Description of problem: Installed FC7 test4 into a clean computer. After logging in SELinux claims about promlems. Version-Release number of selected component (if applicable): selinux-policy-2.6.1-1.fc7 shadow-utils-4.0.18.1-13.fc7 How reproducible: Every login I see this Steps to Reproduce: 1. turn on computer 2. boot FC7 test4 upto runlevel 5 3. login Actual results: SELinux error message pops up Expected results: No suche errors Additional info: BTW, test4 is missing in Bugzilla's version field menu - please fix. Here's what the troubleshooter says: Summary SELinux is preventing /usr/sbin/grpconv (sysadm_passwd_t) "use" to /dev/console (init_t). Detailed Description SELinux denied access requested by /usr/sbin/grpconv. It is not expected that this access is required by /usr/sbin/grpconv and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access You can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package. Additional Information Source Context: system_u:system_r:sysadm_passwd_tTarget Context: system_u:system_r:init_t Target Objects: /dev/console [ fd ] Affected RPM Packages: shadow-utils-4.0.18.1-13.fc7 [application] Policy RPM: selinux-policy-2.6.1-1.fc7 Selinux Enabled: True Policy Type: targeted MLS Enabled: True Enforcing Mode: Enforcing Plugin Name: plugins.catchall Host Name: jt-gw-2 Platform: Linux jt-gw-2 2.6.20-1.3104.fc7 #1 SMP Sat Apr 21 22:02:46 EDT 2007 x86_64 x86_64 Alert Count: 2 First Seen: Fri 27 Apr 2007 07:08:17 PM EEST Last Seen: Fri 27 Apr 2007 07:08:17 PM EEST Local ID: d9d77fde-09b4-4f54-9a8d-56569bbcf37f Line Numbers: Raw Audit Messages : avc: denied { use } for comm="grpconv" dev=tmpfs egid=0 euid=0 exe="/usr/sbin/grpconv" exit=0 fsgid=0 fsuid=0 gid=0 items=0 name="console" path="/dev/console" pid=3050 scontext=system_u:system_r:sysadm_passwd_t:s0 sgid=0 subj=system_u:system_r:sysadm_passwd_t:s0 suid=0 tclass=fd tcontext=system_u:system_r:init_t:s0 tty=(none) uid=0
Fixed in selinux-policy-2.6.1-3.fc7
ALready fixed in rawhide