On 02/19/2011 06:18 PM, Trevor Hemsley wrote:
> Hi
>
> I'm running Centos 5.5 with all the most recent patches applied and am
> seeing a strange problem with a file in my home directory called
> .recently-used.xbel. It keeps getting the wrong selinux context assigned
> to it though I have no idea what is changing it or when.
>
> [trevor@trevor4 ]$ ls -aZl ~/.recently-used.xbel
> -rw-rw-r-- 1 user_u:object_r:user_home_dir_t trevor trevor 148481 Feb
> 18 20:22 /home/trevor/.recently-used.xbel
> [trevor@trevor4 ]$ chcon --reference=/home/trevor/.recently-used
> ~/.recently-used.xbel
> [trevor@trevor4 ]$ ls -aZl ~/.recently-used.xbel
> -rw-rw-r-- 1 user_u:object_r:user_home_t trevor trevor 148481 Feb
> 18 20:22 /home/trevor/.recently-used.xbel
>
> It's a file not a directory yet it is being labelled as home_dir_t not
> home_t and this causes avc messages. I change it back using the chcon
> command above and it stays that way for a while and a few
> days/hour/weeks later, it comes back as home_dir_t again. I'm not sure
> what it is that triggers the re-mislabelling but I do know that I
> 'fixed' this via chcon about a week ago and now it's back again and it's
> not the first time that this has happened. Looking at these two avcs it
> would appear that I 'fixed' it shortly after the 13th and it came back
> sometime today or yesterday at a guess.
>
> 63. 13/02/11 02:12:53 smbd user_u:system_r:smbd_t:s0 4 file getattr
> user_u:object_r:user_home_dir_t:s0 denied 47358
> 64. 19/02/11 17:39:10 smbd user_u:system_r:smbd_t:s0 4 file getattr
> user_u:object_r:user_home_dir_t:s0 denied 54205
>
> [root@trevor4 ~]# ausearch -i -a 54205
> ----
> type=SYSCALL msg=audit(19/02/11 17:39:10.711:54205) : arch=x86_64
> syscall=stat success=yes exit=0 a0=7fffe6a808d0 a1=7fffe6a80000
> a2=7fffe6a80000 a3=7fffe6a804d0 items=0 ppid=2533 pid=15831 auid=trevor
> uid=trevor gid=root euid=trevor suid=root fsuid=trevor egid=trevor
> sgid=root fsgid=trevor tty=(none) ses=2 comm=smbd exe=/usr/sbin/smbd
> subj=user_u:system_r:smbd_t:s0 key=(null)
> type=AVC msg=audit(19/02/11 17:39:10.711:54205) : avc: denied {
> getattr } for pid=15831 comm=smbd path=/home/trevor/.recently-used.xbel
> dev=dm-5 ino=10453859 scontext=user_u:system_r:smbd_t:s0
> tcontext=user_u:object_r:user_home_dir_t:s0 tclass=file
>
> I haven't run a relabel of my system recently and even if I had it
> hasn't been since the machine was last rebooted..
>
> [root@trevor4 ~]# uptime
> 18:10:11 up 52 days, 7:58, 15 users, load average: 0.43, 0.43, 0.25
> [root@trevor4 ~]#
>
> [trevor@trevor4 ~]$ rpm -q selinux-policy
> selinux-policy-2.4.6-279.el5_5.2
>
> Anyone got any ideas what could be causing this? I can't see anything in
> semanage fcontext that could be doing it...
>
> [root@trevor4 ~]# semanage fcontext -l | grep home
> /usr/sbin/genhomedircon regular file
> system_u:object_r:semanage_exec_t:s0
> /usr/lib/oddjob/mkhomedir regular file
> system_u:object_r:oddjob_mkhomedir_exec_t:s0
>
> Yours
> Baffled of Brighton :)
>
>
> --
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Trevor,
could you add your output of
# id -Z
# ps -eZ | grep initrc
Also you can fix it using restorecond service by adding
# echo "~/.recently-used.xbel" >> /etc/selinux/restorecond.conf
# service restorecond restart
Which will fix the label.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
