Bug 644333 - SELinux is preventing /bin/bash "read" access on /home/mark.
Summary: SELinux is preventing /bin/bash "read" access on /home/mark.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy
Version: 5.6
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Miroslav Grepl
QA Contact: Milos Malik
URL:
Whiteboard: setroubleshoot_trace_hash:eaebbbe5d47...
Depends On: 587669
Blocks: 640580
TreeView+ depends on / blocked
 
Reported: 2010-10-19 13:27 UTC by Aleš Mareček
Modified: 2011-01-13 21:50 UTC (History)
10 users (show)

Fixed In Version: selinux-policy-2.4.6-296.el5
Doc Type: Bug Fix
Doc Text:
Under certain circumstances, SELinux could report that Internet Protocol Security (IPsec) management tools require read access to the content of a user's home directory. This error no longer occurs, and an appropriate SELinux rule has been added to resolve this issue.
Clone Of: 587669
Environment:
Last Closed: 2011-01-13 21:50:54 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:0026 normal SHIPPED_LIVE selinux-policy bug fix and enhancement update 2011-01-12 16:11:15 UTC

Comment 1 Miroslav Grepl 2010-10-19 14:11:53 UTC
Fixed in selinux-policy-2.4.6-288.el5

Comment 4 Miroslav Grepl 2010-11-29 11:52:25 UTC
Milos,
does the test pass in enforcing mode? 

I will add

files_dontaudit_search_home(ipsec_mgmt_t)

Comment 5 Miroslav Grepl 2010-12-01 10:13:48 UTC
Fixed in selinux-policy-2.4.6-296.el5

Comment 7 Jaromir Hradilek 2011-01-05 16:24:02 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Under certain circumstances, SELinux could report that Internet Protocol Security (IPsec) management tools require read access to the content of a user's home directory. This error no longer occurs, and an appropriate SELinux rule has been added to resolve this issue.

Comment 9 errata-xmlrpc 2011-01-13 21:50:54 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0026.html


Note You need to log in before you can comment on or make changes to this bug.