Zusammenfassung: SELinux is preventing /usr/bin/abrt-pyhook-helper access to a leaked /dev/ptmx file descriptor. Detaillierte Beschreibung: [abrt-pyhook-hel hat einen toleranten Typ (abrt_helper_t). Dieser Zugriff wurde nicht verweigert.] SELinux denied access requested by the abrt-pyhook-hel command. It looks like this is either a leaked descriptor or abrt-pyhook-hel output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the /dev/ptmx. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc. Zugriff erlauben: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Zusätzliche Informationen: Quellkontext unconfined_u:unconfined_r:abrt_helper_t:s0-s0:c0.c 1023 Zielkontext system_u:object_r:ptmx_t:s0 Zielobjekte /dev/ptmx [ chr_file ] Quelle abrt-pyhook-hel Quellen-Pfad /usr/bin/abrt-pyhook-helper Port <Unbekannt> Host (removed) Quellen-RPM-Pakete abrt-addon-python-1.0.0-1.fc12 Ziel-RPM-Pakete RPM-Richtlinie selinux-policy-3.6.32-52.fc12 SELinux aktiviert True Richtlinienversion targeted Enforcing-Modus Enforcing Plugin-Name leaks Hostname (removed) Plattform Linux (removed) 2.6.31.5-127.fc12.x86_64 #1 SMP Sat Nov 7 21:11:14 EST 2009 x86_64 x86_64 Anzahl der Alarme 1 Zuerst gesehen Do 03 Dez 2009 20:39:03 CET Zuletzt gesehen Do 03 Dez 2009 20:39:03 CET Lokale ID 18310a80-02f7-46c6-9895-ac03f27078b1 Zeilennummern Raw-Audit-Meldungen node=(removed) type=AVC msg=audit(1259869143.349:56): avc: denied { read write } for pid=1976 comm="abrt-pyhook-hel" path="/dev/ptmx" dev=tmpfs ino=2092 scontext=unconfined_u:unconfined_r:abrt_helper_t:s0-s0:c0.c1023 tcontext=system_u:object_r:ptmx_t:s0 tclass=chr_file node=(removed) type=SYSCALL msg=audit(1259869143.349:56): arch=c000003e syscall=59 success=yes exit=0 a0=49c6df0 a1=2abc3b0 a2=7fff28d9f0a0 a3=65726168732f7273 items=0 ppid=1954 pid=1976 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="abrt-pyhook-hel" exe="/usr/bin/abrt-pyhook-helper" subj=unconfined_u:unconfined_r:abrt_helper_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-52.fc12,leaks,abrt-pyhook-hel,abrt_helper_t,ptmx_t,chr_file,read,write audit2allow suggests: #============= abrt_helper_t ============== allow abrt_helper_t ptmx_t:chr_file { read write };
Additional information: Error occurred whilst running yumex next gen. Is there any way to install the version of yumex from Fedora 11 - this version was a lot more stable than the next gen version in Fedora 12? Regards, Simon
Have to ask on the list or yumex developers. Report the abrt problem to them and ask the question there. This will be dontaudited in next release. Fixed in selinux-policy-3.6.32-55.fc12.noarch
selinux-policy-3.6.32-55.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-55.fc12
selinux-policy-3.6.32-55.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2009-12650
selinux-policy-3.6.32-55.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.