Unable to mount ntfs partition with normal user F9 (selinux)

Louis E Garcia II louisg00 at bellsouth.net
Wed Jun 11 22:34:32 UTC 2008


With F9 a normal user can't mount an ntfs partition. Mounting the
partition with nautilus I'm asked for root password, after entering
nothing is mounted. I receive this message. As root I'm able to mount
just fine.

Summary:

SELinux is preventing polkit-resolve- (polkit_resolve_t) "ptrace" to
<Unknown>
(unconfined_t).

Detailed Description:

SELinux denied access requested by polkit-resolve-. It is not expected
that this
access is required by polkit-resolve- and this access may signal an
intrusion
attempt. It is also possible that the specific version or configuration
of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can
disable
SELinux protection altogether. Disabling SELinux protection is not
recommended.
Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:polkit_resolve_t:s0
Target Context
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
                              023
Target Objects                None [ process ]
Source                        polkit-resolve-
Source Path                   /usr/libexec/polkit-resolve-exe-helper
Port                          <Unknown>
Host                          sonlaptop
Source RPM Packages           PolicyKit-0.8-2.fc9
Target RPM Packages           
Policy RPM                    selinux-policy-3.3.1-62.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     sonlaptop
Platform                      Linux sonlaptop 2.6.25.6-55.fc9.i686 #1
SMP Tue
                              Jun 10 16:27:49 EDT 2008 i686 i686
Alert Count                   2
First Seen                    Tue 10 Jun 2008 11:14:02 AM EDT
Last Seen                     Wed 11 Jun 2008 06:05:54 PM EDT
Local ID                      85afa3aa-3d4c-4d49-bf50-5b1314f46feb
Line Numbers                  

Raw Audit Messages            

host=sonlaptop type=AVC msg=audit(1213221954.155:47): avc:  denied
{ ptrace } for  pid=17893 comm="polkit-resolve-"
scontext=system_u:system_r:polkit_resolve_t:s0
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=process

host=sonlaptop type=SYSCALL msg=audit(1213221954.155:47): arch=40000003
syscall=85 success=no exit=-13 a0=bf936dc8 a1=bf936e24 a2=fff
a3=bf936dc8 items=0 ppid=2159 pid=17893 auid=4294967295 uid=0 gid=68
euid=0 suid=0 fsuid=0 egid=68 sgid=68 fsgid=68 tty=(none) ses=4294967295
comm="polkit-resolve-" exe="/usr/libexec/polkit-resolve-exe-helper"
subj=system_u:system_r:polkit_resolve_t:s0 key=(null)







More information about the fedora-list mailing list