-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andrew Farris wrote: > These happen on two machines during updates, I'm also noticing many > %post scriptlets failing when these pop up, though I don't know if > they are related or not. > > Summary: > > SELinux is preventing yum (bootloader_t) "transition" to /sbin/ldconfig > (rpm_script_t). > > Detailed Description: > > SELinux denied access requested by yum. It is not expected that this access is > required by yum and this access may signal an intrusion attempt. It is also > possible that the specific version or configuration of the application is > causing it to require additional access. > > Allowing Access: > > You can generate a local policy module to allow this access - see FAQ > (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable > SELinux protection altogether. Disabling SELinux protection is not recommended. > Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) > against this package. > > Additional Information: > > Source Context user_u:system_r:bootloader_t:s0 > Target Context user_u:system_r:rpm_script_t:s0 > Target Objects /sbin/ldconfig [ process ] > Source yum > Source Path /usr/bin/python > Port <Unknown> > Host durthangnix > Source RPM Packages python-2.5.1-23.fc9 > Target RPM Packages glibc-2.7.90-9 > Policy RPM selinux-policy-3.3.1-14.fc9 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name catchall > Host Name durthangnix > Platform Linux durthangnix 2.6.25-0.105.rc5.fc9 #1 SMP Mon > Mar 10 20:59:23 EDT 2008 x86_64 x86_64 > Alert Count 35 > First Seen Thu 13 Mar 2008 11:19:15 PM PDT > Last Seen Thu 13 Mar 2008 11:32:48 PM PDT > Local ID 36d70abc-d12d-42f2-96bf-ab7250e29da1 > Line Numbers > > Raw Audit Messages > > host=durthangnix type=AVC msg=audit(1205476368.460:1339): avc: denied > { transition } for pid=28100 comm="yum" path="/sbin/ldconfig" > dev=sda3 ino=858775 scontext=user_u:system_r:bootloader_t:s0 > tcontext=user_u:system_r:rpm_script_t:s0 tclass=process > > host=durthangnix type=SYSCALL msg=audit(1205476368.460:1339): > arch=c000003e syscall=59 success=no exit=-13 a0=7ff2034c2aca > a1=7fff1bd22350 a2=7ff20aa927d0 a3=3b8896c9f0 items=0 ppid=27144 > pid=28100 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 > fsgid=0 tty=pts1 ses=4 comm="yum" exe="/usr/bin/python" > subj=user_u:system_r:bootloader_t:s0 key=(null) > > > > Summary: > > SELinux is preventing yum (bootloader_t) "transition" to /bin/bash > (rpm_script_t). > > Detailed Description: > > SELinux denied access requested by yum. It is not expected that this access is > required by yum and this access may signal an intrusion attempt. It is also > possible that the specific version or configuration of the application is > causing it to require additional access. > > Allowing Access: > > You can generate a local policy module to allow this access - see FAQ > (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable > SELinux protection altogether. Disabling SELinux protection is not recommended. > Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) > against this package. > > Additional Information: > > Source Context user_u:system_r:bootloader_t:s0 > Target Context user_u:system_r:rpm_script_t:s0 > Target Objects /bin/bash [ process ] > Source rpm > Source Path /bin/rpm > Port <Unknown> > Host durthangnix > Source RPM Packages python-2.5.1-23.fc9 > Target RPM Packages bash-3.2-21.fc9 > Policy RPM selinux-policy-3.3.1-14.fc9 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name catchall > Host Name durthangnix > Platform Linux durthangnix 2.6.25-0.105.rc5.fc9 #1 SMP Mon > Mar 10 20:59:23 EDT 2008 x86_64 x86_64 > Alert Count 48 > First Seen Thu 13 Mar 2008 10:00:05 AM PDT > Last Seen Thu 13 Mar 2008 11:32:48 PM PDT > Local ID 75a34bf7-d467-444b-bfb4-9a931b3af238 > Line Numbers > > Raw Audit Messages > > host=durthangnix type=AVC msg=audit(1205476368.64:1338): avc: denied > { transition } for pid=28099 comm="yum" path="/bin/bash" dev=sda3 > ino=835647 scontext=user_u:system_r:bootloader_t:s0 > tcontext=user_u:system_r:rpm_script_t:s0 tclass=process > > host=durthangnix type=SYSCALL msg=audit(1205476368.64:1338): > arch=c000003e syscall=59 success=no exit=-13 a0=7ff20063e90d > a1=7fff1bd22350 a2=7ff20aa927d0 a3=3b8896c9f0 items=0 ppid=27144 > pid=28099 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 > fsgid=0 tty=pts1 ses=4 comm="yum" exe="/usr/bin/python" > subj=user_u:system_r:bootloader_t:s0 key=(null) > > > THis looks like you are logged in as bootloader_t? Something is very wrong with your system. What does id -Z Show? You might need to relabel. Are you using a different login program? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkfegVMACgkQrlYvE4MpobMQ+ACeKCK06xKkMvhWR+QV640XbWtL +FMAoJrZ27X844vVZyPsk0s/w0ElCkHO =Nmcm -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
