Summary: SELinux is preventing /usr/sbin/sedispatch "write" access on log. Detailed Description: SELinux denied access requested by sedispatch. It is not expected that this access is required by sedispatch and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:audisp_t:s0 Target Context unconfined_u:object_r:device_t:s0 Target Objects log [ sock_file ] Source sedispatch Source Path /usr/sbin/sedispatch Port <Unknown> Host (removed) Source RPM Packages setroubleshoot-server-2.2.83-1.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-21.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.33.4-95.fc13.i686 #1 SMP Thu May 13 05:55:24 UTC 2010 i686 i686 Alert Count 280 First Seen Tue 01 Jun 2010 01:35:23 PM PDT Last Seen Tue 01 Jun 2010 01:40:04 PM PDT Local ID dd669db1-828c-4772-adc5-119909b93b11 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1275424804.17:42039): avc: denied { write } for pid=1956 comm="sedispatch" name="log" dev=devtmpfs ino=1534170 scontext=system_u:system_r:audisp_t:s0 tcontext=unconfined_u:object_r:device_t:s0 tclass=sock_file node=(removed) type=SYSCALL msg=audit(1275424804.17:42039): arch=40000003 syscall=102 success=no exit=-13 a0=3 a1=bf84593c a2=499ff4 a3=ffffff44 items=0 ppid=1945 pid=1956 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="sedispatch" exe="/usr/sbin/sedispatch" subj=system_u:system_r:audisp_t:s0 key=(null) Hash String generated from catchall,sedispatch,audisp_t,device_t,sock_file,write audit2allow suggests: #============= audisp_t ============== allow audisp_t device_t:sock_file write;
*** This bug has been marked as a duplicate of bug 599126 ***