Summary: SELinux is preventing /usr/bin/perl "search" access on /usr/share/perl5/Exporter. Detailed Description: [munin-limits has a permissive type (munin_t). This access was not denied.] SELinux denied access requested by munin-update. It is not expected that this access is required by munin-update and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:munin_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_home_t:s0 Target Objects /usr/share/perl5/Exporter [ dir ] Source munin-limits Source Path /usr/bin/perl Port <Unknown> Host (removed) Source RPM Packages perl-5.10.1-114.fc13 Target RPM Packages perl-5.10.1-114.fc13 Policy RPM selinux-policy-3.7.19-37.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.33.6-147.fc13.x86_64 #1 SMP Tue Jul 6 22:32:17 UTC 2010 x86_64 x86_64 Alert Count 750 First Seen Sun 18 Jul 2010 11:05:16 AM CDT Last Seen Mon 19 Jul 2010 10:05:01 AM CDT Local ID c5443848-e811-412d-a0f5-6d12b5eb2c53 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1279551901.213:350): avc: denied { search } for pid=11365 comm="munin-update" name="Exporter" dev=sda2 ino=530016 scontext=system_u:system_r:munin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1279551901.213:350): arch=c000003e syscall=4 success=yes exit=4294967424 a0=1134b60 a1=7fff51bbf1b0 a2=7fff51bbf1b0 a3=2e79766165482f72 items=0 ppid=11364 pid=11365 auid=448 uid=448 gid=428 euid=448 suid=448 fsuid=448 egid=428 sgid=428 fsgid=428 tty=(none) ses=39 comm="munin-update" exe="/usr/bin/perl" subj=system_u:system_r:munin_t:s0-s0:c0.c1023 key=(null) Hash String generated from catchall,munin-limits,munin_t,user_home_t,dir,search audit2allow suggests: #============= munin_t ============== allow munin_t user_home_t:dir search;
/usr/share/perl5/Exporter dir is labeled as a homedir. This is wrong. If restorecon -R -v /usr/share/perl5 does not fix the label, then reopen the bug. It could be a user account in /etc/passwd has this as a homedir?
No, the directory is not listed in /etc/passwd. I restored configuration as you suggest.
Ok if it changes back to user_home_t reopen bug.
BTW, this can happen if you created the directory in your homedir and then mv'd it to a system directory.