SELinux prevented umount from mounting on the file or directory "/media/.hal-mtab-lock" (type "mnt_t").
Antonio Olivares
olivares14031 at yahoo.com
Fri May 23 01:54:23 UTC 2008
Dear all,
I have gotten a new avc., after applying the updates, the other ones disappeared :) Hope that was just it.
Regards,
Antonio
Summary:
SELinux prevented umount from mounting on the file or directory
"/media/.hal-mtab-lock" (type "mnt_t").
Detailed Description:
SELinux prevented umount from mounting a filesystem on the file or directory
"/media/.hal-mtab-lock" of type "mnt_t". By default SELinux limits the mounting
of filesystems to only some files or directories (those with types that have the
mountpoint attribute). The type "mnt_t" does not have this attribute. You can
either relabel the file or directory or set the boolean "allow_mount_anyfile" to
true to allow mounting on any file or directory.
Allowing Access:
Changing the "allow_mount_anyfile" boolean to true will allow this access:
"setsebool -P allow_mount_anyfile=1."
Fix Command:
setsebool -P allow_mount_anyfile=1
Additional Information:
Source Context system_u:system_r:mount_t:s0
Target Context system_u:object_r:mnt_t:s0
Target Objects /media/.hal-mtab-lock [ file ]
Source umount
Source Path /bin/umount
Port <Unknown>
Host localhost.localdomain
Source RPM Packages util-linux-ng-2.13.1-6.fc9
Target RPM Packages
Policy RPM selinux-policy-3.3.1-51.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name allow_mount_anyfile
Host Name localhost.localdomain
Platform Linux localhost.localdomain 2.6.25.3-18.fc9.x86_64
#1 SMP Tue May 13 04:54:47 EDT 2008 x86_64 x86_64
Alert Count 1
First Seen Thu 22 May 2008 03:52:14 PM CDT
Last Seen Thu 22 May 2008 03:52:14 PM CDT
Local ID b4ecd96d-7c1b-4016-84f4-b9edb6aa30c9
Line Numbers
Raw Audit Messages
host=localhost.localdomain type=AVC msg=audit(1211489534.822:146): avc: denied { read write } for pid=16678 comm="umount" path="/media/.hal-mtab-lock" dev=dm-0 ino=1785858 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:mnt_t:s0 tclass=file
host=localhost.localdomain type=SYSCALL msg=audit(1211489534.822:146): arch=c000003e syscall=59 success=yes exit=0 a0=403665 a1=7fff62ce68d0 a2=7fff62ce6f58 a3=0 items=0 ppid=16677 pid=16678 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="umount" exe="/bin/umount" subj=system_u:system_r:mount_t:s0 key=(null)
More information about the fedora-selinux-list
mailing list