dbus error message

[srinivasa]

Steve G wrote:

>>I feel is,if these messages are due to CAP_AUDIT_WRITE capability problem
>>then,adding this line to policy would have fixed the problem but that was not
>>happening.
>>
>>allow initrc_t self:capability { audit_write audit_control };
>>    
>>
>
>There are 2 ways that the syscall can fail, MAC checks and DAC checks. The above
>line may help MAC checks, but does nothing for the DAC check. I have a patch in
>rawhide that is being tested so that when dbus changes from root to the dbus
>user, it retains that capability. When I'm satisfied that I haven't introduced a
>new bug with that patch, I'll port it to dbus in RHEL4 - maybe U4.
>
>  
>
Thank you Steve for your reply.
I heard that you already have the patch for Fedora which causes the dbus to
 retain capabality after changing from root to dbus user.
Can you please give that patch or send the link containing the patch so 
that I will test it on my Fedora machine.

>>>does it fill the logs with it? If you just get a couple, all is well.
>>>      
>>>
>>These meesages sometimes fills log,and appears on execution of
>>setenforce,make load and some selinux command.
>>    
>>
>
>There was an updated targeted policy released after U2 that should alleviate any
>MAC check problems. The DAC check problem shouldn't fill your logs.
>
>-Steve
>
>__________________________________________________
>Do You Yahoo!?
>Tired of spam?  Yahoo! Mail has the best spam protection around 
>http://mail.yahoo.com 
>
>  
>