Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora SELinux Support (http://www.linux-archive.org/fedora-selinux-support/)
-   -   Kernel error avc F13 (http://www.linux-archive.org/fedora-selinux-support/386008-kernel-error-avc-f13.html)

Frank Murphy 06-15-2010 08:38 AM

Kernel error avc F13
 
from logwatch

--------------------- Kernel Begin ------------------------


WARNING: Kernel Errors Present
type=1400 audit(1276553951.414:525): avc: denied { read append }
for pid=2526 comm="polkit-agent-he" path="/home/user/.xsession-errors"
dev=dm-7 ino=2 ...: 1 Time(s)

---------------------- Kernel End -------------------------


selinux-policy-3.7.19-28.fc13.noarch (from koji)
kernel-PAE-2.6.33.5-128.fc13.i686 (from Koji)

--
Regards,

Frank Murphy
UTF_8 Encoded
Friend of Fedora
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Dominick Grift 06-15-2010 08:44 AM

Kernel error avc F13
 
On Tue, Jun 15, 2010 at 09:38:47AM +0100, Frank Murphy wrote:
> from logwatch
>
> --------------------- Kernel Begin ------------------------
>
>
> WARNING: Kernel Errors Present
> type=1400 audit(1276553951.414:525): avc: denied { read append }
> for pid=2526 comm="polkit-agent-he" path="/home/user/.xsession-errors"
> dev=dm-7 ino=2 ...: 1 Time(s)

That is not enough information. You may be able to retrieve the complete avc denial with the following command:

ausearch -m avc -ts yesterday | grep polkit | grep xsession

The AVC denials have information that is required to determine what happend.

>
> ---------------------- Kernel End -------------------------
>
>
> selinux-policy-3.7.19-28.fc13.noarch (from koji)
> kernel-PAE-2.6.33.5-128.fc13.i686 (from Koji)
>
> --
> Regards,
>
> Frank Murphy
> UTF_8 Encoded
> Friend of Fedora
> --
> selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Frank Murphy 06-15-2010 08:46 AM

Kernel error avc F13
 
On 15/06/10 09:44, Dominick Grift wrote:
> ausearch -m avc -ts yesterday | grep polkit | grep xsession

# ausearch -m avc -ts yesterday | grep polkit | grep xsession
<no matches>


--
Regards,

Frank Murphy
UTF_8 Encoded
Friend of Fedora
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Frank Murphy 06-15-2010 08:49 AM

Kernel error avc F13
 
On 15/06/10 09:46, Frank Murphy wrote:
> On 15/06/10 09:44, Dominick Grift wrote:
>> ausearch -m avc -ts yesterday | grep polkit | grep xsession
>
> # ausearch -m avc -ts yesterday | grep polkit | grep xsession
> <no matches>
>
>

Opening up the xsession file:

(polkit-gnome-authentication-agent-1:2099): GLib-GObject-WARNING **:
cannot register existing type `_PolkitError'

(polkit-gnome-authentication-agent-1:2099): GLib-CRITICAL **:
g_once_init_leave: assertion `initialization_value != 0' failed
GNOME_KEYRING_CONTROL=/tmp/keyring-fIyflf
SSH_AUTH_SOCK=/tmp/keyring-fIyflf/ssh


--
Regards,

Frank Murphy
UTF_8 Encoded
Friend of Fedora
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux


All times are GMT. The time now is 05:24 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.