Hide Forgot
SELinux is preventing /bin/bash from 'read' accesses on the lnk_file stderr. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that bash should be allowed read access on the stderr lnk_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep service /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:firewallgui_t:s0-s0:c0.c1023 Target Context system_u:object_r:tmpfs_t:s0 Target Objects stderr [ lnk_file ] Source service Source Path /bin/bash Port <Unbekannt> Host (removed) Source RPM Packages bash-4.2.10-2.fc15 Target RPM Packages Policy RPM selinux-policy-3.9.16-24.fc15 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 2.6.39 #1 SMP PREEMPT Thu May 19 18:41:05 CEST 2011 x86_64 x86_64 Alert Count 17 First Seen Mo 30 Mai 2011 21:20:16 CEST Last Seen Mo 30 Mai 2011 21:32:27 CEST Local ID 795609fa-aa88-4a6d-947a-5df764590183 Raw Audit Messages type=AVC msg=audit(1306783947.396:582): avc: denied { read } for pid=32626 comm="service" name="stderr" dev=tmpfs ino=2194 scontext=system_u:system_r:firewallgui_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmpfs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1306783947.396:582): arch=x86_64 syscall=stat success=no exit=EACCES a0=8f6c70 a1=7fff2bf5f300 a2=7fff2bf5f300 a3=8 items=0 ppid=32625 pid=32626 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=service exe=/bin/bash subj=system_u:system_r:firewallgui_t:s0-s0:c0.c1023 key=(null) Hash: service,firewallgui_t,tmpfs_t,lnk_file,read audit2allow #============= firewallgui_t ============== allow firewallgui_t tmpfs_t:lnk_file read; audit2allow -R #============= firewallgui_t ============== allow firewallgui_t tmpfs_t:lnk_file read;
Looks like your /dev is mislabeled. # ls -dZ Is this a fresh install? Are you fully updated? # rpm -q systemd
(In reply to comment #1) > Looks like your /dev is mislabeled. > > # ls -dZ $ ls -dZ /dev/ drwxr-xr-x. root root system_u:object_r:device_t:s0 /dev/ > > Is this a fresh install? This is a Fedora 14 system, that was upgraded via Fedora 15 DVD. One exception: I'm using a self-compiled kernel 2.6.39. > Are you fully updated? > > # rpm -q systemd $ rpm -q systemd systemd-26-2.fc15.x86_64
find /dev -type l -context "*:tmpfs_t:*"
$ find /dev -type l -context "*:tmpfs_t:*" /dev/fb /dev/systty /dev/core /dev/stderr /dev/stdout /dev/stdin /dev/fd $ ls -dZ /dev/fb lrwxrwxrwx. root root system_u:object_r:tmpfs_t:s0 /dev/fb -> fb0
Thomas does this happen on each reboot?
I just got this selinux alert once. otherwise I didn't reboot this machine for four days.
Ok, could you try to reboot. The problem should go away with this systemd release.
Hi, This error seems to occur every time I open the firewall configuration GUI in Fedora 15. I did open some ports.
And are you getting the same AVC?