Red Hat Bugzilla – Bug 468318
SELinux is preventing updatedb (locate_t) "getattr" to /mnt/hgfs (unlabeled_t).
Last modified: 2008-10-27 16:28:50 EDT
Description of problem:
SELinux denied access requested by updatedb. It is not expected that this access is required by updatedb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Version-Release number of selected component (if applicable):
Source Context: system_u:system_r:locate_t:s0
Target Context: system_u:object_r:unlabeled_t:s0
Target Objects: /mnt/hgfs [ dir ]
Source Path: /usr/bin/updatedb
Source RPM Packages: mlocate-0.21-1.fc10
Target RPM Packages:
Policy RPM: selinux-policy-3.5.13-4.fc10
Selinux Enabled: True
Policy Type: targeted
MLS Enabled: True
Enforcing Mode: Enforcing
Plugin Name: catchall_file
Host Name: fedora
Platform: Linux fedora 184.108.40.206-39.fc10.x86_64 #1 SMP Wed Oct 22 21:04:28 EDT 2008 x86_64 x86_64
running fedora rawhide 64bits inside vmware workstation 6.5 on a vista host with share enabled to allow access of host files from fedora guest.
vmware-tools are compiled and installed.
Steps to Reproduce:
1. cp something to /mnt/hgfs/Downloads
[root@fedora ~]# cp .bashrc /mnt/hgfs/Downloads/
cp: cannot create regular file `/mnt/hgfs/Downloads/.bashrc': Permission denied
Fixed in selinux-policy-3.5.13-7.fc10
Fix verified in selinux-policy-3.5.13-8.fc10. Thanks for your quick fix.