-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/15/2012 09:23 AM, SES wrote:
> I keep getting this same error message: ideas please and HELPPPP!!
>
> PLUS- ANYONE KNOW WHOIS this IP-10.155.7.70 it's hanging on my
> firewall...
>
> Thanks!
>
> SES
>
> SELinux is preventing /usr/libexec/accounts-daemon from read access
> on the file cpuinfo.
>
> ***** Plugin catchall (100. confidence) suggests
> ***************************
>
> If you believe that accounts-daemon should be allowed read access
> on the cpuinfo file by default. Then you should report this as a
> bug. You can generate a local policy module to allow this access.
> Do allow this access for now by executing: # grep accounts-daemon
> /var/log/audit/audit.log | audit2allow -M mypol # semodule -i
> mypol.pp
>
> Additional Information: Source Context
> system_u:system_r:accountsd_t:s0 Target Context
> system_u:object_r:proc_t:s0 Target Objects cpuinfo [
> file ] Source accounts-daemon Source Path
> /usr/libexec/accounts-daemon Port
> <Unknown> Host (removed) Source RPM
> Packages accountsservice-0.6.14-2.fc16 Target RPM
> Packages Policy RPM
> selinux-policy-3.10.0-46.fc16 Selinux Enabled True
> Policy Type targeted Enforcing Mode
> Enforcing Host Name (removed) Platform
> Linux andix 3.2.2-1.fc16.x86_64 #1 SMP Thu Jan 26 03:21:58 UTC 2012
> x86_64 x86_64 Alert Count 1 First Seen
> Sat 04 Feb 2012 02:21:51 PM EST Last Seen Sat
> 04 Feb 2012 02:21:51 PM EST Local ID
> 23013443-3786-4251-aae1-305975161bb2
>
> Raw Audit Messages type=AVC msg=audit(1328383311.327:49): avc:
> denied { read } for pid=1086 comm="accounts-daemon" name="cpuinfo"
> dev=proc ino=4026532023 scontext=system_u:system_r:accountsd_t:s0
> tcontext=system_u:object_r:proc_t:s0 tclass=file
>
>
> type=SYSCALL msg=audit(1328383311.327:49): arch=x86_64
> syscall=open success=no exit=EACCES a0=30daf72a53 a1=80000 a2=d
> a3=1 items=0 ppid=1 pid=1086 auid=4294967295 uid=0 gid=0 euid=0
> suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
> comm=accounts-daemon exe=/usr/libexec/accounts-daemon
> subj=system_u:system_r:accountsd_t:s0 key=(null)
>
> Hash: accounts-daemon,accountsd_t,proc_t,file,read
>
> audit2allow
>
> #============= accountsd_t ============== allow accountsd_t
> proc_t:file read;
>
> audit2allow -R
>
> #============= accountsd_t ============== allow accountsd_t
> proc_t:file read;
>
>
>
Update your system with the latest code.
yum -y update
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk87zwYACgkQrlYvE4MpobOQbgCdEEt/PSK8gsYW3j34s6JLaZxM
xqoAoNAllDUMZ9uxIwZDIUniGRuHy5oM
=Ntzx
-----END PGP SIGNATURE-----
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
