The following was filed automatically by setroubleshoot: Summary: SELinux is preventing the sealert from using potentially mislabeled files (/tmp). Detailed Description: [sealert has a permissive type (setroubleshoot_fixit_t). This access was not denied.] SELinux has denied sealert access to potentially mislabeled file(s) (/tmp). This means that SELinux will not allow sealert to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access: If you want sealert to access this files, you need to relabel them using restorecon -v '/tmp'. You might want to relabel the entire directory using restorecon -R -v '/tmp'. Additional Information: Source Context system_u:system_r:setroubleshoot_fixit_t:s0-s0:c0. c1023 Target Context system_u:object_r:tmp_t:s0 Target Objects /tmp [ dir ] Source sealert Source Path /usr/bin/python Port <Unknown> Host (removed) Source RPM Packages python-2.6.2-1.fc12 Target RPM Packages filesystem-2.4.30-1.fc12 Policy RPM selinux-policy-3.6.28-4.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name home_tmp_bad_labels Host Name (removed) Platform Linux (removed) 2.6.31-0.167.rc6.git6.fc12.i686 #1 SMP Thu Aug 20 21:27:51 EDT 2009 i686 athlon Alert Count 2 First Seen Sun 23 Aug 2009 10:43:47 PM BST Last Seen Sun 23 Aug 2009 10:43:47 PM BST Local ID 3c9080bd-f8ac-42bd-902c-3f8b8935e8f8 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1251063827.100:19221): avc: denied { read } for pid=18570 comm="sealert" name="tmp" dev=dm-0 ino=264 scontext=system_u:system_r:setroubleshoot_fixit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmp_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1251063827.100:19221): avc: denied { open } for pid=18570 comm="sealert" name="tmp" dev=dm-0 ino=264 scontext=system_u:system_r:setroubleshoot_fixit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmp_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1251063827.100:19221): arch=40000003 syscall=5 success=yes exit=9 a0=a843f5 a1=0 a2=1b6 a3=a9156a items=0 ppid=18569 pid=18570 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="sealert" exe="/usr/bin/python" subj=system_u:system_r:setroubleshoot_fixit_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= setroubleshoot_fixit_t ============== allow setroubleshoot_fixit_t tmp_t:dir { read open };
Fixed in selinux-policy-3.6.30-4.fc12.noarch