-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Antonio Olivares wrote: > Unknown, > > what is happening with console-kit-daemon? > > Summary: > > SELinux is preventing > console-kit-dae(/usr/sbin/console-kit-daemon) > (consolekit_t) "execute" to <Unknown> > (polkit_auth_exec_t). > > Detailed Description: > > SELinux denied access requested by > console-kit-dae(/usr/sbin/console-kit-daemon). It is > not expected that this > access is required by > console-kit-dae(/usr/sbin/console-kit-daemon) and this > access may signal an intrusion attempt. It is also > possible that the specific > version or configuration of the application is causing > it to require additional > access. > > Allowing Access: > > Sometimes labeling problems can cause SELinux denials. > You could try to restore > the default system file context for <Unknown>, > > restorecon -v <Unknown> > > If this does not work, there is currently no automatic > way to allow this access. > Instead, you can generate a local policy module to > allow this access - see FAQ > (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) > Or you can disable > SELinux protection altogether. Disabling SELinux > protection is not recommended. > Please file a bug report > (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) > against this package. > > Additional Information: > > Source Context > system_u:system_r:consolekit_t > Target Context > system_u:object_r:polkit_auth_exec_t > Target Objects None [ file ] > Source > console-kit-dae(/usr/sbin/console-kit-daemon) > Port <Unknown> > Host localhost.localdomain > Source RPM Packages > Target RPM Packages > Policy RPM > selinux-policy-3.2.5-20.fc9 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name catchall_file > Host Name localhost.localdomain > Platform Linux > localhost.localdomain 2.6.24-9.fc9 #1 SMP > Tue Jan 29 18:08:15 EST > 2008 i686 i686 > Alert Count 1 > First Seen Wed 30 Jan 2008 06:58:11 > PM CST > Last Seen Wed 30 Jan 2008 06:58:11 > PM CST > Local ID > f1411c87-1b39-4d5a-bec3-67e1feb8ec07 > Line Numbers > > Raw Audit Messages > > host=localhost.localdomain type=AVC > msg=audit(1201741091.457:30): avc: denied { execute > } for pid=2897 comm="console-kit-dae" > name="polkit-read-auth-helper" dev=dm-0 ino=116712 > scontext=system_u:system_r:consolekit_t:s0 > tcontext=system_u:object_r:polkit_auth_exec_t:s0 > tclass=file > > host=localhost.localdomain type=SYSCALL > msg=audit(1201741091.457:30): arch=40000003 syscall=11 > success=no exit=-13 a0=77097c a1=bff98da0 a2=bff9962c > a3=0 items=0 ppid=2264 pid=2897 auid=4294967295 uid=0 > gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 > tty=(none) comm="console-kit-dae" > exe="/usr/sbin/console-kit-daemon" > subj=system_u:system_r:consolekit_t:s0 key=(null) > > > > > > ____________________________________________________________________________________ > Be a better friend, newshound, and > know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Should be fixed by todays policy. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkeiIJMACgkQrlYvE4MpobOJvQCfS0EE1PcEH7ccU4kAyOLk3/uS YK4An3GtK1EqLDXZOtrIOncYoY0xEeW7 =ZWl6 -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
