-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frank Murphy wrote:
> Do I run "cp -P /usr/libexec/gconfd-2"
> -----------------------------------------------------
> Summary:
>
> SELinux is preventing gconfd-2 from creating a file with a context of
> unlabeled_t on a filesystem.
>
> Detailed Description:
>
> SELinux is preventing gconfd-2 from creating a file with a context of
> unlabeled_t on a filesystem. Usually this happens when you ask the cp command to
> maintain the context of a file when copying between file systems, "cp -a" for
> example. Not all file contexts should be maintained between the file systems.
> For example, a read-only file type like iso9660_t should not be placed on a r/w
> system. "cp -P" might be a better solution, as this will adopt the default file
> context for the destination.
>
> Allowing Access:
>
> Use a command like "cp -P" to preserve all permissions except SELinux context.
>
> Additional Information:
>
> Source Context unconfined_u:object_r:unlabeled_t:s0
> Target Context system_u:object_r:fs_t:s0
> Target Objects .testing.writeability [ filesystem ]
> Source gconfd-2
> Source Path /usr/libexec/gconfd-2
> Port <Unknown>
> Host frank-03
> Source RPM Packages GConf2-2.22.0-1.fc9
> Target RPM Packages
> Policy RPM selinux-policy-3.3.1-72.fc9
> Selinux Enabled True
> Policy Type targeted
> MLS Enabled True
> Enforcing Mode Enforcing
> Plugin Name filesystem_associate
> Host Name frank-03
> Platform Linux frank-03 2.6.25.6-55.fc9.i686 #1 SMP Tue Jun
> 10 16:27:49 EDT 2008 i686 i686
> Alert Count 1
> First Seen Wed 02 Jul 2008 12:06:53 IST
> Last Seen Wed 02 Jul 2008 12:06:53 IST
> Local ID 9af5a524-6e39-40da-a8f0-146b28ebee10
> Line Numbers
>
> Raw Audit Messages
>
> host=frank-03 type=AVC msg=audit(1214996813.541:52): avc: denied {
> associate } for pid=9827 comm="gconfd-2" name=".testing.writeability"
> scontext=unconfined_u:object_r:unlabeled_t:s0
> tcontext=system_u:object_r:fs_t:s0 tclass=filesystem
>
> host=frank-03 type=SYSCALL msg=audit(1214996813.541:52): arch=40000003
> syscall=5 success=no exit=-13 a0=8652d18 a1=41 a2=1c0 a3=8652d18
> items=0 ppid=1 pid=9827 auid=500 uid=500 gid=500 euid=500 suid=500
> fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="gconfd-2"
> exe="/usr/libexec/gconfd-2"
> subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
restorecon -R -v ~/
Should fix this problem.
Also have you udpated to the latest selinux-policy package?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkhtIWYACgkQrlYvE4MpobPLOACdGdkv/sS07+C1pHZP5Da77GyR
Gd0AnAw75m+PFQvgIztoKC+idJ283KB8
=tLgb
-----END PGP SIGNATURE-----
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
