Kernel error avc F13
On Tue, Jun 15, 2010 at 09:38:47AM +0100, Frank Murphy wrote:
> from logwatch > > --------------------- Kernel Begin ------------------------ > > > WARNING: Kernel Errors Present > type=1400 audit(1276553951.414:525): avc: denied { read append } > for pid=2526 comm="polkit-agent-he" path="/home/user/.xsession-errors" > dev=dm-7 ino=2 ...: 1 Time(s) > > ---------------------- Kernel End ------------------------- alright well since i do not have sufficient information here is what i suspect may be required: mkdir ~/mypolkit; cd ~/mypolkit; echo "policy_module(mypolkit, 1.0.0)" > mypolkit.te; echo "require { type policykit_auth_t; }" >> mypolkit.te; echo "xserver_append_xdm_home_files(policykit_auth_ t)" >> mypolkit.te; make -f /usr/share/selinux/devel/Makefile mypolkit.pp sudo semodule -i mypolkit.pp But again: I am not sure if this is what is actually needed. I need to see the full AVC denial instead of only part of an AVC denial to be able to properly determine what is required. > > > selinux-policy-3.7.19-28.fc13.noarch (from koji) > kernel-PAE-2.6.33.5-128.fc13.i686 (from Koji) > > -- > Regards, > > Frank Murphy > UTF_8 Encoded > Friend of Fedora > -- > selinux mailing list > selinux@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/selinux -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
Kernel error avc F13
On 15/06/10 10:14, Dominick Grift wrote:
> > But again: I am not sure if this is what is actually needed. I need to see the full AVC denial instead of only part of an AVC denial to be able to properly determine what is required. > Unfortunatly no sealerts are jumping up. I will put up an fpaste of audit.log though it seems to be quite big. -- Regards, Frank Murphy UTF_8 Encoded Friend of Fedora -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
Kernel error avc F13
On 15/06/10 09:44, Dominick Grift wrote:
> > The AVC denials have information that is required to determine what happend. > http://pastebin.com/96zrq1Ze -- Regards, Frank Murphy UTF_8 Encoded Friend of Fedora -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
Kernel error avc F13
On Tue, Jun 15, 2010 at 10:54:23AM +0100, Frank Murphy wrote:
> On 15/06/10 09:44, Dominick Grift wrote: > > > > > The AVC denials have information that is required to determine what happend. > > > > http://pastebin.com/96zrq1Ze unfortunately i cannot find the corresponding AVC denial in the pastebin above. > > -- > Regards, > > Frank Murphy > UTF_8 Encoded > Friend of Fedora > -- > selinux mailing list > selinux@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/selinux -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
Kernel error avc F13
On 06/15/2010 11:54 AM, Frank Murphy wrote:
> On 15/06/10 09:44, Dominick Grift wrote: > > >> The AVC denials have information that is required to determine what happend. >> >> > http://pastebin.com/96zrq1Ze > > Frank, run # restorecon -R -v /home Should fix. Other issues, which are caused by hal leaking file desciptors, will fix in selinux-policy-3.7.19-29.fc13. -- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux |
| All times are GMT. The time now is 05:14 PM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.