Description of problem: Summary: SELinux is preventing mailx (sendmail_t) "read" inotify (inotifyfs_t). Detailed Description: SELinux denied access requested by the mailx command. It looks like this is either a leaked descriptor or mailx output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the inotify. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Additional Information: Source Context unconfined_u:system_r:sendmail_t:s0 Target Context system_u:object_r:inotifyfs_t:s0 Target Objects inotify [ dir ] Source mailx Source Path /bin/mailx Port <Unknown> Host (removed) Source RPM Packages mailx-12.4-3.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.28-5.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name leaks Host Name (removed) Platform Linux (removed) 2.6.31-0.125.4.2.rc5.git2.fc12.i686 #1 SMP Tue Aug 11 21:20:05 EDT 2009 i686 i686 Alert Count 8 First Seen Sat 15 Aug 2009 03:35:44 PM EDT Last Seen Sat 15 Aug 2009 04:11:35 PM EDT Local ID 2e34d5dd-dbba-4c15-8989-b9e49cf7ea59 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1250367095.123:85): avc: denied { read } for pid=2446 comm="mailx" path="inotify" dev=inotifyfs ino=1 scontext=unconfined_u:system_r:sendmail_t:s0 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1250367095.123:85): avc: denied { read write } for pid=2446 comm="mailx" path="/var/run/abrt.lock" dev=dm-0 ino=344298 scontext=unconfined_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:abrt_var_run_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1250367095.123:85): arch=40000003 syscall=11 success=yes exit=0 a0=9f01e70 a1=9f01ee8 a2=9f01250 a3=9f01ee8 items=0 ppid=2239 pid=2446 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="mailx" exe="/bin/mailx" subj=unconfined_u:system_r:sendmail_t:s0 key=(null) Version-Release number of selected component (if applicable): How reproducible: always Steps to Reproduce: 1. install abrt and configure it for Mailx plugin (abrt.conf: Mailx has to be in EnabledPlugins in AnalyzerActionsAndReporters CCpp = Mailx ) 2. generate a crash, run abrt-gui (or click tray icon) 3. click on "Report", then "Send" Actual results: AVC denial Expected results: mail sent Additional info:
abrt is leaking an open file descriptor to inotify.
Daniel you can ignore this for now.
What to do with this one? is the fd leak still present?
This bug appears to have been reported against 'rawhide' during the Fedora 12 development cycle. Changing version to '12'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Not now, I hope. $ git log 3d6f441 --oneline | head -n 1 3d6f441 fork_execv_on_steroids: close other end of the pipe in the child
*** Bug 585685 has been marked as a duplicate of this bug. ***
*** Bug 587950 has been marked as a duplicate of this bug. ***
*** Bug 581911 has been marked as a duplicate of this bug. ***
*** Bug 578507 has been marked as a duplicate of this bug. ***
Not working
Perhaps this can be closed now, inotify_fd leak has been plugged, fix will be in 1.1.4
abrt-1.1.13-1.fc14 has been submitted as an update for Fedora 14. http://admin.fedoraproject.org/updates/abrt-1.1.13-1.fc14
abrt-1.1.13-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/abrt-1.1.13-1.fc13
abrt-1.1.13-1.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update abrt'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/abrt-1.1.13-1.fc14
abrt-1.1.13-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/abrt-1.1.13-1.fc12
abrt-1.1.13-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
abrt-1.1.13-2.fc14 has been submitted as an update for Fedora 14. http://admin.fedoraproject.org/updates/abrt-1.1.13-2.fc14
abrt-1.1.13-2.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
abrt-1.1.13-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.