Unknown,
what is happening with console-kit-daemon?
Summary:
SELinux is preventing console-kit-dae(/usr/sbin/console-kit-daemon) (consolekit_t) "execute" to <Unknown> (polkit_auth_exec_t).
Detailed Description:
SELinux denied access requested by console-kit-dae(/usr/sbin/console-kit-daemon). It is not expected that this access is required by console-kit-dae(/usr/sbin/console-kit-daemon) and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Allowing Access:
Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for <Unknown>,
restorecon -v <Unknown>
If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
Additional Information:
Source Context system_u:system_r:consolekit_t Target Context system_u:object_r:polkit_auth_exec_t Target Objects None [ file ] Source console-kit-dae(/usr/sbin/console-kit-daemon) Port <Unknown> Host localhost.localdomain Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.2.5-20.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.24-9.fc9 #1 SMP Tue Jan 29 18:08:15 EST 2008 i686 i686 Alert Count 1 First Seen Wed 30 Jan 2008 06:58:11 PM CST Last Seen Wed 30 Jan 2008 06:58:11 PM CST Local ID f1411c87-1b39-4d5a-bec3-67e1feb8ec07 Line Numbers
Raw Audit Messages
host=localhost.localdomain type=AVC msg=audit(1201741091.457:30): avc: denied { execute } for pid=2897 comm="console-kit-dae" name="polkit-read-auth-helper" dev=dm-0 ino=116712 scontext=system_u:system_r:consolekit_t:s0 tcontext=system_u:object_r:polkit_auth_exec_t:s0 tclass=file
host=localhost.localdomain type=SYSCALL msg=audit(1201741091.457:30): arch=40000003 syscall=11 success=no exit=-13 a0=77097c a1=bff98da0 a2=bff9962c a3=0 items=0 ppid=2264 pid=2897 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="console-kit-dae" exe="/usr/sbin/console-kit-daemon" subj=system_u:system_r:consolekit_t:s0 key=(null)
____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Antonio Olivares wrote:
Unknown,
what is happening with console-kit-daemon?
Summary:
SELinux is preventing console-kit-dae(/usr/sbin/console-kit-daemon) (consolekit_t) "execute" to <Unknown> (polkit_auth_exec_t).
Detailed Description:
SELinux denied access requested by console-kit-dae(/usr/sbin/console-kit-daemon). It is not expected that this access is required by console-kit-dae(/usr/sbin/console-kit-daemon) and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Allowing Access:
Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for <Unknown>,
restorecon -v <Unknown>
If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
Additional Information:
Source Context system_u:system_r:consolekit_t Target Context system_u:object_r:polkit_auth_exec_t Target Objects None [ file ] Source console-kit-dae(/usr/sbin/console-kit-daemon) Port <Unknown> Host localhost.localdomain Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.2.5-20.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.24-9.fc9 #1 SMP Tue Jan 29 18:08:15 EST 2008 i686 i686 Alert Count 1 First Seen Wed 30 Jan 2008 06:58:11 PM CST Last Seen Wed 30 Jan 2008 06:58:11 PM CST Local ID f1411c87-1b39-4d5a-bec3-67e1feb8ec07 Line Numbers
Raw Audit Messages
host=localhost.localdomain type=AVC msg=audit(1201741091.457:30): avc: denied { execute } for pid=2897 comm="console-kit-dae" name="polkit-read-auth-helper" dev=dm-0 ino=116712 scontext=system_u:system_r:consolekit_t:s0 tcontext=system_u:object_r:polkit_auth_exec_t:s0 tclass=file
host=localhost.localdomain type=SYSCALL msg=audit(1201741091.457:30): arch=40000003 syscall=11 success=no exit=-13 a0=77097c a1=bff98da0 a2=bff9962c a3=0 items=0 ppid=2264 pid=2897 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="console-kit-dae" exe="/usr/sbin/console-kit-daemon" subj=system_u:system_r:consolekit_t:s0 key=(null)
____________________________________________________________________________________
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Should be fixed by todays policy.
On Wed, 30 Jan 2008 17:04:02 -0800, Antonio Olivares scripst:
Unknown,
what is happening with console-kit-daemon?
This list should really not be used as a replacement for bugzilla. I have searched for this bug in bugzilla, and when I have not found any, I filed a new one -- https://bugzilla.redhat.com/show_bug.cgi?id=431527
Please, keep the stuff in bugzilla.
Matěj