permission denied errors upgrading kernel
Matthew Miller
mattdm at mattdm.org
Fri Dec 8 14:47:49 UTC 2006
So, I'm trying to back myself out of having the non-working 2.6.19 kernel
packages installed in rawhide. What's up with these errors?
$ ls kernel-*.rpm
kernel-2.6.18-1.2849.fc6.x86_64.rpm
kernel-devel-2.6.18-1.2849.fc6.x86_64.rpm
kernel-headers-2.6.18-1.2849.fc6.x86_64.rpm
$ sudo rpm -ivh kernel-*
Preparing... ########################################### [100%]
1:kernel-headers ########################################### [33%]
2:kernel ########################################### [67%]
cp: cannot set setfscreatecon `system_u:object_r:sbin_t:s0': Permission denied
cp: cannot set setfscreatecon `system_u:object_r:insmod_exec_t:s0': Permission denied
cp: cannot set setfscreatecon `system_u:object_r:lvm_exec_t:s0': Permission denied
3:kernel-devel ########################################### [100%]
This is accompanied by a bunch of this in the log:
audit(1165588655.467:18): avc: denied { setfscreate } for pid=3096
comm="cp" scontext=user_u:system_r:bootloader_t:s0
tcontext=user_u:system_r:bootloader_t:s0 tclass=process
audit(1165588655.563:19): avc: denied { execute_no_trans } for pid=3097
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.563:20): avc: denied { execute_no_trans } for pid=3098
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.599:21): avc: denied { execute_no_trans } for pid=3099
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.615:22): avc: denied { execute_no_trans } for pid=3100
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.639:23): avc: denied { execute_no_trans } for pid=3101
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=3112970
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.663:24): avc: denied { execute_no_trans } for pid=3102
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=3112970
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.691:25): avc: denied { setfscreate } for pid=3108
comm="cp" scontext=user_u:system_r:bootloader_t:s0
tcontext=user_u:system_r:bootloader_t:s0 tclass=process
audit(1165588655.695:26): avc: denied { execute_no_trans } for pid=3109
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.699:27): avc: denied { execute_no_trans } for pid=3110
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.699:28): avc: denied { execute_no_trans } for pid=3111
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.699:29): avc: denied { execute_no_trans } for pid=3112
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.699:30): avc: denied { execute_no_trans } for pid=3113
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=3112970
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588655.703:31): avc: denied { execute_no_trans } for pid=3114
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=3112970
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588656.087:32): avc: denied { setfscreate } for pid=3184
comm="cp" scontext=user_u:system_r:bootloader_t:s0
tcontext=user_u:system_r:bootloader_t:s0 tclass=process
audit(1165588656.091:33): avc: denied { execute_no_trans } for pid=3185
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588656.095:34): avc: denied { execute_no_trans } for pid=3186
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588656.095:35): avc: denied { execute_no_trans } for pid=3187
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588656.095:36): avc: denied { execute_no_trans } for pid=3188
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=950275
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588656.099:37): avc: denied { execute_no_trans } for pid=3189
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=3112970
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
audit(1165588656.099:38): avc: denied { execute_no_trans } for pid=3190
comm="mkinitrd" name="ld-2.5.90.so" dev=dm-0 ino=3112970
scontext=user_u:system_r:bootloader_t:s0
tcontext=system_u:object_r:ld_so_t:s0 tclass=file
Thank you, SE Linux!
I haven't rebooted yet, but presumably it isn't gonna be happy.
How do I fix this? How do I make this not ever happen? How can I tell that
it was going to happen BEFORE it happens?
--
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the fedora-selinux-list
mailing list