Bug 459240 - NEW INSTALL OF FED9-ERROR BELOW GIVEN JUST AFTER FULL UPDATE
NEW INSTALL OF FED9-ERROR BELOW GIVEN JUST AFTER FULL UPDATE
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: mono (Show other bugs)
9
All Linux
medium Severity medium
: ---
: ---
Assigned To: Xavier Lamien
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-08-15 05:43 EDT by chrismtb
Modified: 2008-10-12 16:58 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-10-11 19:29:59 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description chrismtb 2008-08-15 05:43:52 EDT
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:
Summary:
NEW INSTALL OF FED9-ERROR BELOW GIVEN JUST AFTER FULL UPDATE>

SELinux is preventing mono (unlabeled_t) "unix_write" to <Unknown>
(unlabeled_t).

Detailed Description:

SELinux denied access requested by mono. It is not expected that this access is
required by mono and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:object_r:unlabeled_t:s0
Target Context                system_u:object_r:unlabeled_t:s0
Target Objects                None [ sem ]
Source                        mono
Source Path                   /usr/bin/mono
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           mono-core-1.9.1-2.fc9
Target RPM Packages           
Policy RPM                    selinux-policy-3.3.1-42.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.25-14.fc9.i686 #1
                              SMP Thu May 1 06:28:41 EDT 2008 i686 athlon
Alert Count                   1
First Seen                    Fri 15 Aug 2008 09:34:33 AM BST
Last Seen                     Fri 15 Aug 2008 09:34:33 AM BST
Local ID                      dc32310c-ce0a-4849-b448-c5e83b7c02d0
Line Numbers                  

Raw Audit Messages            

host=localhost.localdomain type=AVC msg=audit(1218789273.216:150): avc:  denied  { unix_write } for  pid=2826 comm="mono" key=1293058116 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sem

host=localhost.localdomain type=SYSCALL msg=audit(1218789273.216:150): arch=40000003 syscall=117 per=400000 success=no exit=-13 a0=1 a1=0 a2=1 a3=0 items=0 ppid=1 pid=2826 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="mono" exe="/usr/bin/mono" subj=system_u:object_r:unlabeled_t:s0 key=(null)





Expected results:


Additional info:
Comment 1 Paul F. Johnson 2008-10-11 17:53:15 EDT
Could you tell me the SELinux settings you're running (Strict etc) and the version of mono this came from?
Comment 2 Xavier Lamien 2008-10-11 18:03:02 EDT
also more verbose about what unlabeled dir is
Comment 3 chrismtb 2008-10-11 19:21:14 EDT
SELinux settings are default.

I have been unable to track down directory.

I have updated several times since incident -and have had no subsequent errors reported.

Chris
Comment 4 Paul F. Johnson 2008-10-11 19:29:59 EDT
If it's installed, run system-config-selinux, that will tell you what your settings are.

As you've had no more problems, it's probably safe to close this bug.
Comment 5 chrismtb 2008-10-12 16:58:51 EDT
SELinux
System default enforcing mode -Enforcing

Current enforcing mode -Enforcing

System default policy type-Targeted



mono-core-1.9.1-2.fc9(i386) installed at present-not sure if this was version installed when error occurred.

Chris Marshall

Note You need to log in before you can comment on or make changes to this bug.