Description of problem: SELinux denied access requested by accton. It is not expected that this access is required by accton and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Version-Release number of selected component (if applicable): selinux-policy-3.5.13-57.fc10.noarch How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Source Context: system_u:system_r:acct_t:s0-s0:c0.c1023 Target Context: system_u:object_r:inotifyfs_t:s0Target Objects: inotify [ dir ] Source: accton Source Path: /sbin/accton Port: <Unknown> Source RPM Packages: psacct-6.3.2-51.fc10 Policy RPM: selinux-policy-3.5.13-57.fc10 Selinux Enabled: True Policy Type: targeted MLS Enabled: True Enforcing Mode: Permissive Plugin Name: catchall_file Raw Audit Messages : node=2x4b-523p.englab.brq.redhat.com type=AVC msg=audit(1241057292.115:5049): avc: denied { read } for pid=13366 comm="accton" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:acct_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir node=2x4b-523p.englab.brq.redhat.com type=SYSCALL msg=audit(1241057292.115:5049): arch=c000003e syscall=59 success=yes exit=0 a0=131f100 a1=131e5c0 a2=131e210 a3=8 items=0 ppid=13355 pid=13366 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=589 comm="accton" exe="/sbin/accton" subj=system_u:system_r:acct_t:s0-s0:c0.c1023 key=(null) Expected results: Additional info:
Is accton run out of cron?
It looks like cron.daily runs /etc/cron.daily/logrotate that runs /etc/logrotate.d/psacct with command /usr/sbin/accton /var/account/pacct
Cron is leaking an open file descriptor to inotifyfs which is causing this problem. Reassigning. You can ignore the error for now.
Should be fixed in rawhide. Please test the update cronie-1.2-8.fc10
cronie-1.2-8.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/cronie-1.2-8.fc10
cronie-1.2-8.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.