[Novalug] SELinux Alert
Mark A. Metz
mametz@aol.com
Sun Nov 13 17:38:17 EST 2011
Every time I boot this machine I get an SELinux alert (below).
Anybody know what this is about?
SELinux is preventing /usr/libexec/colord from getattr access on the
filesystem /media.
***** Plugin catchall (100. confidence) suggests
***************************
If you believe that colord should be allowed getattr access on the media
filesystem by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep colord /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context system_u:system_r:colord_t:s0-s0:c0.c1023
Target Context system_u:object_r:tmpfs_t:s0
Target Objects /media [ filesystem ]
Source colord
Source Path /usr/libexec/colord
Port <Unknown>
Host asuslaptop
Source RPM Packages colord-0.1.13-2.fc16
Target RPM Packages filesystem-2.4.44-1.fc16
Policy RPM selinux-policy-3.10.0-55.fc16
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name asuslaptop
Platform Linux asuslaptop 3.1.0-7.fc16.x86_64 #1
SMP Tue
Nov 1 21:10:48 UTC 2011 x86_64 x86_64
Alert Count 12
First Seen Sat 12 Nov 2011 10:11:19 PM EST
Last Seen Sun 13 Nov 2011 05:12:27 PM EST
Local ID 25d8032d-7ab3-4f49-9652-bdf86b36d2a2
Raw Audit Messages
type=AVC msg=audit(1321222347.294:67): avc: denied { getattr } for
pid=1672 comm="colord" name="/" dev=tmpfs ino=10068
scontext=system_u:system_r:colord_t:s0-s0:c0.c1023
tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem
type=SYSCALL msg=audit(1321222347.294:67): arch=x86_64 syscall=statfs
success=no exit=EACCES a0=7fff922618e6 a1=7fff92261ae0 a2=bf30 a3=0
items=0 ppid=1 pid=1672 auid=4294967295 uid=0 gid=0 euid=0 suid=0
fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=colord
exe=/usr/libexec/colord subj=system_u:system_r:colord_t:s0-s0:c0.c1023
key=(null)
Hash: colord,colord_t,tmpfs_t,filesystem,getattr
audit2allow
#============= colord_t ==============
allow colord_t tmpfs_t:filesystem getattr;
audit2allow -R
#============= colord_t ==============
allow colord_t tmpfs_t:filesystem getattr;
More information about the Novalug
mailing list