On Tue, 2008-06-17 at 10:55 -0500, Xavier Toth wrote: > On Tue, Jun 17, 2008 at 10:39 AM, Christopher J. PeBenito > <cpebenito@xxxxxxxxxx> wrote: > > On Tue, 2008-06-17 at 09:46 -0500, Xavier Toth wrote: > >> I'm seeing AVCs related to netlink_audit_socket when the screen saver > >> dialog is run. gnome-screensaver-dialog opens a pam session which uses > >> pam_unix which in turn runs the unix_chkpwd helper. I'm thinking that > >> gnome-screensaver-dialog is going to need some policy including > >> possibly authlogin_common_auth_domain_template. > > > > I'm not 100% clear, is the auditing happening from unix_chkpwd or the > > screensaver proper? > > > > I'm sure that it is unix_chkpwd that is auditing and not > gnome-screensaver-dialog. Is gnome-screensaver-dialog not running the user domain? I would have expected that it was, and that when unix_chkpwd is run, that it transitions to *_unix_chkpwd_t, which should be able to send audit messages. -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
