-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Antonio Olivares wrote: > Dear all, > > I have encountered the following setroubleshoot warning: > > > Summary: > > SELinux is preventing readahead (readahead_t) "read" to inotify (inotifyfs_t). > > Detailed Description: > > SELinux denied access requested by readahead. It is not expected that this > access is required by readahead and this access may signal an intrusion attempt. > It is also possible that the specific version or configuration of the > application is causing it to require additional access. > > Allowing Access: > > Sometimes labeling problems can cause SELinux denials. You could try to restore > the default system file context for inotify, > > restorecon -v 'inotify' > > If this does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see FAQ > (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable > SELinux protection altogether. Disabling SELinux protection is not recommended. > Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) > against this package. > > Additional Information: > > Source Context system_u:system_r:readahead_t:SystemLow-SystemHigh > Target Context system_u:object_r:inotifyfs_t > Target Objects inotify [ dir ] > Source readahead > Source Path /usr/sbin/readahead > Port <Unknown> > Host localhost.localdomain > Source RPM Packages readahead-1.4.4-1.fc10 > Target RPM Packages > Policy RPM selinux-policy-3.5.1-4.fc10 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name catchall_file > Host Name localhost.localdomain > Platform Linux localhost.localdomain > 2.6.27-0.244.rc2.git1.fc10.i686 #1 SMP Fri Aug 8 > 13:26:20 EDT 2008 i686 i686 > Alert Count 2 > First Seen Thu 21 Aug 2008 04:04:26 AM CDT > Last Seen Thu 21 Aug 2008 04:04:28 AM CDT > Local ID c67dc8d2-0096-4510-9075-cbea7074ffa2 > Line Numbers > > Raw Audit Messages > > host=localhost.localdomain type=AVC msg=audit(1219309468.106:155): avc: denied { read } for pid=7574 comm="readahead" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:readahead_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir > > host=localhost.localdomain type=SYSCALL msg=audit(1219309468.106:155): arch=40000003 syscall=11 success=yes exit=0 a0=9f292d0 a1=9f29368 a2=9f295c0 a3=0 items=0 ppid=7564 pid=7574 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="readahead" exe="/usr/sbin/readahead" subj=system_u:system_r:readahead_t:s0-s0:c0.c1023 key=(null) > > > > > I do not know if readahead should be denied or not? What do you recommend that I do? > > Regards, > > Antonio > > > > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Fixed in selinux-policy-3.5.6-1.fc10 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAki+qxgACgkQrlYvE4MpobPFVQCfRkAZKXtrEoL62+Q1tbQZAj1R roYAmwRtzNJpWuGJaz0Wdf+juqPKqiwn =jjmC -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
