-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/01/2010 11:07 AM, Dominick Grift wrote: > On Fri, Oct 01, 2010 at 07:30:38AM -0700, Dan Thurman wrote: >> >> Below happened 224 times. >> >> How can I fix this? > > I do not think samba_share_t is a type usable for filesystems. What are you trying to do and did that type end up on a filesystem object? > >> >> =========================================================================== >> Summary: >> >> SELinux is preventing /usr/sbin/smbd "quotaget" access . >> >> Detailed Description: >> >> SELinux denied access requested by smbd. It is not expected that this >> access is >> required by smbd and this access may signal an intrusion attempt. It is also >> possible that the specific version or configuration of the application is >> causing it to require additional access. >> >> Allowing Access: >> >> You can generate a local policy module to allow this access - see FAQ >> (http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug >> report. >> >> Additional Information: >> >> Source Context system_u:system_r:smbd_t:s0 >> Target Context system_u:object_r:samba_share_t:s0 >> Target Objects None [ filesystem ] >> Source smbd >> Source Path /usr/sbin/smbd >> Port <Unknown> >> Host (removed) >> Source RPM Packages samba-3.5.5-68.fc13 >> Target RPM Packages >> Policy RPM selinux-policy-3.7.19-57.fc13 >> Selinux Enabled True >> Policy Type targeted >> Enforcing Mode Enforcing >> Plugin Name catchall >> Host Name (removed) >> Platform Linux host.domain.com >> 2.6.34.6-54.fc13.i686 #1 SMP >> Sun Sep 5 17:52:31 UTC 2010 i686 i686 >> Alert Count 224 >> First Seen Thu 30 Sep 2010 11:32:04 AM PDT >> Last Seen Thu 30 Sep 2010 09:18:41 PM PDT >> Local ID 01035ab1-2396-4e92-9b1e-09645d976534 >> Line Numbers >> >> Raw Audit Messages >> >> node=host.domain.com type=AVC msg=audit(1285906721.444:102672): avc: >> denied { quotaget } for pid=17451 comm="smbd" >> scontext=system_u:system_r:smbd_t:s0 >> tcontext=system_u:object_r:samba_share_t:s0 tclass=filesystem >> >> node=host.domain.com type=SYSCALL msg=audit(1285906721.444:102672): >> arch=40000003 syscall=131 success=no exit=-13 a0=80000701 a1=1282200 >> a2=1f5 a3=bfdb5d7c items=0 ppid=2144 pid=17451 auid=4294967295 uid=0 >> gid=0 euid=501 suid=501 fsuid=501 egid=501 sgid=501 fsgid=501 tty=(none) >> ses=4294967295 comm="smbd" exe="/usr/sbin/smbd" >> subj=system_u:system_r:smbd_t:s0 key=(null) >> >> >> -- >> selinux mailing list >> selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux >> >> >> -- >> selinux mailing list >> selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux I think he used a mount -o, context=...samba_share_t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkyl+9AACgkQrlYvE4MpobM3hACfUoU/yMdpb9zHonJaBq4QCdr0 05QAoL0XzlUCI482LIWpAXJJnziMe1hC =acNi -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
