The following was filed automatically by setroubleshoot: Sommario: SELinux is preventing /usr/sbin/lsof "read" access on raw. Descrizione dettagliata: [lsof has a permissive type (devicekit_disk_t). This access was not denied.] SELinux denied access requested by lsof. It is not expected that this access is required by lsof and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Abilitazione accesso in corso: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Informazioni aggiuntive: Contesto della sorgente system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 Contesto target system_u:object_r:proc_net_t:s0 Oggetti target raw [ file ] Sorgente lsof Percorso della sorgente /usr/sbin/lsof Porta <Sconosciuto> Host (removed) Sorgente Pacchetti RPM lsof-4.82-1.fc12 Pacchetti RPM target RPM della policy selinux-policy-3.6.31-2.fc12 Selinux abilitato True Tipo di policy targeted MLS abilitato True Modalità Enforcing Enforcing Nome plugin catchall Host Name (removed) Piattaforma Linux (removed) 2.6.31-2.fc12.x86_64 #1 SMP Thu Sep 10 00:25:40 EDT 2009 x86_64 x86_64 Conteggio avvisi 4 Primo visto sab 12 set 2009 00:40:40 CEST Ultimo visto sab 12 set 2009 00:40:43 CEST ID locale 6b65a8c1-f581-451e-ba59-e19f83548a78 Numeri di linea Messaggi Raw Audit node=(removed) type=AVC msg=audit(1252708843.243:99): avc: denied { read } for pid=2360 comm="lsof" name="raw" dev=proc ino=4026531952 scontext=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 tcontext=system_u:object_r:proc_net_t:s0 tclass=file node=(removed) type=AVC msg=audit(1252708843.243:99): avc: denied { open } for pid=2360 comm="lsof" name="raw" dev=proc ino=4026531952 scontext=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 tcontext=system_u:object_r:proc_net_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1252708843.243:99): arch=c000003e syscall=2 success=yes exit=7 a0=1f9cec0 a1=0 a2=1b6 a3=238 items=0 ppid=1739 pid=2360 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="lsof" exe="/usr/sbin/lsof" subj=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= devicekit_disk_t ============== allow devicekit_disk_t proc_net_t:file { read open };
Including this, there are 75 warning, generated everytime. They are like: setroubleshoot: SELinux is preventing /usr/sbin/lsof "getattr" access on [item] Five of them are about a potentially mislabelled files, and four of them are like the object of this bug (with "read" ad action).
Please attach the audit.log compressed /var/log/audit/audit.log
Created attachment 360767 [details] /var/log/audit/audit.log gzip compressed
Fixed in selinux-policy-3.6.31-4.fc12.noarch