SELinux is preventing gnome-clock-app (gnomeclock_t) "sys_nice" to <Unknown> (gnomeclock_t).

Antonio Olivares olivares14031 at yahoo.com
Sat Mar 8 19:17:37 UTC 2008 

Dear all, 

system time is behind 5 hours, when booting livecd
time is correct, and windows also, but in Fedora it is
behind 5 hours.  I had ntpd to have time correct, but
somehow it did not correct the time, upon trying to
change date via panel, I was greeted with 


Summary:

SELinux is preventing gnome-clock-app (gnomeclock_t)
"sys_nice" to <Unknown>
(gnomeclock_t).

Detailed Description:

SELinux denied access requested by gnome-clock-app. It
is not expected that this
access is required by gnome-clock-app and this access
may signal an intrusion
attempt. It is also possible that the specific version
or configuration of the
application is causing it to require additional
access.

Allowing Access:

You can generate a local policy module to allow this
access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385)
Or you can disable
SELinux protection altogether. Disabling SELinux
protection is not recommended.
Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context               
system_u:system_r:gnomeclock_t:SystemLow-
                              SystemHigh
Target Context               
system_u:system_r:gnomeclock_t:SystemLow-
                              SystemHigh
Target Objects                None [ capability ]
Source                        gnome-clock-app
Source Path                  
/usr/libexec/gnome-clock-applet-mechanism
Port                          <Unknown>
Host                          localhost
Source RPM Packages          
gnome-panel-2.21.92-5.fc9
Target RPM Packages           
Policy RPM                   
selinux-policy-3.3.1-12.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost
Platform                      Linux localhost
2.6.25-0.95.rc4.fc9 #1 SMP Thu Mar
                              6 01:17:49 EST 2008 i686
athlon
Alert Count                   1
First Seen                    Sat 08 Mar 2008 01:12:37
PM CST
Last Seen                     Sat 08 Mar 2008 01:12:37
PM CST
Local ID                     
d97e2362-cf08-4c53-a387-56e7c332aaf9
Line Numbers                  

Raw Audit Messages            

host=localhost type=AVC msg=audit(1205003557.746:18):
avc:  denied  { sys_nice } for  pid=2839
comm="gnome-clock-app" capability=23
scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023
tcontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023
tclass=capability

host=localhost type=SYSCALL
msg=audit(1205003557.746:18): arch=40000003 syscall=3
success=yes exit=198 a0=9 a1=bf952768 a2=1000 a3=0
items=0 ppid=1 pid=2839 auid=4294967295 uid=0 gid=0
euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none)
ses=4294967295 comm="gnome-clock-app"
exe="/usr/libexec/gnome-clock-applet-mechanism"
subj=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023
key=(null)

Thanks in advance


Regards,

Antonio


      ____________________________________________________________________________________
Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  http://tools.search.yahoo.com/newsearch/category.php?category=shopping

More information about the fedora-test-list mailing list