Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux denied access requested by the prelink command. It looks like this is either a leaked descriptor or prelink output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the /root. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Additional Information: Source Context system_u:system_r:prelink_cron_system_t:s0-s0:c0.c 1023 Target Context system_u:object_r:admin_home_t:s0 Target Objects /root [ dir ] Source prelink Source Path /bin/bash Port <Unknown> Host (removed) Source RPM Packages bash-4.1.7-4.fc15 Target RPM Packages filesystem-2.4.35-1.fc14 Policy RPM selinux-policy-3.8.8-8.fc14 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name leaks Host Name (removed) Platform Linux (removed) 2.6.36-0.0.rc0.git1.fc15.x86_64 #1 SMP Wed Aug 4 16:26:35 UTC 2010 x86_64 x86_64 Alert Count 1 First Seen Sat 07 Aug 2010 11:26:10 AM CEST Last Seen Sat 07 Aug 2010 11:26:10 AM CEST Local ID 9a7823b0-0c5d-40dd-8c51-1d2cd135691c Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1281173170.521:24): avc: denied { read } for pid=26133 comm="prelink" path="/root" dev=sda8 ino=742 scontext=system_u:system_r:prelink_cron_system_t:s0-s0:c0.c1023 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1281173170.521:24): arch=c000003e syscall=59 success=yes exit=0 a0=1507d70 a1=1507a60 a2=1507530 a3=8 items=0 ppid=2392 pid=26133 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="prelink" exe="/bin/bash" subj=system_u:system_r:prelink_cron_system_t:s0-s0:c0.c1023 key=(null) Description of problem: Additional info: This is a manual report, because /usr/bin/sealert crashed. I'll create a separate report.
Información Adicional: Contexto Fuente system_u:system_r:prelink_cron_system_t:s0-s0:c0.c 1023 Contexto Destino system_u:object_r:admin_home_t:s0 Objetos Destino /root [ dir ] Fuente prelink Dirección de Fuente /bin/bash Puerto <Desconocido> Nombre de Equipo (eliminado) Paquetes RPM Fuentes bash-4.1.7-1.fc13 Paquetes RPM Destinos filesystem-2.4.31-1.fc13 RPM de Políticas selinux-policy-3.7.19-44.fc13 SELinux Activado True Tipo de Política targeted Modo Obediente Permissive Nombre de Plugin leaks Nombre de Equipo (eliminado) Plataforma Linux localhost.localdomain 2.6.34.2-34.fc13.i686 #1 SMP Thu Aug 5 23:34:56 UTC 2010 i686 i686 Cantidad de Alertas 1 Visto por Primera Vez mié 11 ago 2010 08:49:36 CEST Visto por Última Vez mié 11 ago 2010 08:49:36 CEST ID Local 8a7ebb30-a3e9-4f6e-95c3-40721e137644 Números de Línea Mensajes de Auditoría Crudos node=localhost.localdomain type=AVC msg=audit(1281509376.85:24): avc: denied { read } for pid=13985 comm="prelink" path="/root" dev=sda2 ino=307 scontext=system_u:system_r:prelink_cron_system_t:s0-s0:c0.c1023 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir node=localhost.localdomain type=SYSCALL msg=audit(1281509376.85:24): arch=40000003 syscall=11 success=yes exit=0 a0=9856c20 a1=9856f08 a2=9853b88 a3=9856f08 items=0 ppid=13798 pid=13985 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="prelink" exe="/bin/bash" subj=system_u:system_r:prelink_cron_system_t:s0-s0:c0.c1023 key=(null) -- Fedora Bugzappers volunteer triage team https://fedoraproject.org/wiki/BugZappers
You can add these rules for now using # grep avc /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Fixed in selinux-policy-3.8.8-12.fc14
selinux-policy-3.8.8-20.fc14 has been submitted as an update for Fedora 14. http://admin.fedoraproject.org/updates/selinux-policy-3.8.8-20.fc14
selinux-policy-3.8.8-20.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/selinux-policy-3.8.8-20.fc14
selinux-policy-3.8.8-20.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.