The following was filed automatically by setroubleshoot: Summary: SELinux is preventing /sbin/ldconfig "read" access on /usr/share/ibus-pinyin/engine/pysqlitedb.py. Detailed Description: [ldconfig has a permissive type (ldconfig_t). This access was not denied.] SELinux denied access requested by ldconfig. It is not expected that this access is required by ldconfig and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:ldconfig_t:s0-s0:c0.c1023 Target Context system_u:object_r:usr_t:s0 Target Objects /usr/share/ibus-pinyin/engine/pysqlitedb.py [ file ] Source ldconfig Source Path /sbin/ldconfig Port <Unknown> Host (removed) Source RPM Packages glibc-2.10.90-21 Target RPM Packages ibus-pinyin-1.2.0.20090617-2.fc12 Policy RPM selinux-policy-3.6.31-3.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.31-0.125.4.2.rc5.git2.fc12.x86_64 #1 SMP Tue Aug 11 21:00:45 EDT 2009 x86_64 x86_64 Alert Count 1 First Seen Tue 15 Sep 2009 03:41:43 PM BRT Last Seen Tue 15 Sep 2009 03:41:43 PM BRT Local ID bd57aa1b-4a46-432f-af6e-f9e4a55b0270 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1253040103.907:45): avc: denied { read } for pid=2140 comm="ldconfig" path="/usr/share/ibus-pinyin/engine/pysqlitedb.py" dev=sda3 ino=64471 scontext=system_u:system_r:ldconfig_t:s0-s0:c0.c1023 tcontext=system_u:object_r:usr_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1253040103.907:45): arch=c000003e syscall=59 success=yes exit=0 a0=16ac9b0 a1=16abde0 a2=16abac0 a3=7fff2c0e1a20 items=0 ppid=2139 pid=2140 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ldconfig" exe="/sbin/ldconfig" subj=system_u:system_r:ldconfig_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= ldconfig_t ============== allow ldconfig_t usr_t:file read;
I beleive this is a leaked file descriptor to /usr/share/ibus-pinyin/engine/pysqlitedb.py Did this happen during the yum update or rpm install?
Below is the %files section in ibus-pinyin.spec. Dose it have any problem? What should I do to fix this problem? %files -f %{name}.lang %defattr(-,root,root,-) %doc AUTHORS COPYING README %{_datadir}/ibus-pinyin # *.py files is in this folder %{_datadir}/ibus/component/* %{_libexecdir}/ibus-engine-pinyin %{_libexecdir}/ibus-setup-pinyin
Eric do you have any ideas?
This bug appears to have been reported against 'rawhide' during the Fedora 12 development cycle. Changing version to '12'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
I think ldconfig should not access this file. It is not a share library. So I will close it as notabug.