libreport version: 2.0.8 executable: /usr/bin/python2.7 hashmarkername: setroubleshoot kernel: 3.3.2-6.fc16.x86_64 reason: SELinux is preventing /usr/bin/python2.7 from 'write' accesses on the directory rhsm. time: Fri 27 Apr 2012 08:22:00 AM EDT description: :SELinux is preventing /usr/bin/python2.7 from 'write' accesses on the directory rhsm. : :***** Plugin catchall (100. confidence) suggests *************************** : :If you believe that python2.7 should be allowed write access on the rhsm directory by default. :Then you should report this as a bug. :You can generate a local policy module to allow this access. :Do :allow this access for now by executing: :# grep rhsmcertd-worke /var/log/audit/audit.log | audit2allow -M mypol :# semodule -i mypol.pp : :Additional Information: :Source Context system_u:system_r:rhsmcertd_t:s0 :Target Context system_u:object_r:var_run_t:s0 :Target Objects rhsm [ dir ] :Source rhsmcertd-worke :Source Path /usr/bin/python2.7 :Port <Unknown> :Host (removed) :Source RPM Packages subscription-manager-0.99.13-1.fc16.x86_64 :Target RPM Packages :Policy RPM selinux-policy-3.10.0-86.fc16.noarch :Selinux Enabled True :Policy Type targeted :Enforcing Mode Enforcing :Host Name (removed) :Platform Linux (removed) 3.3.2-6.fc16.x86_64 : #1 SMP Sat Apr 21 12:43:20 UTC 2012 x86_64 x86_64 :Alert Count 2 :First Seen Fri 27 Apr 2012 08:15:30 AM EDT :Last Seen Fri 27 Apr 2012 08:15:30 AM EDT :Local ID fdbf1933-220d-4a2b-9a64-f98f6faf5743 : :Raw Audit Messages :type=AVC msg=audit(1335528930.912:84): avc: denied { write } for pid=2079 comm="rhsmcertd" name="rhsm" dev="tmpfs" ino=21300 scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir : : :type=AVC msg=audit(1335528930.912:84): avc: denied { add_name } for pid=2079 comm="rhsmcertd" name="update" scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=dir : : :type=AVC msg=audit(1335528930.912:84): avc: denied { create } for pid=2079 comm="rhsmcertd" name="update" scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file : : :type=AVC msg=audit(1335528930.912:84): avc: denied { write open } for pid=2079 comm="rhsmcertd" name="update" dev="tmpfs" ino=27898 scontext=system_u:system_r:rhsmcertd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file : : :type=SYSCALL msg=audit(1335528930.912:84): arch=x86_64 syscall=open success=yes exit=EIO a0=4013b7 a1=241 a2=1b6 a3=238 items=0 ppid=1 pid=2079 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=rhsmcertd exe=/usr/bin/rhsmcertd subj=system_u:system_r:rhsmcertd_t:s0 key=(null) : :Hash: rhsmcertd-worke,rhsmcertd_t,var_run_t,dir,write : :audit2allow : :#============= rhsmcertd_t ============== :#!!!! The source type 'rhsmcertd_t' can write to a 'dir' of the following types: :# rhsmcertd_lock_t, rhsmcertd_var_lib_t, rhsmcertd_var_run_t, var_lock_t, rhsmcertd_log_t, root_t : :allow rhsmcertd_t var_run_t:dir { write add_name }; :#!!!! The source type 'rhsmcertd_t' can write to a 'file' of the following types: :# rhsmcertd_lock_t, rhsmcertd_var_lib_t, rhsmcertd_var_run_t, rhsmcertd_log_t, root_t : :allow rhsmcertd_t var_run_t:file { write create open }; : :audit2allow -R : :#============= rhsmcertd_t ============== :#!!!! The source type 'rhsmcertd_t' can write to a 'dir' of the following types: :# rhsmcertd_lock_t, rhsmcertd_var_lib_t, rhsmcertd_var_run_t, var_lock_t, rhsmcertd_log_t, root_t : :allow rhsmcertd_t var_run_t:dir { write add_name }; :#!!!! The source type 'rhsmcertd_t' can write to a 'file' of the following types: :# rhsmcertd_lock_t, rhsmcertd_var_lib_t, rhsmcertd_var_run_t, rhsmcertd_log_t, root_t : :allow rhsmcertd_t var_run_t:file { write create open }; :
*** This bug has been marked as a duplicate of bug 817001 ***