Error sending status request (Operation not permitted)

Bruce Ecroyd bruce.ecroyd at gmail.com
Thu Jan 26 03:51:01 UTC 2006 

I recently switched from FC4 targeted (enforcing) to strict (permissive)
using selinux-policy-strict-1.27.1-2.16.noarch.rpm.
I did a touch /.autorelabel before rebooting.

I see this:
[bruce at BorgCube ~]$ su -
Password:
Error sending status request (Operation not permitted)
[root at BorgCube ~]#

The last part of the /var/log/audit/audit.log shows:
type=SYSCALL msg=audit(1138247001.111:13162965): arch=40000003 syscall=5
success=yes exit=3 a0=866125b a1=c2 a2=180 a3=3a8083 items=1 pid=8250
auid=4294967295 uid=501 gid=100 euid=0 suid=0 fsuid=0 egid=100 sgid=100
fsgid=100 comm="su" exe="/bin/su"
type=AVC msg=audit(1138247001.111:13162965): avc:  denied  { create } for
pid=8250 comm="su" name=.xauthVpNVFy scontext=user_u:user_r:user_t
tcontext=user_u:object_r:sysadm_home_dir_t tclass=file
type=AVC msg=audit(1138247001.111:13162965): avc:  denied  { add_name } for
pid=8250 comm="su" name=.xauthVpNVFy scontext=user_u:user_r:user_t
tcontext=root:object_r:sysadm_home_dir_t tclass=dir
type=AVC msg=audit(1138247001.111:13162965): avc:  denied  { write } for
pid=8250 comm="su" name=root dev=dm-0 ino=11392129
scontext=user_u:user_r:user_t tcontext=root:object_r:sysadm_home_dir_t
tclass=dir
type=SYSCALL msg=audit(1138247001.111:13162967): arch=40000003 syscall=207
success=yes exit=0 a0=3 a1=0 a2=0 a3=0 items=0 pid=8250 auid=4294967295
uid=501 gid=100 euid=0 suid=0 fsuid=0 egid=100 sgid=100 fsgid=100 comm="su"
exe="/bin/su"
type=AVC msg=audit(1138247001.111:13162967): avc:  denied  { setattr } for
pid=8250 comm="su" name=.xauthVpNVFy dev=dm-0 ino=11392172
scontext=user_u:user_r:user_t tcontext=user_u:object_r:sysadm_home_dir_t
tclass=file
type=USER msg=audit(1138247001.325:13165423): user pid=8250 uid=501
auid=4294967295 msg='PAM session open: user=root exe=/bin/su (hostname=?,
addr=?, terminal=pts/2 result=Success)'

Any ideas?

If I change to strict, enforcing, will this prevent me from su to root?

Bruce
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20060125/95f93a94/attachment.htm>

More information about the fedora-selinux-list mailing list