These happen on two machines during updates, I'm also noticing many %post scriptlets failing when these pop up, though I don't know if they are related or not. Summary: SELinux is preventing yum (bootloader_t) "transition" to /sbin/ldconfig (rpm_script_t). Detailed Description: SELinux denied access requested by yum. It is not expected that this access is required by yum and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context user_u:system_r:bootloader_t:s0 Target Context user_u:system_r:rpm_script_t:s0 Target Objects /sbin/ldconfig [ process ] Source yum Source Path /usr/bin/python Port <Unknown> Host durthangnix Source RPM Packages python-2.5.1-23.fc9 Target RPM Packages glibc-2.7.90-9 Policy RPM selinux-policy-3.3.1-14.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name durthangnix Platform Linux durthangnix 2.6.25-0.105.rc5.fc9 #1 SMP Mon Mar 10 20:59:23 EDT 2008 x86_64 x86_64 Alert Count 35 First Seen Thu 13 Mar 2008 11:19:15 PM PDT Last Seen Thu 13 Mar 2008 11:32:48 PM PDT Local ID 36d70abc-d12d-42f2-96bf-ab7250e29da1 Line Numbers Raw Audit Messages host=durthangnix type=AVC msg=audit(1205476368.460:1339): avc: denied { transition } for pid=28100 comm="yum" path="/sbin/ldconfig" dev=sda3 ino=858775 scontext=user_u:system_r:bootloader_t:s0 tcontext=user_u:system_r:rpm_script_t:s0 tclass=process host=durthangnix type=SYSCALL msg=audit(1205476368.460:1339): arch=c000003e syscall=59 success=no exit=-13 a0=7ff2034c2aca a1=7fff1bd22350 a2=7ff20aa927d0 a3=3b8896c9f0 items=0 ppid=27144 pid=28100 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=4 comm="yum" exe="/usr/bin/python" subj=user_u:system_r:bootloader_t:s0 key=(null) Summary: SELinux is preventing yum (bootloader_t) "transition" to /bin/bash (rpm_script_t). Detailed Description: SELinux denied access requested by yum. It is not expected that this access is required by yum and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context user_u:system_r:bootloader_t:s0 Target Context user_u:system_r:rpm_script_t:s0 Target Objects /bin/bash [ process ] Source rpm Source Path /bin/rpm Port <Unknown> Host durthangnix Source RPM Packages python-2.5.1-23.fc9 Target RPM Packages bash-3.2-21.fc9 Policy RPM selinux-policy-3.3.1-14.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name durthangnix Platform Linux durthangnix 2.6.25-0.105.rc5.fc9 #1 SMP Mon Mar 10 20:59:23 EDT 2008 x86_64 x86_64 Alert Count 48 First Seen Thu 13 Mar 2008 10:00:05 AM PDT Last Seen Thu 13 Mar 2008 11:32:48 PM PDT Local ID 75a34bf7-d467-444b-bfb4-9a931b3af238 Line Numbers Raw Audit Messages host=durthangnix type=AVC msg=audit(1205476368.64:1338): avc: denied { transition } for pid=28099 comm="yum" path="/bin/bash" dev=sda3 ino=835647 scontext=user_u:system_r:bootloader_t:s0 tcontext=user_u:system_r:rpm_script_t:s0 tclass=process host=durthangnix type=SYSCALL msg=audit(1205476368.64:1338): arch=c000003e syscall=59 success=no exit=-13 a0=7ff20063e90d a1=7fff1bd22350 a2=7ff20aa927d0 a3=3b8896c9f0 items=0 ppid=27144 pid=28099 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=4 comm="yum" exe="/usr/bin/python" subj=user_u:system_r:bootloader_t:s0 key=(null) -- -- Andrew Farris <lordmorgul@xxxxxxxxx> www.lordmorgul.net gpg 0xC99B1DF3 fingerprint CDEC 6FAD BA27 40DF 707E A2E0 F0F6 E622 C99B 1DF3 No one now has, and no one will ever again get, the big picture. - Daniel Geer ---- ---- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
