Résumé: SELinux is preventing postmaster (postgresql_t) "unix_write" xserver_t. Description détaillée: [SELinux est en mode permissif. Cet accès n'a pas été refusé.] SELinux denied access requested by postmaster. It is not expected that this access is required by postmaster and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Autoriser l'accès: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Informations complémentaires: Contexte source system_u:system_r:postgresql_t:s0 Contexte cible system_u:system_r:xserver_t:s0-s0:c0.c1023 Objets du contexte None [ shm ] source postmaster Chemin de la source /usr/bin/postgres Port <Inconnu> Hôte (removed) Paquetages RPM source postgresql-server-8.3.8-1.fc11 Paquetages RPM cible Politique RPM selinux-policy-3.6.12-83.fc11 Selinux activé True Type de politique targeted Mode strict Permissive Nom du plugin catchall Nom de l'hôte (removed) Plateforme Linux (removed) 2.6.29.6-217.2.16.fc11.i686.PAE #1 SMP Mon Aug 24 17:16:21 EDT 2009 i686 athlon Compteur d'alertes 3 Première alerte ven 02 oct 2009 16:48:18 CEST Dernière alerte ven 02 oct 2009 16:48:18 CEST ID local 15086c05-434a-4de3-bd16-d93dffd1706c Numéros des lignes Messages d'audit bruts node=(removed) type=AVC msg=audit(1254494898.847:5221): avc: denied { unix_write } for pid=25224 comm="postmaster" key=0 scontext=system_u:system_r:postgresql_t:s0 tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=shm node=(removed) type=AVC msg=audit(1254494898.847:5221): avc: denied { read write } for pid=25224 comm="postmaster" key=0 scontext=system_u:system_r:postgresql_t:s0 tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=shm node=(removed) type=AVC msg=audit(1254494898.847:5221): avc: denied { read write } for pid=25224 comm="postmaster" path=2F535953563030303030303030202864656C6574656429 dev=tmpfs ino=0 scontext=system_u:system_r:postgresql_t:s0 tcontext=system_u:object_r:xserver_tmpfs_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1254494898.847:5221): arch=40000003 syscall=117 success=yes exit=0 a0=15 a1=0 a2=0 a3=bfd79aa8 items=0 ppid=1 pid=25224 auid=4294967295 uid=26 gid=26 euid=26 suid=26 fsuid=26 egid=26 sgid=26 fsgid=26 tty=(none) ses=4294967295 comm="postmaster" exe="/usr/bin/postgres" subj=system_u:system_r:postgresql_t:s0 key=(null) Hash String generated from selinux-policy-3.6.12-83.fc11,catchall,postmaster,postgresql_t,xserver_t,shm,unix_write audit2allow suggests: #============= postgresql_t ============== allow postgresql_t xserver_t:shm { read write unix_write }; allow postgresql_t xserver_tmpfs_t:file { read write };
*** This bug has been marked as a duplicate of bug 538428 ***