Red Hat Bugzilla – Bug 455697
SELinux is preventing perl (logwatch_t) "getattr" to /root (user_home_dir_t)
Last modified: 2009-01-20 16:32:12 EST
Description of problem:
SELinux is preventing perl (logwatch_t) "getattr" to /root (user_home_dir_t).
SELinux denied access requested by perl. It is not expected that this access is
required by perl and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.
Version-Release number of selected component (if applicable):
Source Context: system_u:system_r:logwatch_t:SystemLow-SystemHigh
Target Context: root:object_r:user_home_dir_t
Target Objects: /root [ dir ]
Source Path: /usr/bin/perl
Source RPM Packages: perl-5.8.8-10.el5_2.3
Target RPM Packages: filesystem-2.4.0-1
Policy RPM: selinux-policy-2.4.6-137.1.el5_2
Selinux Enabled: True
Policy Type: targeted
MLS Enabled: True
Enforcing Mode: Enforcing
Plugin Name: catchall_file
Host Name: funexafs
Platform: Linux funexafs 2.6.18-92.1.6.el5
Once a day - every day
Daniel, could you please look at this.
This looks like logwatch is searching the /root directory for bad contents?
I will have a fix for this in selinux-policy-2.4.6-142.el5
For now it can be ignored.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.