SELinux is preventing gdm (xdm_t) "execute" to <Unknown> (rpm_exec_t). et ALL
Antonio Olivares
olivares14031 at yahoo.com
Wed Nov 28 16:43:11 UTC 2007
--- Jim Cornette <fct-cornette at insight.rr.com> wrote:
> Antonio Olivares wrote:
> > Dear all,
> >
> > I have been applying the updates and still
> > settroubleshoot pops up and gives the messages:
> >
> >
> > Summary
> > SELinux is preventing gdm (xdm_t) "execute" to
> > <Unknown> (rpm_exec_t).
>
> It appears that this error happens when gdm loads. I
> reported other
> errors regarding SELinux for several problems. Most
> of the errors seem
> to effect the X server or gnome display manager.
>
> I added to you bug ticket my SELinux error.
> It happens even if you relabel SELinux.
>
> I've been booting into runlevel 3 mostly except for
> test. Runlevel 3
> doesn't have all of the SELinux errors. Most are
> only showing up in
> runlevel 3.
>
> --
> fedora-test-list mailing list
> fedora-test-list at redhat.com
> To unsubscribe:
>
https://www.redhat.com/mailman/listinfo/fedora-test-list
>
I get them on level 3 because level 5 does not work.
Still Init Respawn error message. New Selinux policy
packages still give the error in title. See here:
Summary
SELinux is preventing gdm (xdm_t) "execute" to
<Unknown> (rpm_exec_t).
Detailed Description
SELinux denied access requested by gdm. It is not
expected that this access
is required by gdm and this access may signal an
intrusion attempt. It is
also possible that the specific version or
configuration of the application
is causing it to require additional access.
Allowing Access
Sometimes labeling problems can cause SELinux
denials. You could try to
restore the default system file context for
<Unknown>, restorecon -v
<Unknown> If this does not work, there is
currently no automatic way to
allow this access. Instead, you can generate a
local policy module to allow
this access - see
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385
Or you can disable SELinux protection altogether.
Disabling SELinux
protection is not recommended. Please file a
http://bugzilla.redhat.com/bugzilla/enter_bug.cgi
against this package.
Additional Information
Source Context
system_u:system_r:xdm_t:SystemLow-SystemHigh
Target Context
system_u:object_r:rpm_exec_t
Target Objects None [ file ]
Affected RPM Packages
Policy RPM
selinux-policy-3.1.2-1.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name plugins.catchall_file
Host Name localhost
Platform Linux localhost
2.6.24-0.42.rc3.git1.fc9 #1 SMP
Sat Nov 24 05:51:18 EST
2007 i686 athlon
Alert Count 13650
First Seen Sun 11 Nov 2007 09:11:06
AM CST
Last Seen Wed 28 Nov 2007 10:31:42
AM CST
Local ID
f3168196-46ac-4951-ab61-b3b218534bb2
Line Numbers
Raw Audit Messages
avc: denied { execute } for comm=gdm dev=dm-0 name=rpm
pid=13279
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tclass=file
tcontext=system_u:object_r:rpm_exec_t:s0
Regards,
Antonio
____________________________________________________________________________________
Get easy, one-click access to your favorites.
Make Yahoo! your homepage.
http://www.yahoo.com/r/hs
More information about the fedora-test-list
mailing list