Dear all, Here are all the selinux errors that I have encountered. I apologize for putting in all at the same time, but I am just overwhelmed at the amount. I guess setroubleshoot daemon got happy and started sending all the avcs encountered. Thank you for advice given in advance. Regards, Antonio Summary: SELinux is preventing gvfsd-trash (staff_t) "dac_override" to <Unknown> (staff_t). Detailed Description: SELinux denied access requested by gvfsd-trash. It is not expected that this access is required by gvfsd-trash and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context root:staff_r:staff_t:SystemLow-SystemHigh Target Objects None [ capability ] Source pulseaudio Source Path /usr/bin/pulseaudio Port <Unknown> Host localhost.localdomain Source RPM Packages gvfs-0.2.3-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 39 First Seen Wed 09 Apr 2008 07:03:20 PM CDT Last Seen Wed 09 Apr 2008 07:03:45 PM CDT Local ID d2fbeab2-c5e1-4968-a58a-3897ade13c01 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785825.117:127): avc: denied { dac_override } for pid=5405 comm="gvfsd-trash" capability=1 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=root:staff_r:staff_t:s0-s0:c0.c1023 tclass=capability host=localhost.localdomain type=AVC msg=audit(1207785825.117:127): avc: denied { dac_read_search } for pid=5405 comm="gvfsd-trash" capability=2 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=root:staff_r:staff_t:s0-s0:c0.c1023 tclass=capability host=localhost.localdomain type=SYSCALL msg=audit(1207785825.117:127): arch=40000003 syscall=196 success=no exit=-13 a0=86652e8 a1=b741b1e0 a2=d14ff4 a3=0 items=0 ppid=5404 pid=5405 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="gvfsd-trash" exe="/usr/libexec/gvfsd-trash" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing escd (staff_t) "read write" to ./636F6F6C6B6579706B313173452D47617465203020302D30 (auth_cache_t). Detailed Description: SELinux denied access requested by escd. It is not expected that this access is required by escd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./636F6F6C6B6579706B313173452D47617465203020302D30, restorecon -v './636F6F6C6B6579706B313173452D47617465203020302D30' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context system_u:object_r:auth_cache_t Target Objects ./636F6F6C6B6579706B313173452D47617465203020302D30 [ file ] Source escd Source Path /usr/lib/esc-1.0.1/escd Port <Unknown> Host localhost.localdomain Source RPM Packages esc-1.0.1-9.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 1 First Seen Wed 09 Apr 2008 07:03:22 PM CDT Last Seen Wed 09 Apr 2008 07:03:22 PM CDT Local ID 6cd2e4ee-4e7e-4112-adcc-b3705916d481 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785802.447:91): avc: denied { read write } for pid=5282 comm="escd" name=636F6F6C6B6579706B313173452D47617465203020302D30 dev=dm-0 ino=2485540 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=system_u:object_r:auth_cache_t:s0 tclass=file host=localhost.localdomain type=SYSCALL msg=audit(1207785802.447:91): arch=40000003 syscall=5 success=no exit=-13 a0=8a45540 a1=20002 a2=180 a3=0 items=0 ppid=1 pid=5282 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="escd" exe="/usr/lib/esc-1.0.1/escd" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing pulseaudio (staff_t) "ipc_lock" to <Unknown> (staff_t). Detailed Description: SELinux denied access requested by pulseaudio. It is not expected that this access is required by pulseaudio and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context root:staff_r:staff_t:SystemLow-SystemHigh Target Objects None [ capability ] Source gnome-keyring-d Source Path /usr/bin/gnome-keyring-daemon Port <Unknown> Host localhost.localdomain Source RPM Packages pulseaudio-0.9.10-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 15 First Seen Wed 09 Apr 2008 07:03:06 PM CDT Last Seen Wed 09 Apr 2008 07:03:21 PM CDT Local ID 638ce06f-cd52-41b7-8f87-c3296b7b9c4e Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785801.262:89): avc: denied { ipc_lock } for pid=5217 comm="pulseaudio" capability=14 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=root:staff_r:staff_t:s0-s0:c0.c1023 tclass=capability host=localhost.localdomain type=SYSCALL msg=audit(1207785801.262:89): arch=40000003 syscall=150 success=yes exit=0 a0=b6804000 a1=3c84 a2=195cb4 a3=3c84 items=0 ppid=5214 pid=5217 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="pulseaudio" exe="/usr/bin/pulseaudio" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing gvfs-fuse-daemo (staff_t) "sys_admin" to <Unknown> (staff_t). Detailed Description: SELinux denied access requested by gvfs-fuse-daemo. It is not expected that this access is required by gvfs-fuse-daemo and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context root:staff_r:staff_t:SystemLow-SystemHigh Target Objects None [ capability ] Source gvfs-fuse-daemo Source Path /usr/libexec/gvfs-fuse-daemon Port <Unknown> Host localhost.localdomain Source RPM Packages gvfs-fuse-0.2.3-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 1 First Seen Wed 09 Apr 2008 07:03:21 PM CDT Last Seen Wed 09 Apr 2008 07:03:21 PM CDT Local ID f714cec5-eca8-4de6-a60b-d07f6e690250 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785801.751:90): avc: denied { sys_admin } for pid=5256 comm="gvfs-fuse-daemo" capability=21 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=root:staff_r:staff_t:s0-s0:c0.c1023 tclass=capability host=localhost.localdomain type=SYSCALL msg=audit(1207785801.751:90): arch=40000003 syscall=21 success=no exit=-1 a0=90654d0 a1=9064940 a2=9065510 a3=6 items=0 ppid=1 pid=5256 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="gvfs-fuse-daemo" exe="/usr/libexec/gvfs-fuse-daemon" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing firefox (staff_t) "setuid" to <Unknown> (staff_t). Detailed Description: SELinux denied access requested by firefox. It is not expected that this access is required by firefox and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context root:staff_r:staff_t:SystemLow-SystemHigh Target Objects None [ capability ] Source firefox Source Path /usr/lib/firefox-3.0b5/firefox Port <Unknown> Host localhost.localdomain Source RPM Packages firefox-3.0-0.53.beta5.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 14 First Seen Wed 09 Apr 2008 07:04:12 PM CDT Last Seen Wed 09 Apr 2008 07:04:12 PM CDT Local ID 728a632a-191d-449d-b1a1-aa9cff7a16f1 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785852.141:144): avc: denied { setuid } for pid=5422 comm="firefox" capability=7 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=root:staff_r:staff_t:s0-s0:c0.c1023 tclass=capability host=localhost.localdomain type=SYSCALL msg=audit(1207785852.141:144): arch=40000003 syscall=208 success=yes exit=0 a0=ffffffff a1=0 a2=ffffffff a3=bfee4c1c items=0 ppid=5408 pid=5422 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="firefox" exe="/usr/lib/firefox-3.0b5/firefox" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing firefox (staff_t) "write" to ./firefox-3.0b5 (lib_t). Detailed Description: SELinux denied access requested by firefox. It is not expected that this access is required by firefox and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./firefox-3.0b5, restorecon -v './firefox-3.0b5' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context system_u:object_r:lib_t Target Objects ./firefox-3.0b5 [ dir ] Source firefox Source Path /usr/lib/firefox-3.0b5/firefox Port <Unknown> Host localhost.localdomain Source RPM Packages firefox-3.0-0.53.beta5.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 1 First Seen Wed 09 Apr 2008 07:03:48 PM CDT Last Seen Wed 09 Apr 2008 07:03:52 PM CDT Local ID ba8ecec3-9fce-4945-92ed-d9640d5a0ea7 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785832.379:129): avc: denied { write } for pid=5422 comm="firefox" name="firefox-3.0b5" dev=dm-0 ino=4287001 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lib_t:s0 tclass=dir host=localhost.localdomain type=SYSCALL msg=audit(1207785832.379:129): arch=40000003 syscall=5 success=no exit=-13 a0=85ec4f0 a1=82c1 a2=1a4 a3=82c1 items=0 ppid=5408 pid=5422 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="firefox" exe="/usr/lib/firefox-3.0b5/firefox" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing pulseaudio (staff_t) "sys_resource" to <Unknown> (staff_t). Detailed Description: SELinux denied access requested by pulseaudio. It is not expected that this access is required by pulseaudio and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context root:staff_r:staff_t:SystemLow-SystemHigh Target Objects None [ capability ] Source pulseaudio Source Path /usr/bin/pulseaudio Port <Unknown> Host localhost.localdomain Source RPM Packages pulseaudio-0.9.10-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 2 First Seen Wed 09 Apr 2008 07:03:20 PM CDT Last Seen Wed 09 Apr 2008 07:03:20 PM CDT Local ID 40e0b7ff-cb5f-42de-8f1d-8302ea0c173f Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785800.594:72): avc: denied { sys_resource } for pid=5217 comm="pulseaudio" capability=24 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=root:staff_r:staff_t:s0-s0:c0.c1023 tclass=capability host=localhost.localdomain type=SYSCALL msg=audit(1207785800.594:72): arch=40000003 syscall=75 success=no exit=-1 a0=e a1=bfa8cd1c a2=d14ff4 a3=e items=0 ppid=5214 pid=5217 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="pulseaudio" exe="/usr/bin/pulseaudio" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing bash (staff_t) "write" to ./ccache (var_t). Detailed Description: SELinux denied access requested by bash. It is not expected that this access is required by bash and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./ccache, restorecon -v './ccache' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context system_u:object_r:var_t Target Objects ./ccache [ dir ] Source bash Source Path /bin/bash Port <Unknown> Host localhost.localdomain Source RPM Packages bash-3.2-22.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 1 First Seen Wed 09 Apr 2008 07:03:18 PM CDT Last Seen Wed 09 Apr 2008 07:03:18 PM CDT Local ID 8b8507ac-7e45-4ce0-b52f-b25b6c69c03f Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785798.523:69): avc: denied { write } for pid=5092 comm="bash" name="ccache" dev=dm-0 ino=2485510 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_t:s0 tclass=dir host=localhost.localdomain type=SYSCALL msg=audit(1207785798.523:69): arch=40000003 syscall=33 success=no exit=-13 a0=9eaad78 a1=2 a2=d14ff4 a3=0 items=0 ppid=4990 pid=5092 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="bash" exe="/bin/bash" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing gnome-session (staff_t) "write" to ./fontconfig (fonts_t). Detailed Description: SELinux denied access requested by gnome-session. It is not expected that this access is required by gnome-session and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./fontconfig, restorecon -v './fontconfig' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context root:staff_r:staff_t:SystemLow-SystemHigh Target Context system_u:object_r:fonts_t Target Objects ./fontconfig [ dir ] Source gnome-session Source Path /usr/bin/gnome-session Port <Unknown> Host localhost.localdomain Source RPM Packages gnome-session-2.22.1-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 1 First Seen Wed 09 Apr 2008 07:03:18 PM CDT Last Seen Wed 09 Apr 2008 07:03:18 PM CDT Local ID fddf24c2-0902-4a50-8909-4bd30c0839b6 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785798.732:70): avc: denied { write } for pid=5092 comm="gnome-session" name="fontconfig" dev=dm-0 ino=2387443 scontext=root:staff_r:staff_t:s0-s0:c0.c1023 tcontext=system_u:object_r:fonts_t:s0 tclass=dir host=localhost.localdomain type=SYSCALL msg=audit(1207785798.732:70): arch=40000003 syscall=33 success=no exit=-13 a0=8536358 a1=2 a2=a85694 a3=852daa8 items=0 ppid=4990 pid=5092 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="gnome-session" exe="/usr/bin/gnome-session" subj=root:staff_r:staff_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing escd (user_t) "write" to ./coolkey (auth_cache_t). Detailed Description: SELinux denied access requested by escd. It is not expected that this access is required by escd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./coolkey, restorecon -v './coolkey' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context user_u:user_r:user_t Target Context system_u:object_r:auth_cache_t Target Objects ./coolkey [ dir ] Source escd Source Path /usr/lib/esc-1.0.1/escd Port <Unknown> Host localhost.localdomain Source RPM Packages esc-1.0.1-9.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 4 First Seen Wed 09 Apr 2008 06:34:01 PM CDT Last Seen Wed 09 Apr 2008 07:02:51 PM CDT Local ID 08e479ee-11d3-4d0c-892c-e8ce4f8beb7b Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785771.193:60): avc: denied { write } for pid=4321 comm="escd" name="coolkey" dev=dm-0 ino=2485506 scontext=user_u:user_r:user_t:s0 tcontext=system_u:object_r:auth_cache_t:s0 tclass=dir host=localhost.localdomain type=SYSCALL msg=audit(1207785771.193:60): arch=40000003 syscall=5 success=no exit=-13 a0=88b4ba0 a1=4c2 a2=180 a3=88b3508 items=0 ppid=1 pid=4321 auid=502 uid=502 gid=502 euid=502 suid=502 fsuid=502 egid=502 sgid=502 fsgid=502 tty=(none) ses=3 comm="escd" exe="/usr/lib/esc-1.0.1/escd" subj=user_u:user_r:user_t:s0 key=(null) Summary: SELinux is preventing userhelper (user_t) "read write" to ./eject (userhelper_conf_t). Detailed Description: SELinux denied access requested by userhelper. It is not expected that this access is required by userhelper and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./eject, restorecon -v './eject' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context user_u:user_r:user_t Target Context system_u:object_r:userhelper_conf_t Target Objects ./eject [ file ] Source userhelper Source Path /usr/sbin/userhelper Port <Unknown> Host localhost.localdomain Source RPM Packages usermode-1.96-1 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 3 First Seen Wed 09 Apr 2008 06:34:03 PM CDT Last Seen Wed 09 Apr 2008 06:54:10 PM CDT Local ID 971298b0-6bc0-4ee0-a08e-efb07076dd3d Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785250.626:49): avc: denied { read write } for pid=4559 comm="userhelper" name="eject" dev=dm-0 ino=4055485 scontext=user_u:user_r:user_t:s0 tcontext=system_u:object_r:userhelper_conf_t:s0 tclass=file host=localhost.localdomain type=SYSCALL msg=audit(1207785250.626:49): arch=40000003 syscall=5 success=no exit=-13 a0=82e3508 a1=2 a2=b809cee0 a3=82e3530 items=0 ppid=4558 pid=4559 auid=502 uid=502 gid=502 euid=0 suid=0 fsuid=0 egid=502 sgid=502 fsgid=502 tty=(none) ses=3 comm="userhelper" exe="/usr/sbin/userhelper" subj=user_u:user_r:user_t:s0 key=(null) Summary: SELinux is preventing userhelper (user_t) "read" to ./eject (userhelper_conf_t). Detailed Description: SELinux denied access requested by userhelper. It is not expected that this access is required by userhelper and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./eject, restorecon -v './eject' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context user_u:user_r:user_t Target Context system_u:object_r:userhelper_conf_t Target Objects ./eject [ file ] Source userhelper Source Path /usr/sbin/userhelper Port <Unknown> Host localhost.localdomain Source RPM Packages usermode-1.96-1 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 3 First Seen Wed 09 Apr 2008 06:34:03 PM CDT Last Seen Wed 09 Apr 2008 06:54:10 PM CDT Local ID fe10c9ad-5af2-4402-b68e-8d6951329af6 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785250.628:50): avc: denied { read } for pid=4559 comm="userhelper" name="eject" dev=dm-0 ino=4055485 scontext=user_u:user_r:user_t:s0 tcontext=system_u:object_r:userhelper_conf_t:s0 tclass=file host=localhost.localdomain type=SYSCALL msg=audit(1207785250.628:50): arch=40000003 syscall=5 success=no exit=-13 a0=82e3508 a1=0 a2=b809cee0 a3=82e3530 items=0 ppid=4558 pid=4559 auid=502 uid=502 gid=502 euid=0 suid=0 fsuid=0 egid=502 sgid=502 fsgid=502 tty=(none) ses=3 comm="userhelper" exe="/usr/sbin/userhelper" subj=user_u:user_r:user_t:s0 key=(null) Summary: SELinux is preventing escd (user_t) "read write" to ./636F6F6C6B6579706B313173452D47617465203020302D353031 (auth_cache_t). Detailed Description: SELinux denied access requested by escd. It is not expected that this access is required by escd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./636F6F6C6B6579706B313173452D47617465203020302D353031, restorecon -v './636F6F6C6B6579706B313173452D47617465203020302D353031' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context user_u:user_r:user_t Target Context system_u:object_r:auth_cache_t Target Objects ./636F6F6C6B6579706B313173452D47617465203020302D35 3031 [ file ] Source escd Source Path /usr/lib/esc-1.0.1/escd Port <Unknown> Host localhost.localdomain Source RPM Packages esc-1.0.1-9.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 2 First Seen Wed 09 Apr 2008 06:49:21 PM CDT Last Seen Wed 09 Apr 2008 06:51:48 PM CDT Local ID 655d0a34-ec8a-4327-ae0c-a21175fccec7 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785108.494:39): avc: denied { read write } for pid=3737 comm="escd" name=636F6F6C6B6579706B313173452D47617465203020302D353031 dev=dm-0 ino=2485541 scontext=user_u:user_r:user_t:s0 tcontext=system_u:object_r:auth_cache_t:s0 tclass=file host=localhost.localdomain type=SYSCALL msg=audit(1207785108.494:39): arch=40000003 syscall=5 success=no exit=-13 a0=880aba0 a1=20002 a2=180 a3=0 items=0 ppid=1 pid=3737 auid=501 uid=501 gid=501 euid=501 suid=501 fsuid=501 egid=501 sgid=501 fsgid=501 tty=(none) ses=2 comm="escd" exe="/usr/lib/esc-1.0.1/escd" subj=user_u:user_r:user_t:s0 key=(null) Summary: SELinux is preventing wine-preloader (user_t) "mmap_zero" to <Unknown> (user_t). Detailed Description: SELinux denied access requested by wine-preloader. It is not expected that this access is required by wine-preloader and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context user_u:user_r:user_t Target Context user_u:user_r:user_t Target Objects None [ memprotect ] Source wine-preloader Source Path /usr/bin/wine-preloader Port <Unknown> Host localhost.localdomain Source RPM Packages wine-core-0.9.58-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-29.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.204.rc8.git4.fc9.i686 #1 SMP Mon Apr 7 11:33:46 EDT 2008 i686 i686 Alert Count 1 First Seen Wed 09 Apr 2008 06:50:02 PM CDT Last Seen Wed 09 Apr 2008 06:50:02 PM CDT Local ID 6f6e94e5-fbf2-43ea-b941-dba1d1da982b Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207785002.401:35): avc: denied { mmap_zero } for pid=3847 comm="wine-preloader" scontext=user_u:user_r:user_t:s0 tcontext=user_u:user_r:user_t:s0 tclass=memprotect host=localhost.localdomain type=SYSCALL msg=audit(1207785002.401:35): arch=40000003 syscall=90 success=no exit=-13 a0=bfed76dc a1=bfed76dc a2=60000000 a3=bfed76dc items=0 ppid=1 pid=3847 auid=501 uid=501 gid=501 euid=501 suid=501 fsuid=501 egid=501 sgid=501 fsgid=501 tty=(none) ses=2 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=user_u:user_r:user_t:s0 key=(null) Summary: SELinux prevented X from using the terminal tty0. Detailed Description: SELinux prevented X from using the terminal tty0. In most cases daemons do not need to interact with the terminal, usually these avc messages can be ignored. All of the confined daemons should have dontaudit rules around using the terminal. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this selinux-policy. If you would like to allow all daemons to interact with the terminal, you can turn on the allow_daemons_use_tty boolean. Allowing Access: Changing the "allow_daemons_use_tty" boolean to true will allow this access: "setsebool -P allow_daemons_use_tty=1." Fix Command: setsebool -P allow_daemons_use_tty=1 Additional Information: Source Context user_u:user_r:user_t Target Context system_u:object_r:tty_device_t Target Objects tty0 [ chr_file ] Source X Source Path /usr/bin/Xorg Port <Unknown> Host localhost.localdomain Source RPM Packages xorg-x11-server-Xorg-1.4.99.901-17.20080401.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-28.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name allow_daemons_use_tty Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.201.rc8.git4.fc9.i686 #1 SMP Sun Apr 6 21:55:27 EDT 2008 i686 i686 Alert Count 8 First Seen Fri 04 Apr 2008 06:52:01 PM CDT Last Seen Mon 07 Apr 2008 08:13:50 PM CDT Local ID 4c3eddb6-6a5d-420f-a3de-1649183f872c Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207617230.297:90): avc: denied { setattr } for pid=5319 comm="X" name="tty0" dev=tmpfs ino=255 scontext=user_u:user_r:user_t:s0 tcontext=system_u:object_r:tty_device_t:s0 tclass=chr_file host=localhost.localdomain type=SYSCALL msg=audit(1207617230.297:90): arch=40000003 syscall=212 success=no exit=-13 a0=81bc13b a1=0 a2=0 a3=bfbd70b4 items=0 ppid=5318 pid=5319 auid=502 uid=502 gid=502 euid=0 suid=0 fsuid=0 egid=502 sgid=502 fsgid=502 tty=tty1 ses=8 comm="X" exe="/usr/bin/Xorg" subj=user_u:user_r:user_t:s0 key=(null) Summary: SELinux is preventing gdb (xdm_t) "write" to ./rpm (rpm_var_lib_t). Detailed Description: SELinux denied access requested by gdb. It is not expected that this access is required by gdb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for ./rpm, restorecon -v './rpm' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:xdm_t:SystemLow-SystemHigh Target Context system_u:object_r:rpm_var_lib_t Target Objects ./rpm [ dir ] Source gdb Source Path /usr/bin/gdb Port <Unknown> Host localhost.localdomain Source RPM Packages gdb-6.8-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-26.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.195.rc8.git1.fc9.i686 #1 SMP Thu Apr 3 09:42:34 EDT 2008 i686 i686 Alert Count 196 First Seen Fri 04 Apr 2008 06:48:42 PM CDT Last Seen Fri 04 Apr 2008 07:56:14 PM CDT Local ID bf5f7ea8-f1a0-46bb-ade6-45dc659e7c1f Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207356974.98:206): avc: denied { write } for pid=2534 comm="gdb" name="rpm" dev=dm-0 ino=2387395 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=dir host=localhost.localdomain type=SYSCALL msg=audit(1207356974.98:206): arch=40000003 syscall=33 success=no exit=-13 a0=a3ddfb8 a1=2 a2=3547a4 a3=a3dde80 items=0 ppid=2533 pid=2534 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="gdb" exe="/usr/bin/gdb" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) Summary: SELinux is preventing gdb (xdm_t) "getattr" to /var/lib/rpm/Packages (rpm_var_lib_t). Detailed Description: SELinux denied access requested by gdb. It is not expected that this access is required by gdb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /var/lib/rpm/Packages, restorecon -v '/var/lib/rpm/Packages' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:xdm_t:SystemLow-SystemHigh Target Context system_u:object_r:rpm_var_lib_t Target Objects /var/lib/rpm/Packages [ file ] Source gdb Source Path /usr/bin/gdb Port <Unknown> Host localhost.localdomain Source RPM Packages gdb-6.8-1.fc9 Target RPM Packages rpm-4.4.2.3-1.fc9 Policy RPM selinux-policy-3.3.1-26.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25-0.195.rc8.git1.fc9.i686 #1 SMP Thu Apr 3 09:42:34 EDT 2008 i686 i686 Alert Count 196 First Seen Fri 04 Apr 2008 06:48:42 PM CDT Last Seen Fri 04 Apr 2008 07:56:14 PM CDT Local ID adc70120-316b-494e-a25a-1a9f014c0282 Line Numbers Raw Audit Messages host=localhost.localdomain type=AVC msg=audit(1207356974.99:207): avc: denied { getattr } for pid=2534 comm="gdb" path="/var/lib/rpm/Packages" dev=dm-0 ino=2387402 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_var_lib_t:s0 tclass=file host=localhost.localdomain type=SYSCALL msg=audit(1207356974.99:207): arch=40000003 syscall=195 success=no exit=-13 a0=a3ddf98 a1=bf9e3e9c a2=d14ff4 a3=64 items=0 ppid=2533 pid=2534 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="gdb" exe="/usr/bin/gdb" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
