I keep receiving this message from SELinux in a bug report. I am running Fedora 13 and I am learning as I go. What might be causing this?
Summary:
SELinux is preventing /usr/sbin/semodule access to a leaked /tmp/tmpGTbWYh file
descriptor.
Detailed Description:
[semodule has a permissive type (semanage_t). This access was not denied.]
SELinux denied access requested by the semodule command. It looks like this is
either a leaked descriptor or semodule output was redirected to a file it is not
allowed to access. Leaks usually can be ignored since SELinux is just closing
the leak and reporting the error. The application does not use the descriptor,
so it will run properly. If this is a redirection, you will not get output in
the /tmp/tmpGTbWYh. You should generate a bugzilla on selinux-policy, and it
will get routed to the appropriate package. You can safely ignore this avc.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385)
Additional Information:
Source Context system_u:system_r:semanage_t:s0-s0:c0.c1023
Target Context system_u:object_r:initrc_tmp_t:s0
Target Objects /tmp/tmpGTbWYh [ file ]
Source semodule
Source Path /usr/sbin/semodule
Port <Unknown>
Source RPM Packages policycoreutils-2.0.83-28.fc13
Target RPM Packages
Policy RPM selinux-policy-3.7.19-62.fc13
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name leaks
Best Answer
This probably happened after an update of the system, and as temporary file are usually not needed after a reboot, I'd try to delete the file.
With this command you see if the file is used by any process and will give you one or more numbers (Process ID, PID).
No numbers it means the process is not used and you can delete safely the file
Do the above with a user that have the rights to do it (your user? root?), you can check this with an ls
If the file is used by any process you can do a ps and filter by each PID you found with the execution of the fuser
You must substitute $PID with numbers found above (with fuser).
At this point you should decide if you can, identify the aplication is using the file and close it if you can, or kill the process (kill $PID), or delete the file anyway (it maybe be risky).
If you have troubles to decide let us know.