Description of problem: Summary: SELinux is preventing dbus-daemon (xdm_t) "entrypoint" to /usr/libexec/polkit-gnome-manager (bin_t). Detailed Description: SELinux denied access requested by dbus-daemon. It is not expected that this access is required by dbus-daemon and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /usr/libexec/polkit-gnome-manager, restorecon -v '/usr/libexec/polkit-gnome-manager' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:xdm_t:SystemLow-SystemHigh Target Context system_u:object_r:bin_t Target Objects /usr/libexec/polkit-gnome-manager [ file ] Source dbus-daemon Source Path /bin/dbus-daemon Port <Unknown> Host hubmaier.ceplovi.cz Source RPM Packages dbus-1.1.4-1.fc9 Target RPM Packages PolicyKit-gnome-0.7-2.fc9 Policy RPM selinux-policy-3.2.6-2.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name hubmaier.ceplovi.cz Platform Linux hubmaier.ceplovi.cz 2.6.24-9.fc9 #1 SMP Tue Jan 29 17:45:59 EST 2008 x86_64 x86_64 Alert Count 2 First Seen Út 5. únor 2008, 10:55:03 CET Last Seen Út 5. únor 2008, 10:55:09 CET Local ID a1355eb0-00de-40bd-8a66-f40fe0212aef Line Numbers Raw Audit Messages host=hubmaier.ceplovi.cz type=AVC msg=audit(1202205309.413:204): avc: denied { entrypoint } for pid=8908 comm="dbus-daemon" path="/usr/libexec/polkit-gnome-manager" dev=dm-1 ino=1050983 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:bin_t:s0 tclass=file host=hubmaier.ceplovi.cz type=SYSCALL msg=audit(1202205309.413:204): arch=c000003e syscall=59 success=no exit=-13 a0=2aaaaad34700 a1=2aaaaad30c80 a2=2aaaaad34df0 a3=7fff6c456b90 items=0 ppid=8907 pid=8908 auid=4294967295 uid=42 gid=42 euid=42 suid=42 fsuid=42 egid=42 sgid=42 fsgid=42 tty=(none) comm="dbus-daemon" exe="/bin/dbus-daemon" subj=system_u:system_r:xdm_dbusd_t:s0-s0:c0.c1023 key=(null) Version-Release number of selected component (if applicable): selinux-policy-targeted-3.2.6-2.fc9.noarch PolicyKit-0.7-5.fc9.x86_64
Fixed in selinux-policy-3.2.6-6.fc9