selinux is now denying its own manager

Gene Heskett gene.heskett at verizon.net
Mon Aug 4 21:36:48 UTC 2008


On Monday 04 August 2008, Daniel J Walsh wrote:
>Gene Heskett wrote:
>> Greetings;
>>
>> I just did a yumex update which included the python and semanage updates,
>> and selinux positively threw a fit.
>>
>> setroubleshooter says I now have 47 brand new copies of this:
>>
>> host=coyote.coyote.den type=AVC msg=audit(1217637926.43:906): avc: denied
>> { sys_tty_config } for pid=2768 comm="semanage" capability=26
>> scontext=system_u:system_r:semanage_t:s0
>> tcontext=system_u:system_r:semanage_t:s0 tclass=capability
>>
>> host=coyote.coyote.den type=SYSCALL msg=audit(1217637926.43:906):
>> arch=40000003 syscall=54 success=yes exit=0 a0=1 a1=5401 a2=bfd9796c
>> a3=bfd97a8c items=0 ppid=2762 pid=2768 auid=0 uid=0 gid=0 euid=0 suid=0
>> fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="semanage"
>> exe="/usr/bin/python" subj=system_u:system_r:semanage_t:s0 key=(null)
>>
>> Fixable?
>>
>> Thanks.
>
>These should be fixed in latest Rawhide and Fedora 9 policy.

I'm running F8 Daniel.  This s/b backported to F8, that is where the problem 
came from.  I haven't changed my repos in ages.

Thanks.

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
BUFFERS=20 FILES=15 2nd down, 4th quarter, 5 yards to go!




More information about the fedora-list mailing list