-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Antonio Olivares wrote: > After applying rawhide updates and starting up to new kernel 2.6.24-0.38.rc2.git6.fc9, setroubleshoot kicked in and gave the following alert: > > Summary > SELinux is preventing X (xdm_xserver_t) "search" to <Unknown> (hwdata_t). > > Detailed Description > SELinux denied access requested by X. It is not expected that this access is > required by X and this access may signal an intrusion attempt. It is also > possible that the specific version or configuration of the application is > causing it to require additional access. > > Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for <Unknown>, restorecon -v > <Unknown> If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > > Additional Information > > Source Context system_u:system_r:xdm_xserver_t > Target Context system_u:object_r:hwdata_t > Target Objects None [ dir ] > Affected RPM Packages > Policy RPM selinux-policy-3.0.8-44.fc8 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name plugins.catchall_file > Host Name localhost > Platform Linux localhost 2.6.24-0.38.rc2.git6.fc9 #1 SMP > Fri Nov 16 17:20:39 EST 2007 i686 athlon > Alert Count 1 > First Seen Mon 19 Nov 2007 07:25:42 AM CST > Last Seen Mon 19 Nov 2007 07:25:42 AM CST > Local ID a1fc1316-a17e-43d6-8163-a6899b0cc65c > Line Numbers > > Raw Audit Messages > > avc: denied { search } for comm=X dev=dm-0 name=hwdata pid=2802 > scontext=system_u:system_r:xdm_xserver_t:s0 tclass=dir > tcontext=system_u:object_r:hwdata_t:s0 > > > > Regards, > > Antonio > > > > > ____________________________________________________________________________________ > Never miss a thing. Make Yahoo your home page. > http://www.yahoo.com/r/hs > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Fixed in selinux-policy-3.1.2-1.fc9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHQe3NrlYvE4MpobMRAkbOAJkB4EnsgZYQ2yLZKhtM/2can5z9owCgin7+ 5tI+hCnfD5t9He9ZBHvFcxo= =PXaa -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
