141079 – Annoying messages for kde app launch under SELinux

Bug 141079 - Annoying messages for kde app launch under SELinux

Summary: Annoying messages for kde app launch under SELinux

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-strict
Sub Component:
Version:	3
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-11-29 03:37 UTC by Randy Heineke
Modified:	2007-11-30 22:10 UTC (History)
CC List:	1 user (show)
Fixed In Version:	1.19.14-5
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-09-05 07:16:16 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Randy Heineke 2004-11-29 03:37:47 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
Launching a kde application on the gnome desktop with strict SELinux
policy generates an annoying messages complaining about DCOPserver not
running that must be clicked before application launches.
/var/log/messages clues:
Nov 28 17:36:51 localhost kernel: audit(1101685011.366:0): avc: 
denied  { getattr } for  pid=3395 exe=/usr/bin/kpat path=/usr/bin
dev=hda8 ino=12583051 scontext=user_u:user_r:user_games_t
tcontext=system_u:object_r:bin_t tclass=dir
Nov 28 17:36:51 localhost kernel: audit(1101685011.367:0): avc: 
denied  { getattr } for  pid=3395 exe=/usr/bin/kpat path=/usr/bin
dev=hda8 ino=12583051 scontext=user_u:user_r:user_games_t
tcontext=system_u:object_r:bin_t tclass=dir
Nov 28 17:36:52 localhost kernel: audit(1101685012.370:0): avc: 
denied  { getattr } for  pid=3400 exe=/usr/bin/kdeinit
path=/tmp/.ICE-unix dev=hda9 ino=131200
scontext=user_u:user_r:user_games_t
tcontext=system_u:object_r:xdm_xserver_tmp_t tclass=dir

I can issue the dcopserver command on the CLI.  When the dcopserver is
running the annoying popup messages windows stop popping up.




Version-Release number of selected component (if applicable):
selinux-policy-strict-1.17.30-2

How reproducible:
Always

Steps to Reproduce:
1.In gnome desktop select games>patience from the launcher
2.
3.
    

Actual Results:  A DCOP communications error (Patience) window pops
up. It has a redcircle witha a white x icon and the following text:
There was an error setting up inter-process communications for KDE.
The message returned by the system was:
Could not read network connection list.
/home/foouser/.DCOPserver_dhcppc1_0

Please check that the "dcopserver" program is running!


Expected Results:  The game whould launch.

Additional info:

The problem was found in testing of my first installation of SELinux
on a system that was newly updated from FC2 to FC3.  I call it a minor
a Low severity, however I have not idea if there is the first
indication of a more serious or pervasive problem.  It could also be
that I have some old/external package with messed up dependencies on
my system.

Comment 1 Daniel Walsh 2004-11-30 16:57:20 UTC

Fixed in policy-1.19.7-1, 

Please use the strict policy from rawhide for FC3, the strict policy
has not been maintained in updates as this is experimental.

I will try to update it.

Comment 2 Randy Heineke 2004-12-09 03:02:17 UTC

The problem occurs with selinux-policy-strict-1.19.10-2.  Is this
advice to revert to an older version found in rawhide?

Comment 3 Daniel Walsh 2004-12-09 14:57:45 UTC

You shouldn't be seeing these in 1.19.10.  But I would grab the one in
Rawhide.

Dan

Comment 4 Randy Heineke 2005-01-09 19:54:29 UTC

The problem has gone away now that I a using 
selinux-policy-targeted-1.19.14-5

Note You need to log in before you can comment on or make changes to this bug.