On 01/13/2010 02:42 PM, Arthur Dent wrote: > Hello All, > > I have a NTFS partition mounted by fstab at boot time on my F11 system. > Recently I have been getting screeds and screeds of AVCs each time > updatedb runs (daily) - See below for an example. > > A bit of googling revealed Bug 549602 > https://bugzilla.redhat.com/show_bug.cgi?id=549602 which seems similar. > > Although fixed, it relates to F12. Unless I have missed something (quite > probable) I can't see a similar fix for F11. > > My questions are therefore: > 1) Is there a similar fix for F11? > Not yet. > 2) Will that solve my problem? > 3) If not, what should I do? > > You can add these rules for now using # grep avc /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp > I am running: > selinux-policy-targeted-3.6.12-92.fc11.noarch > selinux-policy-3.6.12-92.fc11.noarch > > Thanks in advance > > Mark > > ======================8<================================================= > > > Summary: > > SELinux is preventing updatedb (locate_t) "read" fusefs_t. > > Detailed Description: > > SELinux denied access requested by updatedb. It is not expected that this access > is required by updatedb and this access may signal an intrusion attempt. It is > also possible that the specific version or configuration of the application is > causing it to require additional access. > > Allowing Access: > > You can generate a local policy module to allow this access - see FAQ > (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable > SELinux protection altogether. Disabling SELinux protection is not recommended. > Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) > against this package. > > Additional Information: > > Source Context system_u:system_r:locate_t:s0-s0:c0.c1023 > Target Context system_u:object_r:fusefs_t:s0 > Target Objects /mnt/ntfs/Users/Mark/Cookies [ lnk_file ] > Source updatedb > Source Path /usr/bin/updatedb > Port<Unknown> > Host localhost.localdomain > Source RPM Packages mlocate-0.22-1 > Target RPM Packages > Policy RPM selinux-policy-3.6.12-92.fc11 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name catchall > Host Name localhost.localdomain > Platform Linux localhost.localdomain > 2.6.30.10-105.fc11.i686.PAE #1 SMP Thu Dec 24 > 16:41:17 UTC 2009 i686 i686 > Alert Count 3 > First Seen Mon 11 Jan 2010 09:22:03 GMT > Last Seen Wed 13 Jan 2010 08:27:02 GMT > Local ID f5c7a401-052c-4149-b79c-d5bef7725b9d > Line Numbers > > Raw Audit Messages > > node=localhost.localdomain type=AVC msg=audit(1263371222.110:58): avc: denied { read } for pid=4574 comm="updatedb" name="Cookies" dev=sda3 ino=86736 scontext=system_u:system_r:locate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file > > node=localhost.localdomain type=SYSCALL msg=audit(1263371222.110:58): arch=40000003 syscall=12 success=no exit=-13 a0=8e1e6f9 a1=bfcd3510 a2=bfcd36f4 a3=bfcd3510 items=0 ppid=4568 pid=4574 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0-s0:c0.c1023 key=(null) > > > > > > > > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux