Résumé: SELinux is preventing postmaster (postgresql_t) "unix_read" xserver_t. Description détaillée: [SELinux est en mode permissif. Cet accès n'a pas été refusé.] SELinux denied access requested by postmaster. It is not expected that this access is required by postmaster and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Autoriser l'accès: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Informations complémentaires: Contexte source system_u:system_r:postgresql_t:s0 Contexte cible system_u:system_r:xserver_t:s0-s0:c0.c1023 Objets du contexte None [ shm ] source postmaster Chemin de la source /usr/bin/postgres Port <Inconnu> Hôte (removed) Paquetages RPM source postgresql-server-8.3.8-1.fc11 Paquetages RPM cible Politique RPM selinux-policy-3.6.12-83.fc11 Selinux activé True Type de politique targeted Mode strict Permissive Nom du plugin catchall Nom de l'hôte (removed) Plateforme Linux (removed) 2.6.29.6-217.2.16.fc11.i686.PAE #1 SMP Mon Aug 24 17:16:21 EDT 2009 i686 athlon Compteur d'alertes 2 Première alerte ven 02 oct 2009 16:48:18 CEST Dernière alerte ven 02 oct 2009 16:48:18 CEST ID local 7563ebee-d583-45a6-bc3e-d57301c90fc1 Numéros des lignes Messages d'audit bruts node=(removed) type=AVC msg=audit(1254494898.846:5220): avc: denied { unix_read } for pid=25224 comm="postmaster" key=0 scontext=system_u:system_r:postgresql_t:s0 tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=shm node=(removed) type=AVC msg=audit(1254494898.846:5220): avc: denied { getattr associate } for pid=25224 comm="postmaster" key=0 scontext=system_u:system_r:postgresql_t:s0 tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=shm node=(removed) type=SYSCALL msg=audit(1254494898.846:5220): arch=40000003 syscall=117 success=yes exit=0 a0=18 a1=0 a2=102 a3=0 items=0 ppid=1 pid=25224 auid=4294967295 uid=26 gid=26 euid=26 suid=26 fsuid=26 egid=26 sgid=26 fsgid=26 tty=(none) ses=4294967295 comm="postmaster" exe="/usr/bin/postgres" subj=system_u:system_r:postgresql_t:s0 key=(null) Hash String generated from selinux-policy-3.6.12-83.fc11,catchall,postmaster,postgresql_t,xserver_t,shm,unix_read audit2allow suggests: #============= postgresql_t ============== allow postgresql_t xserver_t:shm { unix_read getattr associate };
*** This bug has been marked as a duplicate of bug 538428 ***