FC9, fully updated, with FS relabelled at last boot, runnign in permissive mode. [charlieb@localhost ~]$ sealert -l 50a8fb8a-3280-45ab-bee7-17b3f425476c Summary: SELinux is preventing the 00-netreport (system_dbusd_t) from executing ./00-netreport. Detailed Description: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux has denied the 00-netreport from executing ./00-netreport. If 00-netreport is supposed to be able to execute ./00-netreport, this could be a labeling problem. Most confined domains are allowed to execute files labeled bin_t. So you could change the labeling on this file to bin_t and retry the application. If this 00-netreport is not supposed to execute ./00-netreport, this could signal a intrusion attempt. Allowing Access: If you want to allow 00-netreport to execute ./00-netreport: chcon -t bin_t './00-netreport' If this fix works, please update the file context on disk, with the following command: semanage fcontext -a -t bin_t './00-netreport' Please specify the full path to the executable, Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this selinux-policy to make sure this becomes the default labeling. Additional Information: Source Context system_u:system_r:system_dbusd_t:s0 Target Context system_u:object_r:etc_t:s0 Target Objects ./00-netreport [ file ] Source 00-netreport Source Path /bin/bash Port <Unknown> Host localhost.localdomain Source RPM Packages bash-3.2-22.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-79.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name execute Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25.11-97.fc9.x86_64 #1 SMP Mon Jul 21 01:09:10 EDT 2008 x86_64 x86_64 Alert Count 101 First Seen Sun May 11 15:37:06 2008 Last Seen Tue Jul 29 09:14:00 2008 Local ID 50a8fb8a-3280-45ab-bee7-17b3f425476c Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1217337240.290:181): avc: denied { execute } for pid=3104 comm="nm-dispatcher.a" name="00-netreport" dev=dm-0 ino=8880217 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file host=localhost.localdomain type=AVC msg=audit(1217337240.290:181): avc: denied { execute_no_trans } for pid=3104 comm="nm-dispatcher.a" path="/etc/NetworkManager/dispatcher.d/00-netreport" dev=dm-0 ino=8880217 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=file host=localhost.localdomain type=AVC msg=audit(1217337240.290:181): avc: denied { execute } for pid=3104 comm="nm-dispatcher.a" name="bash" dev=dm-0 ino=18611 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file host=localhost.localdomain type=AVC msg=audit(1217337240.290:181): avc: denied { read } for pid=3104 comm="nm-dispatcher.a" name="bash" dev=dm-0 ino=18611 scontext=system_u:system_r:system_dbusd_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file host=localhost.localdomain type=SYSCALL msg=audit(1217337240.290:181): arch=c000003e syscall=59 success=yes exit=0 a0=897640 a1=7fff84310610 a2=7fff84310580 a3=0 items=0 ppid=3103 pid=3104 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="00-netreport" exe="/bin/bash" subj=system_u:system_r:system_dbusd_t:s0 key=(null) [charlieb@localhost ~]$
*** This bug has been marked as a duplicate of 457051 ***