The following was filed automatically by setroubleshoot: Summary: SELinux is preventing the update-mime-dat from using potentially mislabeled files (futuresplash.xml.new). Detailed Description: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux has denied update-mime-dat access to potentially mislabeled file(s) (futuresplash.xml.new). This means that SELinux will not allow update-mime-dat to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access: If you want update-mime-dat to access this files, you need to relabel them using restorecon -v 'futuresplash.xml.new'. You might want to relabel the entire directory using restorecon -R -v 'futuresplash.xml.new'. Additional Information: Source Context unconfined_u:unconfined_r:nsplugin_t:SystemLow- SystemHigh Target Context system_u:object_r:gconf_home_t:SystemLow Target Objects futuresplash.xml.new [ dir ] Source update-mime-dat Source Path /usr/bin/update-mime-database Port <Unknown> Host (removed) Source RPM Packages shared-mime-info-0.60-3.fc11 Target RPM Packages Policy RPM selinux-policy-3.6.19-4.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name home_tmp_bad_labels Host Name (removed) Platform Linux (removed) 2.6.31-0.24.rc0.git18.fc12.i586 #1 SMP Mon Jun 22 16:26:17 EDT 2009 i686 i686 Alert Count 3 First Seen Thu 25 Jun 2009 03:16:27 PM CDT Last Seen Thu 25 Jun 2009 03:16:27 PM CDT Local ID b23b349c-516e-4b30-8971-dfa4b4bb50ee Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1245960987.183:142): avc: denied { remove_name } for pid=6364 comm="update-mime-dat" name="futuresplash.xml.new" dev=dm-0 ino=1359875 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_u:object_r:gconf_home_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1245960987.183:142): avc: denied { rename } for pid=6364 comm="update-mime-dat" name="futuresplash.xml.new" dev=dm-0 ino=1359875 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:gconf_home_t:s0 tclass=file node=(removed) type=AVC msg=audit(1245960987.183:142): avc: denied { unlink } for pid=6364 comm="update-mime-dat" name="futuresplash.xml" dev=dm-0 ino=1360176 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:gconf_home_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1245960987.183:142): arch=40000003 syscall=38 success=yes exit=0 a0=8969600 a1=8968f10 a2=8969600 a3=8968f10 items=0 ppid=6341 pid=6364 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="update-mime-dat" exe="/usr/bin/update-mime-database" subj=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= nsplugin_t ============== allow nsplugin_t gconf_home_t:dir remove_name; allow nsplugin_t gconf_home_t:file { rename unlink };
*** This bug has been marked as a duplicate of bug 508150 ***