AVC:s on xauth file when doing su
Göran Uddeborg
goeran at uddeborg.se
Sun Jan 3 21:00:08 UTC 2010
Dominick Grift:
> That is odd, these commands do return stuff on my f12 system(s)
Odd indeed. Are we on the same policy? I have 3.6.32-63.fc12.
If you wish to compare, I've placed the output of "sesearch --allow -t
xauth_exec_t" in ftp://ftp.uddeborg.se/pub/sesearch
> Looks like polkit runs in the wrong SELinux environment
I ran restorecon on polkitd, and its type was indeed changed. I
restarted it, and it looks better now.
mimmi$ ps -ZC polkitd
LABEL PID TTY TIME CMD
system_u:system_r:policykit_t:SystemLow-SystemHigh 723 ? 00:00:00 polkitd
> (i would suggest a file system relabel just for peace of mind)
Probably a good idea. First, I'm running a "fixfiles check" on
everything now, to see if I can find anything that would explain the
behaviour. So far it has only found pretty unimportant things, like
files under ~/.gconf that had user_home_t rather than gconf_home_t.
More information about the fedora-selinux-list
mailing list