Bug 429473 - AVC denial in gnome-settings-(daemon?)
AVC denial in gnome-settings-(daemon?)
Product: Fedora
Classification: Fedora
Component: control-center (Show other bugs)
i386 Linux
low Severity low
: ---
: ---
Assigned To: Control Center Maintainer
Fedora Extras Quality Assurance
: SELinux
Depends On:
  Show dependency treegraph
Reported: 2008-01-20 16:19 EST by Jerry James
Modified: 2008-09-09 12:05 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-09-09 12:05:58 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jerry James 2008-01-20 16:19:33 EST
Description of problem:
I logged into my freshly booted up system, walked away for about 10 minutes,
then came back to find an AVC denial had occurred in my absence.

Source Context:  unconfined_u:system_r:unconfined_t:SystemLow-SystemHigh
Target Context:  unconfined_u:system_r:unconfined_t:SystemLow-SystemHigh
Target Objects:  None [ process ]
Affected RPM Packages:
Policy RPM:  selinux-policy-3.0.8-73.fc8
Selinux Enabled:  True
Policy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Permissive
Plugin Name:  plugins.allow_execheap
Host Name:  localhost.localdomain
Platform:  Linux localhost.localdomain #1 SMP Fri Dec
7 15:49:59 EST 2007 i686 i686
Alert Count:  1
First Seen:  Wed 16 Jan 2008 08:42:07 PM MST
Last Seen:  Wed 16 Jan 2008 08:42:07 PM MST
Local ID:  264c0f89-91de-43d3-a095-50d6636c25d0
Line Numbers:

Raw Audit Messages :

avc: denied { execheap } for comm=gnome-settings- pid=2851
tclass=process tcontext=unconfined_u:system_r:unconfined_t:s0-s0:c0.c1023

PID 2851 didn't exist by the time I was able to check for it.  Asking on
fedora-devel-list led to the suggestion that this is gnome-settings-daemon.

Version-Release number of selected component (if applicable):

How reproducible:
Not at all.  It has never happened before, and I have not been able to provoke
the same behavior since.

Steps to Reproduce:
1. Boot up
2. Login
3. Walk away for about 10 minutes and see if you get lucky.
Actual results:
I got the AVC denial shown above.

Expected results:
No AVC denial

Additional info:

Note You need to log in before you can comment on or make changes to this bug.