Re: SELinux is preventing dbus-daemon(/bin/dbus-daemon) (system_dbusd_t) "read" to <Unknown> (inotifyfs_t).

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Antonio Olivares wrote:
> Dear all,
> 
> as of yesterday's updates, I get a bunch of
> dbus-deamon denials, the cpu went to 99-100% during
> the update and running top showed dbus-daemon to be up
> there causing trouble.  When I rebooted the machine,
> Selinux caught the act which is summarized below.
> 
> Thanks,
> 
> Antonio 
> 
> Summary:
> 
> SELinux is preventing dbus-daemon(/bin/dbus-daemon)
> (system_dbusd_t) "read" to <Unknown>
> (inotifyfs_t).
> 
> Detailed Description:
> 
> SELinux denied access requested by
> dbus-daemon(/bin/dbus-daemon). It is not
> expected that this access is required by
> dbus-daemon(/bin/dbus-daemon) and this
> access may signal an intrusion attempt. It is also
> possible that the specific
> version or configuration of the application is causing
> it to require additional
> access.
> 
> Allowing Access:
> 
> Sometimes labeling problems can cause SELinux denials.
> You could try to restore
> the default system file context for <Unknown>,
> 
> restorecon -v <Unknown>
> 
> If this does not work, there is currently no automatic
> way to allow this access.
> Instead, you can generate a local policy module to
> allow this access - see FAQ
> (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385)
> Or you can disable
> SELinux protection altogether. Disabling SELinux
> protection is not recommended.
> Please file a bug report
> (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
> against this package.
> 
> Additional Information:
> 
> Source Context               
> system_u:system_r:system_dbusd_t
> Target Context               
> system_u:object_r:inotifyfs_t
> Target Objects                None [ dir ]
> Source                       
> dbus-daemon(/bin/dbus-daemon)
> Port                          <Unknown>
> Host                          localhost
> Source RPM Packages           
> Target RPM Packages           
> Policy RPM                   
> selinux-policy-3.2.5-12.fc9
> Selinux Enabled               True
> Policy Type                   targeted
> MLS Enabled                   True
> Enforcing Mode                Enforcing
> Plugin Name                   catchall_file
> Host Name                     localhost
> Platform                      Linux localhost
> 2.6.24-0.155.rc7.git6.fc9 #1 SMP
>                               Tue Jan 15 17:52:31 EST
> 2008 i686 athlon
> Alert Count                   1026
> First Seen                    Mon 21 Jan 2008 07:18:32
> AM CST
> Last Seen                     Mon 21 Jan 2008 07:19:08
> AM CST
> Local ID                     
> 4b1ce20c-c683-40fb-a014-85dbe8d69052
> Line Numbers                  
> 
> Raw Audit Messages            
> 
> host=localhost type=AVC
> msg=audit(1200921548.546:1057): avc:  denied  { read }
> for  pid=1898 comm="dbus-daemon" path="inotify"
> dev=inotifyfs ino=1
> scontext=system_u:system_r:system_dbusd_t:s0
> tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir
> 
> host=localhost type=SYSCALL
> msg=audit(1200921548.546:1057): arch=40000003
> syscall=3 success=no exit=-13 a0=5 a1=bfae1fe0 a2=10
> a3=b8608508 items=0 ppid=1 pid=1898 auid=4294967295
> uid=81 gid=81 euid=81 suid=81 fsuid=81 egid=81 sgid=81
> fsgid=81 tty=(none) comm="dbus-daemon"
> exe="/bin/dbus-daemon"
> subj=system_u:system_r:system_dbusd_t:s0 key=(null)
> 
> 
> 
> 
> 
>       ____________________________________________________________________________________
> Never miss a thing.  Make Yahoo your home page. 
> http://www.yahoo.com/r/hs
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Should be fixed now.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkeYplIACgkQrlYvE4MpobPiqQCg3wY5BStNnz29ewUf5+lDxd3M
gkoAoNRnaYq5fO9ANF+QZSiq4xWyn1mo
=XY5g
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux