Bug 611143 - cannot write to .xsession-errors
Summary: cannot write to .xsession-errors
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: selinux-policy
Version: 6.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Daniel Walsh
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-07-03 22:37 UTC by David Kovalsky
Modified: 2014-03-31 23:45 UTC (History)
2 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2010-07-07 12:05:02 UTC


Attachments (Terms of Use)

Description David Kovalsky 2010-07-03 22:37:58 UTC
Snippet from /var/log/audit/audit.log

type=AVC msg=audit(1278195906.508:33476): avc:  denied  { write } for  pid=2515 comm="gdm-session-wor" name=".xsession-errors" dev=dm-7 ino=2621546 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
type=SYSCALL msg=audit(1278195906.508:33476): arch=c000003e syscall=21 success=no exit=-13 a0=1f655d0 a1=6 a2=20 a3=7fff76325040 items=0 ppid=2499 pid=2515 auid=10625 uid=10625 gid=10625 euid=10625 suid=10625 fsuid=10625 egid=10625 sgid=10625 fsgid=10625 tty=(none) ses=1 comm="gdm-session-wor" exe="/usr/libexec/gdm-session-worker" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1278195906.508:33477): avc:  denied  { write } for  pid=2515 comm="gdm-session-wor" name=".xsession-errors" dev=dm-7 ino=2621546 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
type=SYSCALL msg=audit(1278195906.508:33477): arch=c000003e syscall=77 success=no exit=-13 a0=a a1=0 a2=7fff76325330 a3=7fff76325040 items=0 ppid=2499 pid=2515 auid=10625 uid=10625 gid=10625 euid=10625 suid=10625 fsuid=10625 egid=10625 sgid=10625 fsgid=10625 tty=(none) ses=1 comm="gdm-session-wor" exe="/usr/libexec/gdm-session-worker" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)


selinux-policy-targeted-3.7.19-30.el6.noarch

Comment 1 Miroslav Grepl 2010-07-07 12:05:02 UTC
.xsession-errors is mislabelled. 

restorecon -R -v /home

Will fix.


Note You need to log in before you can comment on or make changes to this bug.