The following was filed automatically by setroubleshoot: Sommario: SELinux is preventing /bin/rm "unlink" access on prelink.force. Descrizione dettagliata: [rm has a permissive type (system_cronjob_t). This access was not denied.] SELinux denied access requested by rm. It is not expected that this access is required by rm and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Abilitazione accesso in corso: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Informazioni aggiuntive: Contesto della sorgente system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 Contesto target system_u:object_r:var_lib_t:s0 Oggetti target prelink.force [ file ] Sorgente rm Percorso della sorgente /bin/rm Porta <Sconosciuto> Host (removed) Sorgente Pacchetti RPM coreutils-7.5-6.fc12 Pacchetti RPM target RPM della policy selinux-policy-3.6.31-3.fc12 Selinux abilitato True Tipo di policy targeted MLS abilitato True Modalità Enforcing Enforcing Nome plugin catchall Host Name (removed) Piattaforma Linux (removed) 2.6.31-0.125.4.2.rc5.git2.fc12.i686.PAE #1 SMP Tue Aug 11 21:01:03 EDT 2009 i686 i686 Conteggio avvisi 1 Primo visto dom 13 set 2009 13:41:32 CEST Ultimo visto dom 13 set 2009 13:41:32 CEST ID locale 11c5eb3c-e9c6-43c8-a085-57472ab3c6c7 Numeri di linea Messaggi Raw Audit node=(removed) type=AVC msg=audit(1252842092.530:12706): avc: denied { unlink } for pid=31639 comm="rm" name="prelink.force" dev=dm-3 ino=1195 scontext=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_lib_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1252842092.530:12706): arch=40000003 syscall=301 success=yes exit=0 a0=ffffff9c a1=bf9c3f41 a2=0 a3=2 items=0 ppid=31636 pid=31639 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="rm" exe="/bin/rm" subj=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= system_cronjob_t ============== allow system_cronjob_t var_lib_t:file unlink;
This looks like a labeling problem. restorecon -R -v /var/lib