Bug 233578 - ConsoleKIt avc denied on boot
Summary: ConsoleKIt avc denied on boot
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-03-23 10:14 UTC by Bart Vanbrabant
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-04-01 12:24:32 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Bart Vanbrabant 2007-03-23 10:14:15 UTC 
Description of problem:
When I boot ConsoleKit generates two avc denied messages.

SELinux is preventing /usr/sbin/console-kit-daemon (consolekit_t) "signal" to
<Unknown> (consolekit_t).
SELinux is preventing /usr/sbin/console-kit-daemon (consolekit_t) "search" to
lib (var_lib_t).

The full messages are (in the same order):
avc: denied { signal } for comm="console-kit-dae" egid=0 euid=0 exe="/usr/sbin
/console-kit-daemon" exit=-13 fsgid=0 fsuid=0 gid=0 items=0 pid=2173
scontext=system_u:system_r:consolekit_t:s0 sgid=0
subj=system_u:system_r:consolekit_t:s0 suid=0 tclass=process
tcontext=system_u:system_r:consolekit_t:s0 tty=(none) uid=0

avc: denied { search } for comm="console-kit-dae" dev=dm-0 egid=0 euid=0
exe="/usr/sbin/console-kit-daemon" exit=-13 fsgid=0 fsuid=0 gid=0 items=0
name="lib" pid=2173 scontext=system_u:system_r:consolekit_t:s0 sgid=0
subj=system_u:system_r:consolekit_t:s0 suid=0 tclass=dir
tcontext=system_u:object_r:var_lib_t:s0 tty=(none) uid=0

Version-Release number of selected component (if applicable):
selinux-policy-2.5.9-2.fc7
selinux-policy-targeted-2.5.9-2.fc7
ConsoleKit-0.2.0-2.fc7
Comment 1 Daniel Walsh 2007-03-23 13:57:58 UTC 
Fixed in selinux-policy-2.5.9-5.fc7
Note You need to log in before you can comment on or make changes to this bug.