Summary: SELinux prevented dbus-daemon from using the terminal /dev/tty1. Detailed Description: SELinux prevented dbus-daemon from using the terminal /dev/tty1. In most cases daemons do not need to interact with the terminal, usually these avc messages can be ignored. All of the confined daemons should have dontaudit rules around using the terminal. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this selinux-policy. If you would like to allow all daemons to interact with the terminal, you can turn on the allow_daemons_use_tty boolean. Allowing Access: Changing the "allow_daemons_use_tty" boolean to true will allow this access: "setsebool -P allow_daemons_use_tty=1." Fix Command: setsebool -P allow_daemons_use_tty=1 Additional Information: Source Context unconfined_u:unconfined_r:unconfined_dbusd_t :SystemLow-SystemHigh Target Context unconfined_u:object_r:unconfined_tty_device_t Target Objects /dev/tty1 [ chr_file ] Source dbus-daemon Source Path /bin/dbus-daemon Port <Unknown> Host localhost Source RPM Packages dbus-1.1.4-6.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-4.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name allow_daemons_use_tty Host Name localhost Platform Linux localhost 2.6.25-0.69.rc3.git1.fc9 #1 SMP Tue Feb 26 16:12:54 EST 2008 i686 athlon Alert Count 6 First Seen Fri 01 Feb 2008 05:06:20 PM CST Last Seen Wed 27 Feb 2008 01:01:38 PM CST Local ID c0a79310-b4d4-41fc-a712-a4db505290d5 Line Numbers Raw Audit Messages host=localhost type=AVC msg=audit(1204138898.740:24): avc: denied { read write } for pid=2845 comm="dbus-daemon" path="/dev/tty1" dev=tmpfs ino=1858 scontext=unconfined_u:unconfined_r:unconfined_dbusd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:unconfined_tty_device_t:s0 tclass=chr_file host=localhost type=SYSCALL msg=audit(1204138898.740:24): arch=40000003 syscall=11 success=yes exit=0 a0=804c907 a1=bfd1f04c a2=bfd20474 a3=7 items=0 ppid=2844 pid=2845 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="dbus-daemon" exe="/bin/dbus-daemon" subj=unconfined_u:unconfined_r:unconfined_dbusd_t:s0-s0:c0.c1023 key=(null) ____________________________________________________________________________________ Never miss a thing. Make Yahoo your home page. http://www.yahoo.com/r/hs -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list