dbfdg <!--w1suD5cF-->
3
nmŠak  ã               @   sD   d dl Z e jdddZej Zd dlT d dlmZ G dd„ deƒZdS )	é    Nzsetroubleshoot-pluginsT)Zfallback)Ú*)ÚPluginc               @   sL   e Zd ZedƒZedƒZdZdZedƒZedƒZ	edƒZ
dd„ Zd	d
„ ZdS )ÚpluginzF
    SELinux is preventing $SOURCE_PATH the "$ACCESS" capability.
    zì
	dac_override and dac_read_search capabilities usually indicates that the root process does not have access to a file based on the permission flags.  This usually mean you have some file with the wrong ownership/permissions on it.
    Ú zuIf you want to help identify if domain needs this access or you have a file with the wrong permissions on your systemzdturn on full auditing to get path information about the offending file and generate the error again.zÜ
Turn on full auditing
# auditctl -w /etc/shadow -p w
Try to recreate AVC. Then execute
# ausearch -m avc -ts recent
If you see PATH record check ownership/permissions on file, and fix it,
otherwise report as a bugzilla.c             C   s   t j| tƒ d| _d S )NZgreen)r   Ú__init__Ú__name__Úlevel)Úself© r
   ú1/usr/share/setroubleshoot/plugins/dac_override.pyr   0   s    zplugin.__init__c             C   s   |j ddgƒr| jƒ S d S )NZdac_overrideZdac_read_search)Zhas_any_access_inZreport)r	   Zavcr
   r
   r   Úanalyze4   s    zplugin.analyzeN)r   Ú
__module__Ú__qualname__Ú_ZsummaryZproblem_descriptionZfix_descriptionZfix_cmdZif_textZ	then_textZdo_textr   r   r
   r
   r
   r   r      s   r   )ÚgettextZtranslationr   Zsetroubleshoot.utilZsetroubleshoot.Pluginr   r   r
   r
   r
   r   Ú<module>   s
   