On Tue, Jun 15, 2010 at 09:38:47AM +0100, Frank Murphy wrote:
> from logwatch
>
> --------------------- Kernel Begin ------------------------
>
>
> WARNING: Kernel Errors Present
> type=1400 audit(1276553951.414:525): avc: denied { read append }
> for pid=2526 comm="polkit-agent-he" path="/home/user/.xsession-errors"
> dev=dm-7 ino=2 ...: 1 Time(s)
>
> ---------------------- Kernel End -------------------------
alright well since i do not have sufficient information here is what i suspect may be required:
mkdir ~/mypolkit; cd ~/mypolkit;
echo "policy_module(mypolkit, 1.0.0)" > mypolkit.te;
echo "require { type policykit_auth_t; }" >> mypolkit.te;
echo "xserver_append_xdm_home_files(policykit_auth_t)" >> mypolkit.te;
make -f /usr/share/selinux/devel/Makefile mypolkit.pp
sudo semodule -i mypolkit.pp
But again: I am not sure if this is what is actually needed. I need to see the full AVC denial instead of only part of an AVC denial to be able to properly determine what is required.
>
>
> selinux-policy-3.7.19-28.fc13.noarch (from koji)
> kernel-PAE-2.6.33.5-128.fc13.i686 (from Koji)
>
> --
> Regards,
>
> Frank Murphy
> UTF_8 Encoded
> Friend of Fedora
> --
> selinux mailing list
> selinux@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/selinux
Attachment:
pgp2v4xmIr55f.pgp
Description: PGP signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
