Summary: SELinux is preventing /bin/bash "execute" access on /bin/bash. Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux denied access requested by sh. It is not expected that this access is required by sh and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a (removed) policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023 Target Context system_u:object_r:shell_exec_t:s0 Target Objects /bin/bash [ file ] Source sh Source Path /bin/bash Port <Unknown> Host (removed) Source RPM Packages bash-4.1.7-3.fc14 Target RPM Packages bash-4.1.7-3.fc14 Policy RPM selinux-policy-3.9.5-7.fc14 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.35.4-28.fc14.i686.PAE #1 SMP Wed Sep 15 01:57:00 UTC 2010 i686 i686 Alert Count 3 First Seen Tue 28 Sep 2010 02:42:38 PM CEST Last Seen Tue 28 Sep 2010 02:42:38 PM CEST Local ID 777bc8a0-9e9b-4c1f-8fa9-5bf4339ca6fc Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1285677758.364:30): avc: denied { execute } for pid=2088 comm="xrdb" name="bash" dev=dm-0 ino=475727 scontext=unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file node=(removed) type=AVC msg=audit(1285677758.364:30): avc: denied { open } for pid=2088 comm="xrdb" name="bash" dev=dm-0 ino=475727 scontext=unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file node=(removed) type=AVC msg=audit(1285677758.364:30): avc: denied { execute_no_trans } for pid=2088 comm="xrdb" path="/bin/bash" dev=dm-0 ino=475727 scontext=unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1285677758.364:30): arch=40000003 syscall=11 success=yes exit=0 a0=25eee4 a1=bfd8d770 a2=bfd90f08 a3=3 items=0 ppid=2087 pid=2088 auid=502 uid=502 gid=502 euid=502 suid=502 fsuid=502 egid=502 sgid=502 fsgid=502 tty=(none) ses=1 comm="sh" exe="/bin/bash" subj=unconfined_u:system_r:abrt_helper_t:s0-s0:c0.c1023 key=(null) Hash String generated from catchall,sh,abrt_helper_t,shell_exec_t,file,execute audit2allow suggests: #============= abrt_helper_t ============== allow abrt_helper_t shell_exec_t:file { execute open execute_no_trans };
Created attachment 450180 [details] ps -fZed output, showing lots of abrt_helper_t After upgrading to f14 I get this and 60 other errors (quickly increasing to 100+) occurs when logging in in Gnome for the first time on a newly created user. This looks like a candidate for a basic problem, but now I see that xrdb is involved. And hey, everything runs as abrt_helper_t ? I recently uninstalled everything abrt and just installed it again.
I would say you have a labeling problem. touch /.autorelabel; reboot Should fix it. Reopen if this does not fix the problem.
I agree that it looks like a labelling problem, but I had already done both a autorelabel-on-boot and fixfiles relabel. In both cases I got the git-shell messages from bug 638150. I assume that it is more likely some bad content in the SE database, but I don't know where to look. AFAIK I haven't touched the SE database manually on this machine, so I assume would expect that whatever is in there should be handled correctly when updating.
ps -eZ | grep init ps -eZ | grep sshd
system_u:system_r:kernel_t:s0 1 ? 00:00:02 init system_u:system_r:kernel_t:s0 1708 ? 00:00:00 sshd (I assume that the ps -fZed output showed the same.)
Did you see any error message about failure to load policy? ls -lZ /sbin/upstart -rwxr-xr-x. root root system_u:object_r:init_exec_t:s0 /sbin/upstart Does yum reinstall selinux-policy-targeted complete successfully?
caused by incorrectly installed selinux-policy-targeted *** This bug has been marked as a duplicate of bug 638150 ***