Hide Forgot
Summary: SELinux is preventing /usr/libexec/notification-daemon "write" access on linc-71e-0-4f4fde5f3dfd5. Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux denied access requested by notification-da. It is not expected that this access is required by notification-da and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context sysadm_u:sysadm_r:oddjob_mkhomedir_t:s0-s0:c0.c102 3 Target Context sysadm_u:object_r:tmp_t:s0 Target Objects linc-71e-0-4f4fde5f3dfd5 [ sock_file ] Source notification-da Source Path /usr/libexec/notification-daemon Port <Unknown> Host (removed) Source RPM Packages notification-daemon-0.5.0-1.fc13 Target RPM Packages Policy RPM selinux-policy-3.7.19-76.fc13 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.34.7-61.fc13.i686 #1 SMP Tue Oct 19 04:42:47 UTC 2010 i686 i686 Alert Count 0 First Seen Fri 21 Jan 2011 06:55:42 PM MST Last Seen Fri 21 Jan 2011 06:55:42 PM MST Local ID f26a8bdd-a57c-4fb2-8605-9ac20789d963 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1295661342.6:270): avc: denied { write } for pid=2565 comm="notification-da" name="linc-71e-0-4f4fde5f3dfd5" dev=dm-0 ino=524694 scontext=sysadm_u:sysadm_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 tcontext=sysadm_u:object_r:tmp_t:s0 tclass=sock_file node=(removed) type=SYSCALL msg=audit(1295661342.6:270): arch=40000003 syscall=102 success=yes exit=0 a0=3 a1=bf996050 a2=456784 a3=811fa6d items=0 ppid=1 pid=2565 auid=500 uid=500 gid=493 euid=500 suid=500 fsuid=500 egid=493 sgid=493 fsgid=493 tty=(none) ses=1 comm="notification-da" exe="/usr/libexec/notification-daemon" subj=sysadm_u:sysadm_r:oddjob_mkhomedir_t:s0-s0:c0.c1023 key=(null) Hash String generated from catchall,notification-da,oddjob_mkhomedir_t,tmp_t,sock_file,write audit2allow suggests: #============= oddjob_mkhomedir_t ============== allow oddjob_mkhomedir_t tmp_t:sock_file write;