RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 587669 - SELinux is preventing /bin/bash "read" access on /home/mark.
Summary: SELinux is preventing /bin/bash "read" access on /home/mark.
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: selinux-policy
Version: 6.0
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Miroslav Grepl
QA Contact: Aleš Mareček
URL:
Whiteboard: setroubleshoot_trace_hash:eaebbbe5d47...
Depends On:
Blocks: 644333
TreeView+ depends on / blocked
 
Reported: 2010-04-30 14:08 UTC by Mark Wielaard
Modified: 2017-01-03 10:23 UTC (History)
8 users (show)

Fixed In Version: openswan-2_6_24-4_el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 644333 (view as bug list)
Environment:
Last Closed: 2010-11-11 14:57:23 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Mark Wielaard 2010-04-30 14:08:35 UTC
Summary:

SELinux is preventing /bin/bash "read" access on /home/mark.

Detailed Description:

[SELinux is in permissive mode. This access was not denied.]

SELinux denied access requested by _realsetup. It is not expected that this
access is required by _realsetup and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:ipsec_mgmt_t:s0
Target Context                unconfined_u:object_r:user_home_dir_t:s0
Target Objects                /home/mark [ dir ]
Source                        _realsetup
Source Path                   /bin/bash
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           bash-4.1.2-2.el6
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-9.el6
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Plugin Name                   catchall
Host Name                     (removed)
Platform                      Linux (removed) 2.6.32-23.el6.x86_64
                              #1 SMP Tue Apr 27 21:17:28 EDT 2010 x86_64 x86_64
Alert Count                   1
First Seen                    Fri 30 Apr 2010 04:06:42 PM CEST
Last Seen                     Fri 30 Apr 2010 04:06:42 PM CEST
Local ID                      0f5191ed-4a8d-4a52-ba5e-6feef49e37a8
Line Numbers                  

Raw Audit Messages            

node=(removed) type=AVC msg=audit(1272636402.891:206): avc:  denied  { read } for  pid=9856 comm="_realsetup" name="mark" dev=dm-1 ino=12 scontext=unconfined_u:system_r:ipsec_mgmt_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir

node=(removed) type=SYSCALL msg=audit(1272636402.891:206): arch=c000003e syscall=2 success=yes exit=3 a0=4a43ab a1=90800 a2=0 a3=7fffc41dc200 items=0 ppid=9854 pid=9856 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=3 comm="_realsetup" exe="/bin/bash" subj=unconfined_u:system_r:ipsec_mgmt_t:s0 key=(null)



Hash String generated from  catchall,_realsetup,ipsec_mgmt_t,user_home_dir_t,dir,read
audit2allow suggests:

#============= ipsec_mgmt_t ==============
allow ipsec_mgmt_t user_home_dir_t:dir read;

Comment 1 Mark Wielaard 2010-04-30 14:20:08 UTC
Something odd is going on, since _realsetup also seems to poke at a couple of other random files in my homedir: .pulse-cookie, .xinputrc, .gitconfig, .ICEauthority and .Xauthority.

Summary:

SELinux is preventing /bin/bash "getattr" access on /home/mark/.pulse-cookie.

Detailed Description:

[SELinux is in permissive mode. This access was not denied.]

SELinux denied access requested by _realsetup. It is not expected that this
access is required by _realsetup and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:ipsec_mgmt_t:s0
Target Context                unconfined_u:object_r:pulseaudio_home_t:s0
Target Objects                /home/mark/.pulse-cookie [ file ]
Source                        _realsetup
Source Path                   /bin/bash
Port                          <Unknown>
Host                          springer.wildebeest.org
Source RPM Packages           bash-4.1.2-2.el6
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-9.el6
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Plugin Name                   catchall
Host Name                     springer.wildebeest.org
Platform                      Linux springer.wildebeest.org 2.6.32-23.el6.x86_64
                              #1 SMP Tue Apr 27 21:17:28 EDT 2010 x86_64 x86_64
Alert Count                   1
First Seen                    Fri 30 Apr 2010 04:06:42 PM CEST
Last Seen                     Fri 30 Apr 2010 04:06:42 PM CEST
Local ID                      ed697985-0052-4926-b291-7d053bb68154
Line Numbers                  

Raw Audit Messages            

node=springer.wildebeest.org type=AVC msg=audit(1272636402.891:207): avc:  denied  { getattr } for  pid=9856 comm="_realsetup" path="/home/mark/.pulse-cookie" dev=dm-1 ino=46 scontext=unconfined_u:system_r:ipsec_mgmt_t:s0 tcontext=unconfined_u:object_r:pulseaudio_home_t:s0 tclass=file

node=springer.wildebeest.org type=SYSCALL msg=audit(1272636402.891:207): arch=c000003e syscall=4 success=yes exit=0 a0=1e35910 a1=7fffc41dc460 a2=7fffc41dc460 a3=51 items=0 ppid=9854 pid=9856 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=3 comm="_realsetup" exe="/bin/bash" subj=unconfined_u:system_r:ipsec_mgmt_t:s0 key=(null)



Summary:

SELinux is preventing /bin/bash "read" access on /home/mark/.xinputrc.

Detailed Description:

[SELinux is in permissive mode. This access was not denied.]

SELinux denied access requested by _realsetup. It is not expected that this
access is required by _realsetup and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:ipsec_mgmt_t:s0
Target Context                unconfined_u:object_r:user_home_t:s0
Target Objects                /home/mark/.xinputrc [ lnk_file ]
Source                        _realsetup
Source Path                   /bin/bash
Port                          <Unknown>
Host                          springer.wildebeest.org
Source RPM Packages           bash-4.1.2-2.el6
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-9.el6
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Plugin Name                   catchall
Host Name                     springer.wildebeest.org
Platform                      Linux springer.wildebeest.org 2.6.32-23.el6.x86_64
                              #1 SMP Tue Apr 27 21:17:28 EDT 2010 x86_64 x86_64
Alert Count                   1
First Seen                    Fri 30 Apr 2010 04:06:42 PM CEST
Last Seen                     Fri 30 Apr 2010 04:06:42 PM CEST
Local ID                      9864e37e-5d00-46fd-a714-7b6b2ecf47b7
Line Numbers                  

Raw Audit Messages            

node=springer.wildebeest.org type=AVC msg=audit(1272636402.891:208): avc:  denied  { read } for  pid=9856 comm="_realsetup" name=".xinputrc" dev=dm-1 ino=96099 scontext=unconfined_u:system_r:ipsec_mgmt_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=lnk_file

node=springer.wildebeest.org type=SYSCALL msg=audit(1272636402.891:208): arch=c000003e syscall=4 success=yes exit=0 a0=1e34730 a1=7fffc41dc460 a2=7fffc41dc460 a3=0 items=0 ppid=9854 pid=9856 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=3 comm="_realsetup" exe="/bin/bash" subj=unconfined_u:system_r:ipsec_mgmt_t:s0 key=(null)



Summary:

SELinux is preventing /bin/bash "getattr" access on /home/mark/.gitconfig.

Detailed Description:

[SELinux is in permissive mode. This access was not denied.]

SELinux denied access requested by _realsetup. It is not expected that this
access is required by _realsetup and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:ipsec_mgmt_t:s0
Target Context                unconfined_u:object_r:git_session_content_t:s0
Target Objects                /home/mark/.gitconfig [ file ]
Source                        _realsetup
Source Path                   /bin/bash
Port                          <Unknown>
Host                          springer.wildebeest.org
Source RPM Packages           bash-4.1.2-2.el6
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-9.el6
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Plugin Name                   catchall
Host Name                     springer.wildebeest.org
Platform                      Linux springer.wildebeest.org 2.6.32-23.el6.x86_64
                              #1 SMP Tue Apr 27 21:17:28 EDT 2010 x86_64 x86_64
Alert Count                   1
First Seen                    Fri 30 Apr 2010 04:06:42 PM CEST
Last Seen                     Fri 30 Apr 2010 04:06:42 PM CEST
Local ID                      be531eb6-2622-4e5f-8023-b1a28904cb40
Line Numbers                  

Raw Audit Messages            

node=springer.wildebeest.org type=AVC msg=audit(1272636402.891:209): avc:  denied  { getattr } for  pid=9856 comm="_realsetup" path="/home/mark/.gitconfig" dev=dm-1 ino=92310 scontext=unconfined_u:system_r:ipsec_mgmt_t:s0 tcontext=unconfined_u:object_r:git_session_content_t:s0 tclass=file

node=springer.wildebeest.org type=SYSCALL msg=audit(1272636402.891:209): arch=c000003e syscall=4 success=yes exit=0 a0=1e346f0 a1=7fffc41dc460 a2=7fffc41dc460 a3=0 items=0 ppid=9854 pid=9856 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=3 comm="_realsetup" exe="/bin/bash" subj=unconfined_u:system_r:ipsec_mgmt_t:s0 key=(null)



Summary:

SELinux is preventing /bin/bash "getattr" access on /home/mark/.ICEauthority.

Detailed Description:

[SELinux is in permissive mode. This access was not denied.]

SELinux denied access requested by _realsetup. It is not expected that this
access is required by _realsetup and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:ipsec_mgmt_t:s0
Target Context                unconfined_u:object_r:iceauth_home_t:s0
Target Objects                /home/mark/.ICEauthority [ file ]
Source                        _realsetup
Source Path                   /bin/bash
Port                          <Unknown>
Host                          springer.wildebeest.org
Source RPM Packages           bash-4.1.2-2.el6
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-9.el6
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Plugin Name                   catchall
Host Name                     springer.wildebeest.org
Platform                      Linux springer.wildebeest.org 2.6.32-23.el6.x86_64
                              #1 SMP Tue Apr 27 21:17:28 EDT 2010 x86_64 x86_64
Alert Count                   1
First Seen                    Fri 30 Apr 2010 04:06:42 PM CEST
Last Seen                     Fri 30 Apr 2010 04:06:42 PM CEST
Local ID                      c9bd66fe-d6a3-439a-a090-883f79c8a59f
Line Numbers                  

Raw Audit Messages            

node=springer.wildebeest.org type=AVC msg=audit(1272636402.891:210): avc:  denied  { getattr } for  pid=9856 comm="_realsetup" path="/home/mark/.ICEauthority" dev=dm-1 ino=89964 scontext=unconfined_u:system_r:ipsec_mgmt_t:s0 tcontext=unconfined_u:object_r:iceauth_home_t:s0 tclass=file

node=springer.wildebeest.org type=SYSCALL msg=audit(1272636402.891:210): arch=c000003e syscall=4 success=yes exit=0 a0=1e33d20 a1=7fffc41dc460 a2=7fffc41dc460 a3=c items=0 ppid=9854 pid=9856 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=3 comm="_realsetup" exe="/bin/bash" subj=unconfined_u:system_r:ipsec_mgmt_t:s0 key=(null)



Summary:

SELinux is preventing /bin/bash "getattr" access on /home/mark/.Xauthority.

Detailed Description:

[SELinux is in permissive mode. This access was not denied.]

SELinux denied access requested by _realsetup. It is not expected that this
access is required by _realsetup and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.

Additional Information:

Source Context                unconfined_u:system_r:ipsec_mgmt_t:s0
Target Context                unconfined_u:object_r:xauth_home_t:s0
Target Objects                /home/mark/.Xauthority [ file ]
Source                        _realsetup
Source Path                   /bin/bash
Port                          <Unknown>
Host                          springer.wildebeest.org
Source RPM Packages           bash-4.1.2-2.el6
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-9.el6
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Plugin Name                   catchall
Host Name                     springer.wildebeest.org
Platform                      Linux springer.wildebeest.org 2.6.32-23.el6.x86_64
                              #1 SMP Tue Apr 27 21:17:28 EDT 2010 x86_64 x86_64
Alert Count                   1
First Seen                    Fri 30 Apr 2010 04:06:42 PM CEST
Last Seen                     Fri 30 Apr 2010 04:06:42 PM CEST
Local ID                      09eb2eb9-d656-42a3-9328-7e80995a54cb
Line Numbers                  

Raw Audit Messages            

node=springer.wildebeest.org type=AVC msg=audit(1272636402.893:211): avc:  denied  { getattr } for  pid=9856 comm="_realsetup" path="/home/mark/.Xauthority" dev=dm-1 ino=86687 scontext=unconfined_u:system_r:ipsec_mgmt_t:s0 tcontext=unconfined_u:object_r:xauth_home_t:s0 tclass=file

node=springer.wildebeest.org type=SYSCALL msg=audit(1272636402.893:211): arch=c000003e syscall=4 success=yes exit=0 a0=1e1b800 a1=7fffc41dc460 a2=7fffc41dc460 a3=c items=0 ppid=9854 pid=9856 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=3 comm="_realsetup" exe="/bin/bash" subj=unconfined_u:system_r:ipsec_mgmt_t:s0 key=(null)

Comment 3 RHEL Program Management 2010-04-30 15:47:34 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 4 Daniel Walsh 2010-04-30 20:41:52 UTC
Were you sitting in your homedir when you executed this script?

I have no idea why _realsetup is looking at files in your homedir.  Maybe it looks at all subdirs of the current directory?

Comment 5 Avesh Agarwal 2010-04-30 20:46:23 UTC
Openswan's _realsetup does not have any thing to do with these files .pulse-cookie, .xinputrc, .gitconfig, .ICEauthority and .Xauthority.

Comment 6 Mark Wielaard 2010-05-03 09:27:12 UTC
Yes, this is when sitting in my homedir. But it doesn't look like it is looking at all files in my homedir, there are lots more.

It isn't happening anymore. Or at least, I am not able to trigger it easily. Will update the bug report if I see it again. Looking through the _realsetup shell script I don't see anything obvious that could trigger this.

I am still seeing the selinux denials from bug #586760 (in Permissive mode)

$ rpm -q  selinux-policy openswan
selinux-policy-3.7.19-10.el6.noarch
openswan-2.6.24-3.el6.x86_64

Comment 7 Daniel Walsh 2010-05-03 14:16:52 UTC
It is probably the bash script that is triggering these.  If we add a cd / to the script it probably would not generate these avcs.

Comment 8 Mark Wielaard 2010-05-04 12:12:34 UTC
Found an easy reproducer. Stop the ipsec service when it is already stopped (or just stop it twice in a row) when in your current home directory:

$ sudo ipsec setup stop
ipsec_setup: Stopping Openswan IPsec...
ipsec_setup: stop ordered, but IPsec appears to be already stopped!
ipsec_setup: doing cleanup anyway...

That will give you (in my case 6) selinux denials on various status/reads of the home directory and some of the dot files.

Comment 9 Avesh Agarwal 2010-05-04 22:23:36 UTC
Could you please try the latest selinux-policy-3.7.19-11.el6, and see if it still happens?

Comment 10 Mark Wielaard 2010-05-05 11:38:37 UTC
(In reply to comment #9)
> Could you please try the latest selinux-policy-3.7.19-11.el6, and see if it
> still happens?    

Yes it still happens with selinux-policy-3.7.19-11.el6.noarch
That version does fix bug #586760 but not this one.

If you try the reproducer in comment #8 you should also see this issue with the latest selinux-policy package. But I don't think this is an selinux-policy issue. It seems that ipsec should just not try to stat/read files in the user home directory.

Comment 11 Daniel Walsh 2010-05-05 15:27:04 UTC
Is ipsec a shell script?  If it cd / before executing this will fix the problem.  This is what the /sbin/service script does.

Comment 12 Avesh Agarwal 2010-05-05 15:33:36 UTC
ipsec can also be started/stopped as follow:

service ipsec start/stop

I believe that that would solve the problem. Mark, can you please check that?  

Then, we do not need to fix it, right?

Comment 13 Mark Wielaard 2010-05-05 16:17:39 UTC
(In reply to comment #12)
> ipsec can also be started/stopped as follow:
> 
> service ipsec start/stop
> 
> I believe that that would solve the problem. Mark, can you please check that?  

If I run "service ipsec stop" twice in a row it doesn't seem to trigger any accesses to the home directory or any dot files.

> Then, we do not need to fix it, right?    

I don't know what the "correct" way is to use this.
I didn't know there was also a service, the documentation I saw (RHEL6InternalBeta) said to execute things by hand to access the vpn.

Comment 14 Avesh Agarwal 2010-05-05 16:40:45 UTC
Hello Mark,

Thanks for checking this. Although both are correct ways but "service ipsec start/stop" is selinux-friendly and "ipsec setup start/stop" is not. And the reason for this is that, as Dan Walsh stated in his comment 11, /sbin/service has "cd /" . Thats why I asked you to check for "service ipsec start/stop" because now it follows selinux-friendly way.

Thanks
Avesh

Comment 15 Daniel Walsh 2010-05-05 17:09:37 UTC
Is ipsec a command in /usr/bin or /usr/sbin?  Or is it the init script in /etc/init.d/ipsec

Comment 16 Avesh Agarwal 2010-05-05 17:16:10 UTC
Both, ipsec is in /usr/sbin/ipsec , and also in /etc/init.d/ipsec .

Comment 17 Daniel Walsh 2010-05-05 17:44:21 UTC
Can you add a cd / to /usr/sbin/ipsec?

Comment 18 Avesh Agarwal 2010-05-05 17:54:29 UTC
I can do that. But would help me explain it to Openswan upstream, if you can explain me why does this solve the problem, and makes /use/sbin/ipsec more selinux-friendly?

Comment 19 Daniel Walsh 2010-05-05 18:23:59 UTC
The script _realsetup is for some reason looking at files/directories in the current working directory.  

I have no idea why, but it might be searching a path.  Any files/directories with labels that ipsec is not allowed to touch will generate a getattr AVC message, as we see.  Changing working directory also prevents users homedir from potentially influencing the script to do something evil/unexpected.

Bill do you have any other history on why service script does the "cd /"

Comment 20 Bill Nottingham 2010-05-05 20:48:34 UTC
It also ensures that someone who happens to start a random service while sitting in a NFS-mounted directory won't have busy references to that NFS filesystem when they try to shut down, for example.

'/' is chosen as it's a directory that will always be available.

Comment 31 Daniel Walsh 2010-08-05 18:54:33 UTC
Miroslav the only thing we can do is add

files_dontaudit_search_home(ipsec_t)

Comment 32 Miroslav Grepl 2010-08-06 13:25:33 UTC
Fixed in selinux-policy-3.7.19-36.el6.noarch.

Comment 41 Daniel Walsh 2010-08-11 12:21:36 UTC
Miroslav you probably need

	optional_policy(`
		ipsec_mgmt_dbus_chat(sysadm_t)
	')

Comment 42 Miroslav Grepl 2010-08-11 15:02:48 UTC
Fixed in selinux-policy-3.7.19-38.el6.noarch

Comment 46 Daniel Walsh 2010-08-13 17:05:02 UTC
Some how /etc/hosts got mislabeled.

Did you hand edit it?

Comment 47 Aleš Mareček 2010-08-16 08:24:59 UTC
Yes, I did but it was long time ago. So I wonder why I saw this AVC after long time of using and then some testing of this, and only once.

Anyway this is not the issue of this bug, nor blocking it. That's why I moved it to VERIFIED.

Comment 48 releng-rhel@redhat.com 2010-11-11 14:57:23 UTC
Red Hat Enterprise Linux 6.0 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.