Re: F12: SeLinux denials on older Fedora version mounted filesystems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2010-03-05 at 10:29 -0800, Daniel B. Thurman wrote:
> I reported this before, but got no response - perhaps because
> I bundled several issues into one posting?  If so, here is a separate
> posting.
> 
> It appears that SeLinux examines all mounted filesystem but
> in this case, SeLinux sees other Fedora versions and starts to
> complain when it is not related to the current running OS that
> is running.  As you can see below, and running F12, it complains
> about F11 (and in several places in the mounted F11 filesystem).
> 
> Many other complaints are similar for mounted Fedora versions
> BELOW the current running OS (F12), such as F11, 10, 9, 8, ...
> 
> How does one get around this issue?

updatedb creates a database for locate to use.  It isn't
SELinux-related.  SELinux is just reporting a denial when updatedb tries
to access those files because they have a security context that isn't
legal/defined under the active policy.  To avoid, you can:
1) not mount those filesystems when they aren't being used, or
2) configure /etc/updatedb.conf to exclude them from being scanned by
updatedb.

man updatedb and updatedb.conf

-- 
Stephen Smalley
National Security Agency

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux