Description of problem: Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Summary: NEW INSTALL OF FED9-ERROR BELOW GIVEN JUST AFTER FULL UPDATE> SELinux is preventing mono (unlabeled_t) "unix_write" to <Unknown> (unlabeled_t). Detailed Description: SELinux denied access requested by mono. It is not expected that this access is required by mono and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:object_r:unlabeled_t:s0 Target Context system_u:object_r:unlabeled_t:s0 Target Objects None [ sem ] Source mono Source Path /usr/bin/mono Port <Unknown> Host localhost.localdomain Source RPM Packages mono-core-1.9.1-2.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-42.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-14.fc9.i686 #1 SMP Thu May 1 06:28:41 EDT 2008 i686 athlon Alert Count 1 First Seen Fri 15 Aug 2008 09:34:33 AM BST Last Seen Fri 15 Aug 2008 09:34:33 AM BST Local ID dc32310c-ce0a-4849-b448-c5e83b7c02d0 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1218789273.216:150): avc: denied { unix_write } for pid=2826 comm="mono" key=1293058116 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sem host=localhost.localdomain type=SYSCALL msg=audit(1218789273.216:150): arch=40000003 syscall=117 per=400000 success=no exit=-13 a0=1 a1=0 a2=1 a3=0 items=0 ppid=1 pid=2826 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="mono" exe="/usr/bin/mono" subj=system_u:object_r:unlabeled_t:s0 key=(null) Expected results: Additional info:
Could you tell me the SELinux settings you're running (Strict etc) and the version of mono this came from?
also more verbose about what unlabeled dir is
SELinux settings are default. I have been unable to track down directory. I have updated several times since incident -and have had no subsequent errors reported. Chris
If it's installed, run system-config-selinux, that will tell you what your settings are. As you've had no more problems, it's probably safe to close this bug.
SELinux System default enforcing mode -Enforcing Current enforcing mode -Enforcing System default policy type-Targeted mono-core-1.9.1-2.fc9(i386) installed at present-not sure if this was version installed when error occurred. Chris Marshall