Posttinstall scriptlets failing ?
Daniel J Walsh
dwalsh at redhat.com
Thu Feb 22 18:56:03 UTC 2007
Davide Bolcioni wrote:
> Greeetings,
> I just tried the following:
>
> yum install kernel-devel.x86_64
>
> and got
>
> Installing: kernel-devel ######################### [1/1]
> error: %post(kernel-devel-2.6.19-1.2911.fc6.x86_64) scriptlet failed, exit
> status 255
>
> the failure seems to be related to the following in the audit log:
>
> type=AVC msg=audit(1172166288.763:92): avc: denied { transition } for
> pid=7023 comm="yum" name="bash" dev=dm-1 ino=409636
> scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
> tcontext=system_u:system_r:rpm_script_t:s0-s0:c0.c1023 tclass=process
> type=SYSCALL msg=audit(1172166288.763:92): arch=c000003e syscall=59 success=no
> exit=-13 a0=3b5afef a1=7fff58604730 a2=4112960 a3=5f74c70 items=0 ppid=6779
> pid=7023 auid=503 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
> tty=pts0 comm="yum" exe="/usr/bin/python"
> subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
> type=AVC_PATH msg=audit(1172166288.763:92): path="/bin/bash"
>
> which I understand being a failure to exec() bash, correct ?
>
> Apparently, yum is running as system_u:system_r:xdm_t, which I find somewhat
> surprising, but still.
>
> Thank you for your consideration,
> Davide Bolcioni
>
There is a problem in the latest version of pam_selinux that is causing
this problem.
You can either revert to the previous version of pam or wait for the
next update.
More information about the fedora-selinux-list
mailing list