Hide Forgot
SELinux is preventing /sbin/quotacheck from 'write' accesses on the directory /newmount. ***** Plugin restorecon (82.4 confidence) suggests ************************* If you want to fix the label. /newmount default label should be default_t. Then you can run restorecon. Do # /sbin/restorecon -v /newmount ***** Plugin file (7.05 confidence) suggests ******************************* If you think this is caused by a badly mislabeled machine. Then you need to fully relabel. Do touch /.autorelabel; reboot ***** Plugin file (7.05 confidence) suggests ******************************* If you think this is caused by a badly mislabeled machine. Then you need to fully relabel. Do touch /.autorelabel; reboot ***** Plugin catchall_labels (4.59 confidence) suggests ******************** If you want to allow quotacheck to have write access on the newmount directory Then you need to change the label on /newmount Do # semanage fcontext -a -t FILE_TYPE '/newmount' where FILE_TYPE is one of the following: var_spool_t, home_root_t, boot_t, root_t, tmp_t, usr_t, var_t, etc_t. Then execute: restorecon -v '/newmount' ***** Plugin catchall (1.31 confidence) suggests *************************** If you believe that quotacheck should be allowed write access on the newmount directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep quotacheck /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:quota_t:s0-s0:c0.c1023 Target Context system_u:object_r:file_t:s0 Target Objects /newmount [ dir ] Source quotacheck Source Path /sbin/quotacheck Port <Unknown> Host (removed) Source RPM Packages quota-3.17-18.fc14 Target RPM Packages Policy RPM selinux-policy-3.9.7-46.fc14 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux rog1 2.6.35.14-100.fc14.i686 #1 SMP Fri Oct 21 19:14:19 UTC 2011 i686 i686 Alert Count 24 First Seen Fri 04 Nov 2011 01:30:17 AM EDT Last Seen Fri 04 Nov 2011 10:58:07 AM EDT Local ID 6661212e-d1dc-4f3b-81bb-9e6f03167327 Raw Audit Messages type=AVC msg=audit(1320418687.230:27375): avc: denied { write } for pid=3081 comm="quotacheck" name="/" dev=sdb1 ino=2 scontext=unconfined_u:unconfined_r:quota_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=dir type=SYSCALL msg=audit(1320418687.230:27375): arch=i386 syscall=open success=no exit=EACCES a0=bfda1afc a1=80c2 a2=180 a3=5c57fc items=0 ppid=3048 pid=3081 auid=501 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=tty2 ses=2 comm=quotacheck exe=/sbin/quotacheck subj=unconfined_u:unconfined_r:quota_t:s0-s0:c0.c1023 key=(null) Hash: quotacheck,quota_t,file_t,dir,write audit2allow #============= quota_t ============== #!!!! The source type 'quota_t' can write to a 'dir' of the following types: # var_spool_t, home_root_t, boot_t, root_t, tmp_t, usr_t, var_t, etc_t allow quota_t file_t:dir write; audit2allow -R #============= quota_t ============== #!!!! The source type 'quota_t' can write to a 'dir' of the following types: # var_spool_t, home_root_t, boot_t, root_t, tmp_t, usr_t, var_t, etc_t allow quota_t file_t:dir write;
You have to label /newmount with a label? What kind of content is going to be in this directory?
This message is a notice that Fedora 14 is now at end of life. Fedora has stopped maintaining and issuing updates for Fedora 14. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At this time, all open bugs with a Fedora 'version' of '14' have been closed as WONTFIX. (Please note: Our normal process is to give advanced warning of this occurring, but we forgot to do that. A thousand apologies.) Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, feel free to reopen this bug and simply change the 'version' to a later Fedora version. Bug Reporter: Thank you for reporting this issue and we are sorry that we were unable to fix it before Fedora 14 reached end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" (top right of this page) and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping