SELinux is preventing khidpd_0d620558 from write access on the socket Unknown.
***** Plugin catchall (100. confidence) suggests ***************************
If you believe that khidpd_0d620558 should be allowed write access on the Unknown socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep khidpd_0d620558 /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context system_u:system_r:kernel_t:s0
Target Context system_u:object_r:unlabeled_t:s0
Target Objects Unknown [ socket ]
Source khidpd_0d620558
Source Path khidpd_0d620558
Port <Unknown>
Host JesusChrist.localdomain
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.9.16-16.fc15
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name JesusChrist.localdomain
Platform Linux JesusChrist.localdomain
2.6.38.3-18.fc15.x86_64 #1 SMP Fri Apr 22 13:24:23
UTC 2011 x86_64 x86_64
Alert Count 7
First Seen Sat 23 Apr 2011 01:10:35 PM MDT
Last Seen Sat 23 Apr 2011 01:10:35 PM MDT
Local ID 22003605-0f14-43ab-bb6b-a528ac18c632
Raw Audit Messages
type=AVC msg=audit(1303585835.426:3428): avc: denied { write } for pid=3477 comm="khidpd_0d620558" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=socket
Hash: khidpd_0d620558,kernel_t,unlabeled_t,socket,write
audit2allow
#============= kernel_t ==============
allow kernel_t unlabeled_t:socket write;
audit2allow -R
#============= kernel_t ==============
allow kernel_t unlabeled_t:socket write;
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
