Summary: SELinux is preventing /usr/bin/gdb "read" access on /home/devel. Detailed Description: SELinux denied access requested by gdb. It is not expected that this access is required by gdb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:abrt_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_home_dir_t:s0 Target Objects /home/devel [ lnk_file ] Source gdb Source Path /usr/bin/gdb Port <Unknown> Host (removed) Source RPM Packages gdb-7.1-16.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-6.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.33.2-57.fc13.x86_64 #1 SMP Tue Apr 20 08:57:50 UTC 2010 x86_64 x86_64 Alert Count 2 First Seen Wed 28 Apr 2010 08:16:22 AM EDT Last Seen Thu 29 Apr 2010 09:41:10 AM EDT Local ID 21d5ac9b-4cbd-4bfa-9fea-46cb479f9df8 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1272548470.921:289): avc: denied { read } for pid=7261 comm="gdb" name="devel" dev=dm-5 ino=12 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=lnk_file node=(removed) type=SYSCALL msg=audit(1272548470.921:289): arch=c000003e syscall=4 success=no exit=-13 a0=2ba0fb0 a1=7fffa32c9410 a2=7fffa32c9410 a3=6e6f687479702f62 items=0 ppid=1804 pid=7261 auid=4294967295 uid=3633 gid=3633 euid=3633 suid=3633 fsuid=3633 egid=3633 sgid=3633 fsgid=3633 tty=(none) ses=4294967295 comm="gdb" exe="/usr/bin/gdb" subj=system_u:system_r:abrt_t:s0-s0:c0.c1023 key=(null) Hash String generated from catchall,gdb,abrt_t,user_home_dir_t,lnk_file,read audit2allow suggests: #============= abrt_t ============== allow abrt_t user_home_dir_t:lnk_file read;
This looks like you have a home dir that is a symbolic link? abrt is trying to run gdm on whatever crashed and SELinux is refusing to read the link. Currently we are preventing, via SELInux abrt reading content in the homedirs. Since nothing in your homedirs needs to be reported upstream. Arbt should not be watching crashes in homedir.
*** This bug has been marked as a duplicate of bug 526791 ***