Summary: Your system may be seriously compromised! Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux has prevented /usr/share/syst from modifying $TARGET. This denial indicates /usr/share/syst was trying to modify the selinux policy configuration. All applications that need this access should have already had policy written for them. If a compromised application tries to modify the SELinux policy this AVC will be generated. This is a serious issue. Your system may very well be compromised. Allowing Access: Contact your security administrator and report this issue. Additional Information: Source Context mauricio:user_r:user_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:semanage_store_t:s0 Target Objects /etc/selinux/targeted/modules/active/modules [ dir ] Source /usr/share/syst Source Path /usr/bin/python Port <Unknown> Host (removed) Source RPM Packages python-2.6.4-25.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-69.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name selinuxpolicy Host Name (removed) Platform Linux (removed) 2.6.33.3-85.fc13.i686 #1 SMP Thu May 6 18:44:12 UTC 2010 i686 i686 Alert Count 1 First Seen Wed 01 Dec 2010 05:41:48 PM MST Last Seen Wed 01 Dec 2010 05:41:48 PM MST Local ID 00247bfe-5f13-462e-ae8b-bf03ed242f30 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1291250508.509:38): avc: denied { write } for pid=2601 comm="/usr/share/syst" name="modules" dev=dm-0 ino=133405 scontext=mauricio:user_r:user_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:semanage_store_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1291250508.509:38): arch=40000003 syscall=33 success=yes exit=0 a0=c5cbf00 a1=7 a2=791424 a3=c5cbea0 items=0 ppid=2583 pid=2601 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="/usr/share/syst" exe="/usr/bin/python" subj=mauricio:user_r:user_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinuxpolicy,/usr/share/syst,user_t,semanage_store_t,dir,write audit2allow suggests: #============= user_t ============== #!!!! The source type 'user_t' can write to a 'dir' of the following types: # gpg_pinentry_tmp_t, sandbox_file_type, tmp_t, httpd_user_content_t, user_home_dir_t, user_tmpfs_t, screen_var_run_t, mail_spool_t, mqueue_spool_t, tmpfs_t, gpg_agent_tmp_t, sandbox_file_type, user_tmp_t, httpd_user_script_exec_t, user_home_type, user_fonts_t, user_fonts_config_t, nfsd_rw_t, httpd_user_ra_content_t, httpd_user_rw_content_t, user_fonts_cache_t, screen_home_t, sshd_tmp_t, xdm_tmp_t, noxattrfs, dosfs_t allow user_t semanage_store_t:dir write;
*** This bug has been marked as a duplicate of bug 659145 ***