selinux denying dev-kit, and others

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Summary:

SELinux is preventing gnome-clock-app (gnomeclock_t) "read" inotifyfs_t.

Detailed Description:

SELinux denied access requested by gnome-clock-app. It is not expected that this
access is required by gnome-clock-app and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:gnomeclock_t:SystemLow-
                              SystemHigh
Target Context                system_u:object_r:inotifyfs_t:SystemLow
Target Objects                inotify [ dir ]
Source                        gnome-clock-app
Source Path                   /usr/libexec/gnome-clock-applet-mechanism
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           gnome-panel-2.26.2-3.fc12
Target RPM Packages           
Policy RPM                    selinux-policy-3.6.15-1.fc12
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.30-6.fc12.i586 #1
                              SMP Fri Jun 12 11:36:06 EDT 2009 i686 i686
Alert Count                   1
First Seen                    Tue 16 Jun 2009 08:36:10 AM CDT
Last Seen                     Tue 16 Jun 2009 08:36:10 AM CDT
Local ID                      b01fae6b-cc0e-42cb-bea3-2c84383966e0
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1245159370.605:31): avc:  denied  { read } for  pid=2250 comm="gnome-clock-app" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir

node=localhost.localdomain type=SYSCALL msg=audit(1245159370.605:31): arch=40000003 syscall=11 success=yes exit=0 a0=9a9fe28 a1=9a9fce8 a2=9a9f008 a3=9aa22a8 items=0 ppid=2249 pid=2250 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="gnome-clock-app" exe="/usr/libexec/gnome-clock-applet-mechanism" subj=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 key=(null)




Summary:

SELinux is preventing devkit-disks-da (devicekit_disk_t) "getattr" inotifyfs_t.

Detailed Description:

SELinux denied access requested by devkit-disks-da. It is not expected that this
access is required by devkit-disks-da and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:devicekit_disk_t:SystemLow-
                              SystemHigh
Target Context                system_u:object_r:inotifyfs_t:SystemLow
Target Objects                inotify [ dir ]
Source                        devkit-disks-da
Source Path                   /usr/libexec/devkit-disks-daemon
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           DeviceKit-disks-004-3.fc12
Target RPM Packages           
Policy RPM                    selinux-policy-3.6.15-1.fc12
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.30-6.fc12.i586 #1
                              SMP Fri Jun 12 11:36:06 EDT 2009 i686 i686
Alert Count                   1
First Seen                    Tue 16 Jun 2009 08:35:52 AM CDT
Last Seen                     Tue 16 Jun 2009 08:35:52 AM CDT
Local ID                      8b03ae67-6d8b-49ea-821b-c78a2b4e715e
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1245159352.360:30): avc:  denied  { getattr } for  pid=2214 comm="devkit-disks-da" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir

node=localhost.localdomain type=SYSCALL msg=audit(1245159352.360:30): arch=40000003 syscall=197 success=yes exit=0 a0=7 a1=bfd94d00 a2=5ddff4 a3=95f8510 items=0 ppid=1 pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="devkit-disks-da" exe="/usr/libexec/devkit-disks-daemon" subj=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 key=(null)




Summary:

SELinux is preventing devkit-disks-da (devicekit_disk_t) "read" inotifyfs_t.

Detailed Description:

SELinux denied access requested by devkit-disks-da. It is not expected that this
access is required by devkit-disks-da and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:devicekit_disk_t:SystemLow-
                              SystemHigh
Target Context                system_u:object_r:inotifyfs_t:SystemLow
Target Objects                inotify [ dir ]
Source                        devkit-disks-da
Source Path                   /usr/libexec/devkit-disks-daemon
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           DeviceKit-disks-004-3.fc12
Target RPM Packages           
Policy RPM                    selinux-policy-3.6.15-1.fc12
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.30-6.fc12.i586 #1
                              SMP Fri Jun 12 11:36:06 EDT 2009 i686 i686
Alert Count                   8
First Seen                    Tue 16 Jun 2009 07:21:24 AM CDT
Last Seen                     Tue 16 Jun 2009 08:35:51 AM CDT
Local ID                      0ecb0348-2ba7-401d-a917-9c0f74a7f61d
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1245159351.885:29): avc:  denied  { read } for  pid=2214 comm="devkit-disks-da" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir

node=localhost.localdomain type=SYSCALL msg=audit(1245159351.885:29): arch=40000003 syscall=11 success=yes exit=0 a0=87bbe50 a1=87be290 a2=87bb008 a3=87bbd90 items=0 ppid=2213 pid=2214 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="devkit-disks-da" exe="/usr/libexec/devkit-disks-daemon" subj=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 key=(null)




Summary:

SELinux is preventing devkit-power-da (devicekit_power_t) "getattr" inotifyfs_t.

Detailed Description:

SELinux denied access requested by devkit-power-da. It is not expected that this
access is required by devkit-power-da and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:devicekit_power_t:SystemLow-
                              SystemHigh
Target Context                system_u:object_r:inotifyfs_t:SystemLow
Target Objects                inotify [ dir ]
Source                        devkit-power-da
Source Path                   /usr/libexec/devkit-power-daemon
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           DeviceKit-power-008-1.fc12
Target RPM Packages           
Policy RPM                    selinux-policy-3.6.15-1.fc12
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.30-6.fc12.i586 #1
                              SMP Fri Jun 12 11:36:06 EDT 2009 i686 i686
Alert Count                   1
First Seen                    Tue 16 Jun 2009 08:35:45 AM CDT
Last Seen                     Tue 16 Jun 2009 08:35:45 AM CDT
Local ID                      48abf8a4-c9fb-4129-abd3-35ed578349eb
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1245159345.55:27): avc:  denied  { getattr } for  pid=2174 comm="devkit-power-da" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir

node=localhost.localdomain type=SYSCALL msg=audit(1245159345.55:27): arch=40000003 syscall=197 success=yes exit=0 a0=5 a1=bfeb5e40 a2=5ddff4 a3=90cc030 items=0 ppid=1 pid=2174 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="devkit-power-da" exe="/usr/libexec/devkit-power-daemon" subj=system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 key=(null)




Summary:

SELinux is preventing devkit-daemon (devicekit_t) "read" inotifyfs_t.

Detailed Description:

SELinux denied access requested by devkit-daemon. It is not expected that this
access is required by devkit-daemon and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:devicekit_t:SystemLow-SystemHigh
Target Context                system_u:object_r:inotifyfs_t:SystemLow
Target Objects                inotify [ dir ]
Source                        devkit-daemon
Source Path                   /usr/libexec/devkit-daemon
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           DeviceKit-003-1
Target RPM Packages           
Policy RPM                    selinux-policy-3.6.15-1.fc12
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.30-6.fc12.i586 #1
                              SMP Fri Jun 12 11:36:06 EDT 2009 i686 i686
Alert Count                   1
First Seen                    Tue 16 Jun 2009 08:35:45 AM CDT
Last Seen                     Tue 16 Jun 2009 08:35:45 AM CDT
Local ID                      a1417ce4-b120-4778-9802-f21888673601
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1245159345.63:28): avc:  denied  { read } for  pid=2178 comm="devkit-daemon" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:devicekit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir

node=localhost.localdomain type=SYSCALL msg=audit(1245159345.63:28): arch=40000003 syscall=11 success=yes exit=0 a0=8fe4e10 a1=8fe4d98 a2=8fe4008 a3=8fe7358 items=0 ppid=2177 pid=2178 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="devkit-daemon" exe="/usr/libexec/devkit-daemon" subj=system_u:system_r:devicekit_t:s0-s0:c0.c1023 key=(null)



Summary:

SELinux is preventing devkit-power-da (devicekit_power_t) "read" inotifyfs_t.

Detailed Description:

SELinux denied access requested by devkit-power-da. It is not expected that this
access is required by devkit-power-da and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:devicekit_power_t:SystemLow-
                              SystemHigh
Target Context                system_u:object_r:inotifyfs_t:SystemLow
Target Objects                inotify [ dir ]
Source                        devkit-power-da
Source Path                   /usr/libexec/devkit-power-daemon
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           DeviceKit-power-008-1.fc12
Target RPM Packages           
Policy RPM                    selinux-policy-3.6.15-1.fc12
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.30-6.fc12.i586 #1
                              SMP Fri Jun 12 11:36:06 EDT 2009 i686 i686
Alert Count                   9
First Seen                    Tue 16 Jun 2009 07:21:24 AM CDT
Last Seen                     Tue 16 Jun 2009 08:35:44 AM CDT
Local ID                      a3306212-15db-4b4b-a00a-d2c310e28d4f
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1245159344.629:26): avc:  denied  { read } for  pid=2174 comm="devkit-power-da" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir

node=localhost.localdomain type=SYSCALL msg=audit(1245159344.629:26): arch=40000003 syscall=11 success=yes exit=0 a0=9147e50 a1=914a290 a2=9147008 a3=9147d90 items=0 ppid=2173 pid=2174 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="devkit-power-da" exe="/usr/libexec/devkit-power-daemon" subj=system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 key=(null)






      

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux