Red Hat Bugzilla – Bug 450383
Repeated access denial that floods SETroubleshoot
Last modified: 2008-06-10 16:22:20 EDT
Description of problem:
I keep getting random time adverts which tell me that SELinux has prevented an
access. The problem happens (I think) once a day, without me doing anything.
Version-Release number of selected component (if applicable):
I can't reproduce it. It happens randomly.
Steps to Reproduce:
Access to a file is prevented.
A message keeps showing telling me that SELinux stopped and access. I get a long
list of prevented accesses, which I can't delete because it's very long and
floods the computer.
The problem is related with VirtualBox. Actually, the error message shows this:
SELinux is preventing tmpwatch (tmpreaper_t) "getattr" to
"SELinux denied access requested by tmpwatch. It is not expected that this
access is required by tmpwatch and this access may signal an intrusion attempt.
It is also possible that the specific version or configuration of the
application is causing it to require additional access. "
Created attachment 308603 [details]
The full access denial report
Just remove the file/dir
rm -rf /tmp/vbox.1
tmpreaper is not allowed to delete files on the file system with the label usr_t.
This looks like a file/directory was moved to /tmp but the label was left usr_t.
If you do not want to remove these files you can execute
chcon -R -t tmp_t /tmp/vbox.1