Zusammenfassung: SELinux is preventing hwclock (hwclock_t) "append" to /var/webmin/miniserv.error (var_t). Detaillierte Beschreibung: [hwclock hat einen toleranten Typ (hwclock_t). Dieser Zugriff wurde nicht verweigert.] SELinux denied access requested by hwclock. It is not expected that this access is required by hwclock and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Zugriff erlauben: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /var/webmin/miniserv.error, restorecon -v '/var/webmin/miniserv.error' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Zusätzliche Informationen: Quellkontext system_u:system_r:hwclock_t:s0 Zielkontext system_u:object_r:var_t:s0 Zielobjekte /var/webmin/miniserv.error [ file ] Quelle hwclock Quellen-Pfad /sbin/hwclock Port <Unbekannt> Host (removed) Quellen-RPM-Pakete util-linux-ng-2.14.1-3.2.fc10 Ziel-RPM-Pakete RPM-Richtlinie selinux-policy-3.5.13-55.fc10 SELinux aktiviert True Richtlinienversion targeted Enforcing-Modus Enforcing Plugin-Name catchall_file Hostname (removed) Plattform Linux (removed) 2.6.27.21-170.2.56.fc10.x86_64 #1 SMP Mon Mar 23 23:08:10 EDT 2009 x86_64 x86_64 Anzahl der Alarme 4 Zuerst gesehen Mi 22 Apr 2009 08:37:27 CEST Zuletzt gesehen Mi 22 Apr 2009 08:40:00 CEST Lokale ID 08aa8239-0fb5-43b1-8206-25823969fe60 Zeilennummern Raw-Audit-Meldungen node=(removed) type=AVC msg=audit(1240382400.781:26): avc: denied { append } for pid=4584 comm="hwclock" path="/var/webmin/miniserv.error" dev=dm-0 ino=20472074 scontext=system_u:system_r:hwclock_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1240382400.781:26): arch=c000003e syscall=59 success=yes exit=0 a0=7fff60e64435 a1=1ea3768 a2=1932f80 a3=8101010101010100 items=0 ppid=4579 pid=4584 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="hwclock" exe="/sbin/hwclock" subj=system_u:system_r:hwclock_t:s0 key=(null) Hash String generated from selinux-policy-3.5.13-55.fc10,catchall_file,hwclock,hwclock_t,var_t,file,append audit2allow suggests: #============= hwclock_t ============== allow hwclock_t var_t:file append;
*** This bug has been marked as a duplicate of bug 538428 ***