Description of problem: SELinux is preventing kerneloops (kerneloops_t) "read" inotifyfs_t. Version-Release number of selected component (if applicable): selinux-policy-3.6.7-2.fc11 How reproducible: many times Steps to Reproduce: 1.boot 2.login 3. Actual results: avc Expected results: no avc Additional info: Summary: SELinux is preventing kerneloops (kerneloops_t) "read" inotifyfs_t. Detailed Description: SELinux denied access requested by kerneloops. It is not expected that this access is required by kerneloops and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:kerneloops_t:s0-s0:c0.c1023 Target Context system_u:object_r:inotifyfs_t:s0 Target Objects inotify [ dir ] Source kerneloops Source Path /usr/sbin/kerneloops Port <Unknown> Host walnut Source RPM Packages kerneloops-0.12-3.fc11 Target RPM Packages Policy RPM selinux-policy-3.6.7-2.fc11 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name walnut Platform Linux walnut 2.6.29-0.203.rc7.fc11.i586 #1 SMP Wed Mar 4 18:03:29 EST 2009 i686 i686 Alert Count 1 First Seen Thu 05 Mar 2009 10:03:32 PM CST Last Seen Thu 05 Mar 2009 10:03:32 PM CST Local ID 9bce5f97-0cff-4fb6-b004-9d9acf7558af Line Numbers Raw Audit Messages node=walnut type=AVC msg=audit(1236312212.665:28): avc: denied { read } for pid=2837 comm="kerneloops" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:kerneloops_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir node=walnut type=SYSCALL msg=audit(1236312212.665:28): arch=40000003 syscall=11 success=yes exit=0 a0=84bae20 a1=84bade8 a2=84ba008 a3=84bd368 items=0 ppid=2836 pid=2837 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kerneloops" exe="/usr/sbin/kerneloops" subj=system_u:system_r:kerneloops_t:s0-s0:c0.c1023 key=(null)
oops. corrected component.
Fixed in selinux-policy-3.6.8-1.fc11