Summary: SELinux is preventing gdb (NetworkManager_t) "getattr" to /var/lib/rpm (rpm_var_lib_t). Detailed Description: SELinux denied access requested by gdb. It is not expected that this access is required by gdb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /var/lib/rpm, restorecon -v '/var/lib/rpm' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:NetworkManager_t:s0 Target Context system_u:object_r:rpm_var_lib_t:s0 Target Objects /var/lib/rpm [ dir ] Source gdb Source Path /usr/bin/gdb Port <Unknown> Host (removed) Source RPM Packages gdb-6.8-21.fc9 Target RPM Packages rpm-4.4.2.3-2.fc9 Policy RPM selinux-policy-3.3.1-87.fc9 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall_file Host Name (removed) Platform Linux (removed) 2.6.26.3-29.fc9.i686 #1 SMP Wed Sep 3 03:42:27 EDT 2008 i686 athlon Alert Count 204 First Seen Thu 11 Sep 2008 09:39:08 PM EDT Last Seen Thu 18 Sep 2008 10:27:03 PM EDT Local ID 562e7f5f-1685-4feb-b3f1-5d5762a8cbe8 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1221791223.429:214): avc: denied { getattr } for pid=3363 comm="gdb" path="/var/lib/rpm" dev=dm-0 ino=840492 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1221791223.429:214): arch=40000003 syscall=195 success=no exit=-13 a0=bf9a5090 a1=bf9a50d8 a2=bf2ff4 a3=bf9a5090 items=0 ppid=3362 pid=3363 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="gdb" exe="/usr/bin/gdb" subj=system_u:system_r:NetworkManager_t:s0 key=(null) Hash String generated from selinux-policy-3.3.1-87.fc9,catchall_file,gdb,NetworkManager_t,rpm_var_lib_t,dir,getattr audit2allow suggests: #============= NetworkManager_t ============== allow NetworkManager_t rpm_var_lib_t:dir getattr;
*** This bug has been marked as a duplicate of bug 538428 ***