Red Hat Bugzilla – Bug 865401
SELinux is preventing /usr/bin/python2.7 from read access on the directory /tmp.
Last modified: 2013-12-09 18:29:41 EST
Description of problem: SELinux is preventing /usr/bin/python2.7 from read access on the directory /tmp. Version-Release number of selected component (if applicable): blueman-1.23-4.fc18.i686 How reproducible: I get this every time in logon to my F18 Xfce Desktop and blueman is starting Steps to Reproduce: 1. Logon to Xfce desktop 2. 3. Actual results: selinux error Expected results: No selinux errors Additional info: ***** Plugin catchall (100. confidence) suggests *************************** If you believe that python2.7 should be allowed read access on the tmp directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep blueman-mechani /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:blueman_t:s0-s0:c0.c1023 Target Context system_u:object_r:tmp_t:s0 Target Objects /tmp [ dir ] Source blueman-mechani Source Path /usr/bin/python2.7 Port <Unknown> Host localhost.localdomain Source RPM Packages python-2.7.3-13.fc18.i686 Target RPM Packages filesystem-3.1-2.fc18.i686 Policy RPM selinux-policy-3.11.1-32.fc18.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name localhost.localdomain Platform Linux localhost.localdomain 3.6.1-1.fc18.i686 #1 SMP Mon Oct 8 18:03:51 UTC 2012 i686 i686 Alert Count 1 First Seen 2012-10-11 12:46:27 CEST Last Seen 2012-10-11 12:46:27 CEST Local ID e09614cd-954c-48fa-9701-ebad9ddb6995 Raw Audit Messages type=AVC msg=audit(1349952387.883:67): avc: denied { read } for pid=1423 comm="blueman-mechani" name="/" dev="tmpfs" ino=11367 scontext=system_u:system_r:blueman_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmp_t:s0 tclass=dir type=SYSCALL msg=audit(1349952387.883:67): arch=i386 syscall=open success=yes exit=ENOEXEC a0=4990889e a1=0 a2=1b6 a3=9c7bb18 items=0 ppid=1422 pid=1423 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=blueman-mechani exe=/usr/bin/python2.7 subj=system_u:system_r:blueman_t:s0-s0:c0.c1023 key=(null) Hash: blueman-mechani,blueman_t,tmp_t,dir,read audit2allow #============= blueman_t ============== allow blueman_t tmp_t:dir read; audit2allow -R #============= blueman_t ============== allow blueman_t tmp_t:dir read;
Hi. I'm closing this bug as Blueman has been retired from Fedora. If you wish to file a bug against upstream, a new Blueman fork has been created in this github repository. [1] I apologize for the inconvenience. [1] https://github.com/cschramm/blueman