Summary: SELinux is preventing hcid(/usr/sbin/hcid) (bluetooth_t) "dac_override" to <Unknown> (bluetooth_t). Detailed Description: [SELinux in permissive mode, the operation would have been denied but was permitted due to enforcing mode.] SELinux denied access requested by hcid(/usr/sbin/hcid). It is not expected that this access is required by hcid(/usr/sbin/hcid) and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context unconfined_u:system_r:bluetooth_t Target Context unconfined_u:system_r:bluetooth_t Target Objects None [ capability ] Source hcid(/usr/sbin/hcid) Port <Unknown> Host viklef.ceplovi.cz Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.0.8-81.fc8 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name catchall Host Name viklef.ceplovi.cz Platform Linux viklef.ceplovi.cz 2.6.23.14-107.fc8 #1 SMP Mon Jan 14 21:37:30 EST 2008 i686 i686 Alert Count 1 First Seen Čt 31. leden 2008, 00:58:50 CET Last Seen Čt 31. leden 2008, 00:58:50 CET Local ID 8bac8eef-20b1-4c07-9013-c5232b8d202d Line Numbers Raw Audit Messages host=viklef.ceplovi.cz type=AVC msg=audit(1201737530.859:1097): avc: denied { dac_override } for pid=28831 comm="hcid" capability=1 scontext=unconfined_u:system_r:bluetooth_t:s0 tcontext=unconfined_u:system_r:bluetooth_t:s0 tclass=capability host=viklef.ceplovi.cz type=SYSCALL msg=audit(1201737530.859:1097): arch=40000003 syscall=5 success=yes exit=12 a0=b7fc01f5 a1=241 a2=100 a3=bfccaae4 items=0 ppid=1 pid=28831 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hcid" exe="/usr/sbin/hcid" subj=unconfined_u:system_r:bluetooth_t:s0 key=(null) Version-Release number of selected component (if applicable): bluez-utils-3.20-6.fc8 selinux-policy-targeted-3.0.8-81.fc8
I don't understand what that means.
It means hcid is trying to do something with an object that it is not owned by root. Added to policy in Fixed in selinux-policy-3.2.5-23.fc9
CLosed as this should be fixed in rawhide. If this problem persists please reopen the bugzilla.