Hi. I'm seeing lots of these alerts in rawhide. Is this "normal" or is it a gnome or selinux issue or is my system problematic? Valent. -- http://kernelreloaded.blog385.com/ linux, blog, anime, spirituality, windsurf, wireless registered as user #367004 with the Linux Counter, http://counter.li.org. ICQ: 2125241, Skype: valent.turkovic
Summary: SELinux is preventing the gconfd-2 from using potentially mislabeled files (./saved_state.tmp). Detailed Description: [SELinux is in permissive mode, the operation would have been denied but was permitted due to permissive mode.] SELinux has denied gconfd-2 access to potentially mislabeled file(s) (./saved_state.tmp). This means that SELinux will not allow gconfd-2 to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access: If you want gconfd-2 to access this files, you need to relabel them using restorecon -v './saved_state.tmp'. You might want to relabel the entire directory using restorecon -R -v '.'. Additional Information: Source Context user_u:user_r:user_t:s0 Target Context user_u:object_r:admin_home_t:s0 Target Objects ./saved_state.tmp [ file ] Source gconfd-2 Source Path /usr/libexec/gconfd-2 Port <Unknown> Host valent.lan Source RPM Packages GConf2-2.22.0-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-19.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name home_tmp_bad_labels Host Name valent.lan Platform Linux valent.lan 2.6.25-0.121.rc5.git4.fc9 #1 SMP Fri Mar 14 23:14:20 EDT 2008 i686 i686 Alert Count 1 First Seen Fri 21 Mar 2008 12:31:12 PM CET Last Seen Fri 21 Mar 2008 12:31:12 PM CET Local ID 41418630-4541-4f2c-baa6-4cc6eec16d87 Line Numbers Raw Audit Messages host=valent.lan type=AVC msg=audit(1206099072.482:443): avc: denied { rename } for pid=13738 comm="gconfd-2" name="saved_state.tmp" dev=sda9 ino=865370 scontext=user_u:user_r:user_t:s0 tcontext=user_u:object_r:admin_home_t:s0 tclass=file host=valent.lan type=SYSCALL msg=audit(1206099072.482:443): arch=40000003 syscall=38 success=yes exit=0 a0=9f59b20 a1=9f57118 a2=0 a3=5 items=0 ppid=1 pid=13738 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4 comm="gconfd-2" exe="/usr/libexec/gconfd-2" subj=user_u:user_r:user_t:s0 key=(null)
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list