Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 157185 Details for
Bug 244503
Default SELinux policy completely breaks/crashes brasero
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
brasero SELinux denials
selinux_alert.txt (text/plain), 223.39 KB, created by
vfiend
on 2007-06-16 09:49:59 UTC
(
hide
)
Description:
brasero SELinux denials
Filename:
MIME Type:
Creator:
vfiend
Created:
2007-06-16 09:49:59 UTC
Size:
223.39 KB
patch
obsolete
>Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to mem > (mono_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for mem, restorecon -v mem If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context user_u:system_r:mono_t >Target Objects mem [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 3 >First Seen Sat 16 Jun 2007 02:42:50 AM PDT >Last Seen Sat 16 Jun 2007 02:42:50 AM PDT >Local ID 0317944f-4bbe-4e8b-9ed6-5c972c6ac4b5 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="mem" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=user_u:system_r:mono_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to oom_adj > (mono_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for oom_adj, restorecon -v oom_adj > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context user_u:system_r:mono_t >Target Objects oom_adj [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 3 >First Seen Sat 16 Jun 2007 02:42:50 AM PDT >Last Seen Sat 16 Jun 2007 02:42:50 AM PDT >Local ID f6a10d12-d989-4891-8020-e40b7180b1f3 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="oom_adj" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=user_u:system_r:mono_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to loginuid > (mono_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for loginuid, restorecon -v loginuid > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context user_u:system_r:mono_t >Target Objects loginuid [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 3 >First Seen Sat 16 Jun 2007 02:42:50 AM PDT >Last Seen Sat 16 Jun 2007 02:42:50 AM PDT >Local ID 6e28006d-ea7c-42dd-b108-a1da5d0936e1 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="loginuid" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=user_u:system_r:mono_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (mono_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context user_u:system_r:mono_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 874d87f4-43a1-4605-8ae7-c075e799a4c8 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=user_u:system_r:mono_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (mono_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context user_u:system_r:mono_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 28f22ece-3e7c-4b96-8efa-12e536c1f4f3 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=user_u:system_r:mono_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (mono_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context user_u:system_r:mono_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 9aa61cc9-4f3e-49a4-9e3b-7b3d629a54e8 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=user_u:system_r:mono_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (mono_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context user_u:system_r:mono_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 9d5b0f9b-f820-401f-b4e3-11ced5f4ba04 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=user_u:system_r:mono_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (mono_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context user_u:system_r:mono_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID b28f846b-8b95-41b4-a37d-767ccbfbaae9 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=user_u:system_r:mono_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (xdm_xserver_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_xserver_t:SystemLow- > SystemHigh >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 8fce3518-5f9f-45cc-9290-1d52dc4e7ed8 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (xdm_xserver_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_xserver_t:SystemLow- > SystemHigh >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 86d74e20-9376-4df2-8963-633ab8ca6ed8 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (xdm_xserver_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_xserver_t:SystemLow- > SystemHigh >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 9a118d88-8284-4414-be5a-a16748a93f78 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (xdm_xserver_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_xserver_t:SystemLow- > SystemHigh >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 0fa151ca-4b48-43f9-97c8-59f4b95f27d8 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (xdm_xserver_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_xserver_t:SystemLow- > SystemHigh >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID b540a7f9-4364-497d-9b77-2327f231ad97 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (xdm_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_t:SystemLow-SystemHigh >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 3 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID f0cd0ac3-4370-4871-a54d-5cf1708d2781 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (xdm_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_t:SystemLow-SystemHigh >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 3 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 9da5980e-3019-433e-8827-44ec3ab85d4a >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (xdm_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_t:SystemLow-SystemHigh >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 3 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID fafeab41-fdda-497e-bb4d-ec06ffe82a57 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (xdm_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_t:SystemLow-SystemHigh >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID a308ff82-749f-4a2a-ba0b-145ae1c9bb6e >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (xdm_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xdm_t:SystemLow-SystemHigh >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 87a0d50e-629e-4bcc-a6f1-ee81737d8f33 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (dhcpc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:dhcpc_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID c762c8e5-a9ef-4e32-953a-59e599dc8b73 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:dhcpc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (dhcpc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:dhcpc_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID ad70fad5-40b0-4816-97a5-ea0379871b9d >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:dhcpc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (dhcpc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:dhcpc_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID a21112e1-38f7-44e3-bbfe-de4955dd7f39 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:dhcpc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (dhcpc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:dhcpc_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID bba4bd5e-e781-4f93-8423-80f0c999a0f1 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:dhcpc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (dhcpc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:dhcpc_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID f7055349-566f-4873-8379-f5a10c6bd19e >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:dhcpc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (getty_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:getty_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 6 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID f5115ee5-92d1-4f5b-9f67-5e1e661dd1b2 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:getty_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (getty_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:getty_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 6 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID cc8b00f4-fd6c-4989-ba9b-cd9350d17e36 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:getty_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (getty_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:getty_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 6 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID de8f8e60-f04e-432c-9794-1fc43681e2aa >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:getty_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (getty_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:getty_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 6 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID ce8e0ec5-ae14-41eb-bf59-ad41b7092999 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:getty_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (getty_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:getty_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 6 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID bf43117e-7f00-4a9a-a902-efb59a4b6f69 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:getty_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (fsdaemon_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:fsdaemon_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 3b5342b8-4ba8-4e0a-af33-3b358ebb5439 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:fsdaemon_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (fsdaemon_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:fsdaemon_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 245dd717-4508-4f56-a225-b1a0f2a62ea4 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:fsdaemon_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (fsdaemon_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:fsdaemon_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 7d4b90cd-c3f1-4efc-b79d-0d0847c83b97 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:fsdaemon_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (fsdaemon_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:fsdaemon_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID dd860406-b167-480c-9dd3-c9c1215f9c23 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:fsdaemon_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (fsdaemon_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:fsdaemon_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID ee1a8871-9b1c-46a8-86d0-6060b702bf13 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:fsdaemon_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (initrc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:initrc_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID b82eedc7-9255-4c5b-a926-c3d03b917abe >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:initrc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (initrc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:initrc_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 2d29bd81-db07-486f-a7b0-c6300fe3377a >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:initrc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (initrc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:initrc_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 015d49f1-e697-46fa-8d54-484c4a4fc23e >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:initrc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (initrc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:initrc_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 08c44482-cd13-4f5d-a786-865b38fee91e >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:initrc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (initrc_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:initrc_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 31b9cde6-211c-4862-ba45-773026ebecf5 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:initrc_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (NetworkManager_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:NetworkManager_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 19da7f0b-8a54-4564-a02a-41a491919050 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:NetworkManager_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (NetworkManager_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:NetworkManager_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 820b2184-605c-4973-835a-392182235fdd >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:NetworkManager_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (NetworkManager_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:NetworkManager_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 460cc9e2-eaac-4c8d-a839-23044343cfeb >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:NetworkManager_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (NetworkManager_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:NetworkManager_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID d12eff50-4dc2-4491-982c-39f344067ea1 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:NetworkManager_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (NetworkManager_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:NetworkManager_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID a6351000-481d-4beb-8871-94b58e3933bb >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:NetworkManager_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (hald_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:hald_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 688595ff-a225-4b18-a766-d5d7dec5ae96 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:hald_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (hald_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:hald_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 3e50be2d-2be9-45b7-99ff-e3133a3e33dc >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:hald_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (hald_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:hald_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 4b671d5f-60d8-4f11-b283-37d4de4d486c >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:hald_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (hald_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:hald_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 45cc7828-305e-4b7d-a6d6-54bf728c97fe >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:hald_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing brasero (unconfined_t) "write" to sockcreate (hald_t). > >Detailed Description > SELinux denied access requested by brasero. It is not expected that this > access is required by brasero and this access may signal an intrusion > attempt. It is also possible that the specific version or configuration of > the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:hald_t >Target Objects sockcreate [ file ] >Affected RPM Packages >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 4a7e3b31-f1f6-4bcf-8d64-0f6230879b1b >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc name="sockcreate" pid=3829 >scontext=user_u:system_r:unconfined_t:s0 tclass=file >tcontext=system_u:system_r:hald_t:s0 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t:SystemLow-SystemHigh >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID ee9be8bd-39f2-4e7e-8daa-1b7713c8da64 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t:SystemLow-SystemHigh >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 79cf8758-5e1e-400e-b05d-098221bcf45e >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t:SystemLow-SystemHigh >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 06038180-91ed-42cc-b63c-a43f0b04420d >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t:SystemLow-SystemHigh >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID ae7c9e22-d734-4c03-8f62-fbcde402a8f1 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t:SystemLow-SystemHigh >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID b22679b7-7bea-4619-b690-3c09df76c3ed >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 961041a1-fd6e-4130-8ed1-c1362404a887 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID f3e90335-d35a-4b12-8c0c-b6f602022c88 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 513d91ec-a237-4f76-bdd4-691634c02656 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 9c32875c-53c7-4bcf-81e7-1220b2d61a60 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (crond_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:crond_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 27d625b1-4b94-4d81-9796-43bd26788bd5 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:crond_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (xfs_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xfs_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 0fb1328b-35c7-483c-aba9-c43cb208e7fd >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xfs_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (xfs_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xfs_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 33b03127-4724-4bac-a290-e4e679171472 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xfs_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (xfs_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xfs_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 336eb0c1-28b3-42d2-9e8b-dbcb1c291ee9 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xfs_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (xfs_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xfs_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 6ed14da9-e80b-41ca-b83c-d4bb81ac2d91 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xfs_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (xfs_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:xfs_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 6536a680-a82f-4745-b5db-9b7f1cf75e1c >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:xfs_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (consolekit_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:consolekit_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID c5bff3e1-d9c0-471b-8752-b610c75f5291 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:consolekit_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (consolekit_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:consolekit_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 890282b1-3f45-468e-aa9d-75d006595bd9 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:consolekit_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (consolekit_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:consolekit_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID b0d59116-ae0a-44d0-bb37-0308be41d8f2 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:consolekit_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (consolekit_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:consolekit_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID ed98a3ca-688f-488a-95c0-f269c1146f6d >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:consolekit_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (consolekit_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:consolekit_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 515841c0-b291-4087-9d47-fcd289dfe702 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:consolekit_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (sendmail_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sendmail_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID b981b043-5f54-4462-8699-82c82d6dbd91 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sendmail_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (sendmail_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sendmail_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID a38259f0-53c1-4144-a129-a88a7fe90ee9 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sendmail_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (sendmail_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sendmail_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID d38b70d9-62c4-445c-9708-897bd66dbdfc >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sendmail_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (sendmail_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sendmail_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID baf6aea6-f925-4726-852b-513eff46519f >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sendmail_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (sendmail_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sendmail_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 2 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 9595a854-86a0-494f-b8de-fe68ccde5060 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sendmail_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (ntpd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:ntpd_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID a537a0b7-5358-4ebe-8ca5-f18bc3841db5 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:ntpd_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (ntpd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:ntpd_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 5afa15c8-d94c-4661-a50e-32af5b05b109 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:ntpd_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (ntpd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:ntpd_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID a04dae68-52df-4f23-b7ec-edd81dc6c603 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:ntpd_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (ntpd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:ntpd_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID b105a793-a515-4844-b05d-3b7280573110 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:ntpd_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (ntpd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:ntpd_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:56 AM PDT >Last Seen Sat 16 Jun 2007 02:42:56 AM PDT >Local ID 6786ff91-c9e6-4090-867e-c4445c4296c6 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:ntpd_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (sshd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sshd_t:SystemLow-SystemHigh >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 52f0ed0f-a07d-4a96-8523-8a7c3cc8d414 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (sshd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sshd_t:SystemLow-SystemHigh >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 007e9283-f5e1-4410-a651-4ba2c99e108c >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (sshd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sshd_t:SystemLow-SystemHigh >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID ab163e45-c613-46ae-9064-0e4076103885 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (sshd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sshd_t:SystemLow-SystemHigh >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 5a3e71bc-49c2-44dc-8ab1-61bf21f3331b >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (sshd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:sshd_t:SystemLow-SystemHigh >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 238fa5ed-5a01-40b5-973b-6543b038c9e9 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (cupsd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:cupsd_t:SystemLow-SystemHigh >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 1594dff6-ee30-4af2-8438-aa0aa112f2db >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (cupsd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:cupsd_t:SystemLow-SystemHigh >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 4c417d08-9356-42a1-9507-143d169aab14 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (cupsd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:cupsd_t:SystemLow-SystemHigh >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID da75dbaa-9077-4b40-85d4-6a5dc902e49d >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (cupsd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:cupsd_t:SystemLow-SystemHigh >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID dc54297a-020c-4629-b50f-30014b8800fc >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (pcscd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:pcscd_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID bf2a6e7b-d3ab-411a-86bb-51492cfc0097 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:pcscd_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (pcscd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:pcscd_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 4b975518-1d32-4804-a7f4-14723e04b4a3 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:pcscd_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (pcscd_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:pcscd_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID e92eb8ee-97c1-459e-b936-a8a75342fb85 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:pcscd_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to current > (kernel_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for current, restorecon -v current > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:kernel_t >Target Objects current [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 0 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID cfc5b5c0-6ba3-470a-8955-7afa1885cb75 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="current" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:kernel_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (bluetooth_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:bluetooth_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 886aeebb-6bdc-4489-877c-612a44c2a1d8 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:bluetooth_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (bluetooth_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:bluetooth_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 63129063-5bfb-4e64-8c62-e53ee07ed416 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:bluetooth_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to exec > (kernel_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for exec, restorecon -v exec If this > does not work, there is currently no automatic way to allow this access. > Instead, you can generate a local policy module to allow this access - see > http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you can disable > SELinux protection altogether. Disabling SELinux protection is not > recommended. Please file a http://bugzilla.redhat.com/bugzilla/enter_bug.cgi > against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:kernel_t >Target Objects exec [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 78ae15a8-eca0-4407-ae52-314e9d1c355b >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 name="exec" >pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:kernel_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to fscreate > (kernel_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for fscreate, restorecon -v fscreate > If this does not work, there is currently no automatic way to allow this > access. Instead, you can generate a local policy module to allow this > access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 Or you > can disable SELinux protection altogether. Disabling SELinux protection is > not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:kernel_t >Target Objects fscreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 43337144-c049-4b06-9bf5-fd4885c4107f >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="fscreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:kernel_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to keycreate > (kernel_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for keycreate, restorecon -v > keycreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:kernel_t >Target Objects keycreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID fda95c0f-8541-48b7-a39a-52e33c9234c7 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="keycreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:kernel_t:s0 tty=(none) uid=500 > > >Summary > SELinux is preventing /usr/bin/brasero (unconfined_t) "write" to sockcreate > (kernel_t). > >Detailed Description > SELinux denied access requested by /usr/bin/brasero. It is not expected that > this access is required by /usr/bin/brasero and this access may signal an > intrusion attempt. It is also possible that the specific version or > configuration of the application is causing it to require additional access. > >Allowing Access > Sometimes labeling problems can cause SELinux denials. You could try to > restore the default system file context for sockcreate, restorecon -v > sockcreate If this does not work, there is currently no automatic way to > allow this access. Instead, you can generate a local policy module to allow > this access - see http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385 > Or you can disable SELinux protection altogether. Disabling SELinux > protection is not recommended. Please file a > http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package. > >Additional Information > >Source Context user_u:system_r:unconfined_t >Target Context system_u:system_r:kernel_t >Target Objects sockcreate [ file ] >Affected RPM Packages brasero-0.5.2-1.fc7 [application] >Policy RPM selinux-policy-2.6.4-14.fc7 >Selinux Enabled True >Policy Type targeted >MLS Enabled True >Enforcing Mode Enforcing >Plugin Name plugins.catchall_file >Host Name monolith >Platform Linux monolith 2.6.21-1.3228.fc7 #1 SMP Tue Jun 12 > 14:56:37 EDT 2007 x86_64 x86_64 >Alert Count 1 >First Seen Sat 16 Jun 2007 02:42:57 AM PDT >Last Seen Sat 16 Jun 2007 02:42:57 AM PDT >Local ID 78663f29-c572-408b-aeac-c26d064d9c11 >Line Numbers > >Raw Audit Messages > >avc: denied { write } for comm="brasero" dev=proc egid=500 euid=500 >exe="/usr/bin/brasero" exit=-13 fsgid=500 fsuid=500 gid=500 items=0 >name="sockcreate" pid=3829 scontext=user_u:system_r:unconfined_t:s0 sgid=500 >subj=user_u:system_r:unconfined_t:s0 suid=500 tclass=file >tcontext=system_u:system_r:kernel_t:s0 tty=(none) uid=500 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=157185">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 244503
: 157185 |
157339