Re: /tmp/lost+found on F9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 28 May 2008 15:00:21 -0400
Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:

> Paul Howarth wrote:
> > Being an old-fashioned sort of guy, I always create a separate
> > partition (well, logical volume these days) for /tmp and various
> > other top-level directories. Hence I have a
> > directory /tmp/lost+found and every day I get an email from cron
> > like this:
> > 
> >   Subject: Cron <root@goalkeeper> run-parts /etc/cron.daily
> >   Date: Tue, 27 May 2008 04:17:12 +0100
> > 
> >   /etc/cron.daily/tmpwatch:
> > 
> >   error: failed to lstat /tmp/lost+found: Permission denied
> > 
> > The following policy fixes this:
> > 
> >   policy_module(localmisc, 0.0.1)
> > 
> >   require {
> > 	type tmpreaper_t;
> >   }
> > 
> >   # Allow tmpwatch to stat /tmp/lost+found
> >   files_getattr_lost_found_dirs(tmpreaper_t)
> > 
> > Paul.
> That is funny because the policy has
> 
> files_dontaudit_getattr_lost_found_dirs(tmpreaper_t)
> 
> So in order to get rid of the error, we need to allow it, which seems
> reasonable.

Yes, the dontaudit made it that much harder to figure out what was
going on but "semodule -BD" came to the rescue there.

Paul.

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux