The following was filed automatically by setroubleshoot: Résumé: SELinux is preventing ldconfig "read" access to to a leaked file descriptor on console Description détaillée: [ldconfig has a permissive type (ldconfig_t). This access was not denied.] SELinux denied access requested by the ldconfig command. It looks like this is either a leaked descriptor or ldconfig output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the console. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc. Autoriser l'accès: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Informations complémentaires: Contexte source unconfined_u:system_r:ldconfig_t:s0-s0:c0.c1023 Contexte cible system_u:object_r:console_device_t:s0 Objets du contexte console [ chr_file ] source ldconfig Chemin de la source /sbin/ldconfig Port <Inconnu> Hôte (removed) Paquetages RPM source glibc-2.10.90-20 Paquetages RPM cible Politique RPM selinux-policy-3.6.30-2.fc12 Selinux activé True Type de politique targeted MLS activé True Mode strict Enforcing Nom du plugin leaks Nom de l'hôte (removed) Plateforme Linux (removed) 2.6.31-0.138.rc5.git3.fc12.x86_64 #1 SMP Thu Aug 6 16:59:15 EDT 2009 x86_64 x86_64 Compteur d'alertes 26 Première alerte sam. 05 sept. 2009 15:39:31 CEST Dernière alerte sam. 05 sept. 2009 15:56:29 CEST ID local 63f3eb8f-fc68-4b6a-8ed9-403cb29b4a8f Numéros des lignes Messages d'audit bruts node=(removed) type=AVC msg=audit(1252158989.157:256): avc: denied { read } for pid=17569 comm="ldconfig" name="console" dev=tmpfs ino=1052 scontext=unconfined_u:system_r:ldconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:console_device_t:s0 tclass=chr_file node=(removed) type=SYSCALL msg=audit(1252158989.157:256): arch=c000003e syscall=59 success=yes exit=0 a0=12310f70 a1=1241b570 a2=7fffc002abf8 a3=20 items=0 ppid=7339 pid=17569 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty1 ses=1 comm="ldconfig" exe="/sbin/ldconfig" subj=unconfined_u:system_r:ldconfig_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= ldconfig_t ============== allow ldconfig_t console_device_t:chr_file read;
This bug appears to have been reported against 'rawhide' during the Fedora 12 development cycle. Changing version to '12'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Fixed in current release.