On Fri, 2009-07-10 at 16:28 -0500, Robert Nichols wrote: > When trying to set a new default for Power Management Preferences: > > Detailed Description: > > SELinux denied access requested by gconf-defaults-. It is not expected > that this > access is required by gconf-defaults- and this access may signal an > intrusion > attempt. It is also possible that the specific version or configuration > of the > application is causing it to require additional access. > > Allowing Access: > > You can generate a local policy module to allow this access - see FAQ > (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can > disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. > Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) > against this package. > > Additional Information: > > Source Context > system_u:system_r:gconfdefaultsm_t:s0-s0:c0.c1023 > Target Context system_u:object_r:security_t:s0 > Target Objects mls [ file ] > Source gconf-defaults- > Source Path /usr/libexec/gconf-defaults-mechanism > Port <Unknown> > Host omega-3p.local > Source RPM Packages GConf2-2.26.2-1.fc11 > Target RPM Packages > Policy RPM selinux-policy-3.6.12-53.fc11 > Selinux Enabled True > Policy Type targeted > MLS Enabled True > Enforcing Mode Enforcing > Plugin Name catchall > Host Name omega-3p.local > Platform Linux omega-3p.local > 2.6.29.5-191.fc11.i586 #1 SMP > Tue Jun 16 23:11:39 EDT 2009 i686 i686 > Alert Count 2 > First Seen Fri 10 Jul 2009 04:20:11 PM CDT > Last Seen Fri 10 Jul 2009 04:20:11 PM CDT > Local ID de1d32d5-dded-47ec-9eb5-9dc8167a8685 > Line Numbers > > Raw Audit Messages > > node=omega-3p.local type=AVC msg=audit(1247260811.959:37): avc: denied > { read } for pid=3541 comm="gconf-defaults-" name="mls" dev=selinuxfs > ino=12 scontext=system_u:system_r:gconfdefaultsm_t:s0-s0:c0.c1023 > tcontext=system_u:object_r:security_t:s0 tclass=file > > node=omega-3p.local type=AVC msg=audit(1247260811.959:37): avc: denied > { open } for pid=3541 comm="gconf-defaults-" name="mls" dev=selinuxfs > ino=12 scontext=system_u:system_r:gconfdefaultsm_t:s0-s0:c0.c1023 > tcontext=system_u:object_r:security_t:s0 tclass=file > > node=omega-3p.local type=SYSCALL msg=http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.6.12/65.fc11/noarch/selinux-policy-3.6.12-65.fc11.noarch.rpmaudit(1247260811.959:37): > arch=40000003 syscall=5 success=yes exit=3 a0=bfd414e8 a1=8000 a2=0 > a3=bfd414e8 items=0 ppid=3540 pid=3541 auid=4294967295 uid=0 gid=0 > euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 > comm="gconf-defaults-" exe="/usr/libexec/gconf-defaults-mechanism" > subj=system_u:system_r:gconfdefaultsm_t:s0-s0:c0.c1023 key=(null) > This issue should be resolved in latest policy: rpm -Uvh http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.6.12/65.fc11/noarch/selinux-policy-3.6.12-65.fc11.noarch.rpm http://kojipkgs.fedoraproject.org/packages/selinux-policy/3.6.12/65.fc11/noarch/selinux-policy-targeted-3.6.12-65.fc11.noarch.rpm
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
