Bug 450383 - Repeated access denial that floods SETroubleshoot
Repeated access denial that floods SETroubleshoot
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
9
i386 Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-06-07 06:52 EDT by Volans
Modified: 2008-06-10 16:22 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-06-10 16:22:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
The full access denial report (2.90 KB, text/plain)
2008-06-07 06:52 EDT, Volans
no flags Details

  None (edit)
Description Volans 2008-06-07 06:52:13 EDT
Description of problem:
I keep getting random time adverts which tell me that SELinux has prevented an
access. The problem happens (I think) once a day, without me doing anything.


Version-Release number of selected component (if applicable):

selinux-policy-3.3.1-55.fc9

How reproducible:

I can't reproduce it. It happens randomly.

Steps to Reproduce:
1.
2.
3.
  
Actual results:

Access to a file is prevented.

Expected results:

A message keeps showing telling me that SELinux stopped and access. I get a long
list of prevented accesses, which I can't delete because it's very long and
floods the computer. 


Additional info:

The problem is related with VirtualBox. Actually, the error message shows this:

"
SELinux is preventing tmpwatch (tmpreaper_t) "getattr" to
/tmp/vbox.1/common/string/strformattype.c (usr_t).
"

"SELinux denied access requested by tmpwatch. It is not expected that this
access is required by tmpwatch and this access may signal an intrusion attempt.
It is also possible that the specific version or configuration of the
application is causing it to require additional access. "
Comment 1 Volans 2008-06-07 06:52:13 EDT
Created attachment 308603 [details]
The full access denial report
Comment 2 Daniel Walsh 2008-06-10 16:22:20 EDT
Just remove the file/dir

rm -rf /tmp/vbox.1

tmpreaper is not allowed to delete files on the file system with the label usr_t.

This looks like a file/directory was moved to /tmp but the label was left usr_t.

If you do not want to remove these files you can execute

chcon -R -t tmp_t /tmp/vbox.1

Note You need to log in before you can comment on or make changes to this bug.