Description of problem: SELinux is preventing /usr/sbin/wpa_supplicant from 'open' accesses on the file /var/log/wpa_supplicant.log. ***** Plugin restorecon (99.5 confidence) suggests ************************* If je wilt het label repareren. /var/log/wpa_supplicant.log standaard label moet NetworkManager_log_t zijn. Then je kunt restorecon uitvoeren. Do # /sbin/restorecon -v /var/log/wpa_supplicant.log ***** Plugin catchall (1.49 confidence) suggests *************************** If je denkt dat wpa_supplicant standaard open toegang moet hebben tot de wpa_supplicant.log file. Then je moet dit melden als een fout. Je kunt een locale tactiek module genereren om deze toegang toe te staan. Do sta deze toegang nu toe door het uitvoeren van: # grep wpa_supplicant /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:NetworkManager_t:s0 Target Context system_u:object_r:var_log_t:s0 Target Objects /var/log/wpa_supplicant.log [ file ] Source wpa_supplicant Source Path /usr/sbin/wpa_supplicant Port <Onbekend> Host (removed) Source RPM Packages wpa_supplicant-1.0-1.fc17.x86_64 Target RPM Packages Policy RPM selinux-policy-3.10.0-169.fc17.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 3.8.11-100.fc17.x86_64 #1 SMP Wed May 1 19:31:26 UTC 2013 x86_64 x86_64 Alert Count 4 First Seen 2013-04-29 21:16:50 CEST Last Seen 2013-05-14 17:26:44 CEST Local ID cd4b3b59-8138-4dfe-bde4-d6ec9676494a Raw Audit Messages type=AVC msg=audit(1368545204.263:671): avc: denied { open } for pid=13161 comm="wpa_supplicant" path="/var/log/wpa_supplicant.log" dev="dm-1" ino=1677 scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:var_log_t:s0 tclass=file type=SYSCALL msg=audit(1368545204.263:671): arch=x86_64 syscall=open success=yes exit=ESRCH a0=7fffefc4aecc a1=441 a2=1b6 a3=238 items=0 ppid=1 pid=13161 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=wpa_supplicant exe=/usr/sbin/wpa_supplicant subj=system_u:system_r:NetworkManager_t:s0 key=(null) Hash: wpa_supplicant,NetworkManager_t,var_log_t,file,open audit2allow #============= NetworkManager_t ============== allow NetworkManager_t var_log_t:file open; audit2allow -R #============= NetworkManager_t ============== allow NetworkManager_t var_log_t:file open; Additional info: hashmarkername: setroubleshoot kernel: 3.8.12-100.fc17.x86_64 type: libreport
Please execute # restorecon -R -v /var/log/wpa_supplicant.log which will fix labeling for this log file.