SELinux is preventing gconf-defaults- (gconfdefaultsm_t) "read" security_t.

Robert Nichols rnicholsNOSPAM at comcast.net
Fri Jul 10 21:28:33 UTC 2009 

When trying to set a new default for Power Management Preferences:

Detailed Description:

SELinux denied access requested by gconf-defaults-. It is not expected 
that this
access is required by gconf-defaults- and this access may signal an
intrusion
attempt. It is also possible that the specific version or configuration
of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can
disable
SELinux protection altogether. Disabling SELinux protection is not
recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context
system_u:system_r:gconfdefaultsm_t:s0-s0:c0.c1023
Target Context                system_u:object_r:security_t:s0
Target Objects                mls [ file ]
Source                        gconf-defaults-
Source Path                   /usr/libexec/gconf-defaults-mechanism
Port                          <Unknown>
Host                          omega-3p.local
Source RPM Packages           GConf2-2.26.2-1.fc11
Target RPM Packages
Policy RPM                    selinux-policy-3.6.12-53.fc11
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     omega-3p.local
Platform                      Linux omega-3p.local
2.6.29.5-191.fc11.i586 #1 SMP
                               Tue Jun 16 23:11:39 EDT 2009 i686 i686
Alert Count                   2
First Seen                    Fri 10 Jul 2009 04:20:11 PM CDT
Last Seen                     Fri 10 Jul 2009 04:20:11 PM CDT
Local ID                      de1d32d5-dded-47ec-9eb5-9dc8167a8685
Line Numbers

Raw Audit Messages

node=omega-3p.local type=AVC msg=audit(1247260811.959:37): avc:  denied
  { read } for  pid=3541 comm="gconf-defaults-" name="mls" dev=selinuxfs
ino=12 scontext=system_u:system_r:gconfdefaultsm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=file

node=omega-3p.local type=AVC msg=audit(1247260811.959:37): avc:  denied
  { open } for  pid=3541 comm="gconf-defaults-" name="mls" dev=selinuxfs
ino=12 scontext=system_u:system_r:gconfdefaultsm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:security_t:s0 tclass=file

node=omega-3p.local type=SYSCALL msg=audit(1247260811.959:37):
arch=40000003 syscall=5 success=yes exit=3 a0=bfd414e8 a1=8000 a2=0
a3=bfd414e8 items=0 ppid=3540 pid=3541 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295
comm="gconf-defaults-" exe="/usr/libexec/gconf-defaults-mechanism"
subj=system_u:system_r:gconfdefaultsm_t:s0-s0:c0.c1023 key=(null)

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.

More information about the fedora-selinux-list mailing list