Am I the only that one that sees the following :
I think I am going crazy with these repeating avc's :(
Summary:
SELinux prevented kde4-config from writing .kde.
Detailed Description:
SELinux prevented kde4-config from writing .kde. If .kde is a core file, you may
want to allow this. If .kde is not a core file, this could signal a intrusion
attempt.
Allowing Access:
Changing the "allow_daemons_dump_core" boolean to true will allow this access:
"setsebool -P allow_daemons_dump_core=1."
Fix Command:
setsebool -P allow_daemons_dump_core=1
Additional Information:
Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Context system_u:object_r:root_t:s0
Target Objects .kde [ dir ]
Source kde4-config
Source Path /usr/bin/kde4-config
Port <Unknown>
Host riohigh
Source RPM Packages kdelibs-4.2.0-10.fc11
Target RPM Packages
Policy RPM selinux-policy-3.6.5-3.fc11
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name allow_daemons_dump_core
Host Name riohigh
Platform Linux riohigh 2.6.29-0.119.rc5.fc11.i586 #1 SMP
Sat Feb 14 18:38:24 EST 2009 i686 athlon
Alert Count 3
First Seen Thu 12 Feb 2009 08:38:18 AM CST
Last Seen Mon 16 Feb 2009 06:56:52 AM CST
Local ID 8e781235-d7ca-4c98-b8c9-ed9dac40a2ff
Line Numbers
Raw Audit Messages
node=riohigh type=AVC msg=audit(1234789012.965:7): avc: denied { create } for pid=2245 comm="kde4-config" name=".kde" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:root_t:s0 tclass=dir
node=riohigh type=SYSCALL msg=audit(1234789012.965:7): arch=40000003 syscall=39 success=no exit=-13 a0=82fc358 a1=1c0 a2=2f0438c a3=1 items=0 ppid=2244 pid=2245 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kde4-config" exe="/usr/bin/kde4-config" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
