-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Andrew Farris wrote:
These happen on two machines during updates, I'm also noticing many %post scriptlets failing when these pop up, though I don't know if they are related or not.
Summary:
SELinux is preventing yum (bootloader_t) "transition" to /sbin/ldconfig (rpm_script_t).
Detailed Description:
SELinux denied access requested by yum. It is not expected that this access is required by yum and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
Additional Information:
Source Context user_u:system_r:bootloader_t:s0 Target Context user_u:system_r:rpm_script_t:s0 Target Objects /sbin/ldconfig [ process ] Source yum Source Path /usr/bin/python Port <Unknown> Host durthangnix Source RPM Packages python-2.5.1-23.fc9 Target RPM Packages glibc-2.7.90-9 Policy RPM selinux-policy-3.3.1-14.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name durthangnix Platform Linux durthangnix 2.6.25-0.105.rc5.fc9 #1 SMP Mon Mar 10 20:59:23 EDT 2008 x86_64 x86_64 Alert Count 35 First Seen Thu 13 Mar 2008 11:19:15 PM PDT Last Seen Thu 13 Mar 2008 11:32:48 PM PDT Local ID 36d70abc-d12d-42f2-96bf-ab7250e29da1 Line Numbers
Raw Audit Messages
host=durthangnix type=AVC msg=audit(1205476368.460:1339): avc: denied { transition } for pid=28100 comm="yum" path="/sbin/ldconfig" dev=sda3 ino=858775 scontext=user_u:system_r:bootloader_t:s0 tcontext=user_u:system_r:rpm_script_t:s0 tclass=process
host=durthangnix type=SYSCALL msg=audit(1205476368.460:1339): arch=c000003e syscall=59 success=no exit=-13 a0=7ff2034c2aca a1=7fff1bd22350 a2=7ff20aa927d0 a3=3b8896c9f0 items=0 ppid=27144 pid=28100 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=4 comm="yum" exe="/usr/bin/python" subj=user_u:system_r:bootloader_t:s0 key=(null)
Summary:
SELinux is preventing yum (bootloader_t) "transition" to /bin/bash (rpm_script_t).
Detailed Description:
SELinux denied access requested by yum. It is not expected that this access is required by yum and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
Additional Information:
Source Context user_u:system_r:bootloader_t:s0 Target Context user_u:system_r:rpm_script_t:s0 Target Objects /bin/bash [ process ] Source rpm Source Path /bin/rpm Port <Unknown> Host durthangnix Source RPM Packages python-2.5.1-23.fc9 Target RPM Packages bash-3.2-21.fc9 Policy RPM selinux-policy-3.3.1-14.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name durthangnix Platform Linux durthangnix 2.6.25-0.105.rc5.fc9 #1 SMP Mon Mar 10 20:59:23 EDT 2008 x86_64 x86_64 Alert Count 48 First Seen Thu 13 Mar 2008 10:00:05 AM PDT Last Seen Thu 13 Mar 2008 11:32:48 PM PDT Local ID 75a34bf7-d467-444b-bfb4-9a931b3af238 Line Numbers
Raw Audit Messages
host=durthangnix type=AVC msg=audit(1205476368.64:1338): avc: denied { transition } for pid=28099 comm="yum" path="/bin/bash" dev=sda3 ino=835647 scontext=user_u:system_r:bootloader_t:s0 tcontext=user_u:system_r:rpm_script_t:s0 tclass=process
host=durthangnix type=SYSCALL msg=audit(1205476368.64:1338): arch=c000003e syscall=59 success=no exit=-13 a0=7ff20063e90d a1=7fff1bd22350 a2=7ff20aa927d0 a3=3b8896c9f0 items=0 ppid=27144 pid=28099 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=4 comm="yum" exe="/usr/bin/python" subj=user_u:system_r:bootloader_t:s0 key=(null)
THis looks like you are logged in as bootloader_t? Something is very wrong with your system.
What does id -Z
Show?
You might need to relabel. Are you using a different login program?