc28-cb410b7938dd Line Numbers: Raw Audit Messages : host=buoy type=AVC msg=audit(1207639063.815:2330): avc: denied { sys_ptrace } for pid=2848 comm="gam_server" capability=19 scontext=system_u:system_r:gamin_t:s0 tcontext=system_u:system_r:gamin_t:s0 tclass=capability host=buoy type=SYSCALL msg=audit(1207639063.815:2330): arch=40000003 syscall=195 success=no exit=-13 a0=81d4ab0 a1=bfc6a2a0 a2=4ceff4 a3=bfc6a43c items=0 ppid=1 pid=2848 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="gam_server" exe="/usr/libexec/gam_server" subj=system_u:system_r:gamin_t:s0 key=(null)
You can allow this for now by executing # audit2allow -M mypol -i /var/log/audit/audit.log # semodule -i mypol.pp Fixed in selinux-policy-3.3.1-29.fc9