Hi,
Summary:
SELinux prevented umount from mounting on the file or directory "mtab" (type "etc_t").
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1244693043.30:19491): avc: denied { unlink } for pid=10969 comm="umount" name="mtab" dev=dm-1 ino=87534 scontext=system_u:system_r:mount_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:etc_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1244693043.30:19491): arch=40000003 syscall=38 success=yes exit=0 a0=a1043b a1=a1040a a2=a12b88 a3=4 items=0 ppid=1886 pid=10969 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="umount" exe="/bin/umount" subj=system_u:system_r:mount_t:s0-s0:c0.c1023 key=(null)
---
Rahul
On 06/17/2009 02:12 PM, Rahul Sundaram wrote:
Hi,
Summary:
SELinux prevented umount from mounting on the file or directory "mtab" (type "etc_t").
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1244693043.30:19491): avc: denied { unlink } for pid=10969 comm="umount" name="mtab" dev=dm-1 ino=87534 scontext=system_u:system_r:mount_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:etc_t:s0 tclass=file
node=localhost.localdomain type=SYSCALL msg=audit(1244693043.30:19491): arch=40000003 syscall=38 success=yes exit=0 a0=a1043b a1=a1040a a2=a12b88 a3=4 items=0 ppid=1886 pid=10969 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="umount" exe="/bin/umount" subj=system_u:system_r:mount_t:s0-s0:c0.c1023 key=(null)
Rahul
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
restorecon /etc/mtab
Should Fix.
Did some other app create this file?
On 06/19/2009 05:54 AM, Rahul Sundaram wrote:
On 06/19/2009 01:02 AM, Daniel J Walsh wrote:
restorecon /etc/mtab
Should Fix.
Did some other app create this file?
How do I find that out?
Rahul
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
I would figure it is a tool that you ran as root that modified the mount table. If the tool was run by initrc_t it would have transitioned properly. You could use restorecond to maintain the proper context so this does not happen again.
selinux@lists.fedoraproject.org