Description of problem:
setroubleshoot browser gave warning, and suggested filing as a bug report.
Problem occurred by 'chsh' to '/bin/tcsh' for the logged in user.



Summary
SELinux prevented /sbin/unix_update from using the terminal .

Detailed Description
SELinux prevented /sbin/unix_update from using the terminal . In most cases
daemons do not need to interact with the terminal, usually these avc messages
can be ignored. All of the confined daemons should have dontaudit rules around
using the terminal. Please file a bug report against this selinux-policy. If you
would like to allow all daemons to interact with the terminal, you can turn on
the allow_daemons_use_tty boolean.

Allowing Access
Changing the "allow_daemons_use_tty" boolean to true will allow this access:
"setsebool -P allow_daemons_use_tty=1.
"The following command will allow this access:setsebool -P allow_daemons_use_tty=1

Additional Information

Source Context:  system_u:system_r:updpwd_t:s0
Target Context:  system_u:object_r:unconfined_devpts_t:s0
Target Objects:  None [ chr_file ]
Affected RPM Packages:  pam-0.99.8.1-10.fc8 [application]
Policy RPM:  selinux-policy-3.0.8-81.fc8
Selinux Enabled:  True
Policy Type:  targeted
MLS Enabled:  True
Enforcing Mode:  Enforcing
Plugin Name:  plugins.allow_daemons_use_tty
Host Name:  falcon.miramar
Platform:  Linux falcon.miramar 2.6.23.14-115.fc8 #1 SMP Mon Jan 21 14:22:56 EST
2008 x86_64 x86_64
Alert Count:  1
First Seen:  Fri 08 Feb 2008 12:20:32 PM GMT
Last Seen:  Fri 08 Feb 2008 12:20:32 PM GMT
Local ID:  b6bb1c39-d8c6-47ad-817b-f0cfa70877e8
Line Numbers:  
Raw Audit Messages 
:avc: denied { read write } for comm=unix_update dev=devpts egid=500 euid=0
exe=/sbin/unix_update exit=0 fsgid=500 fsuid=0 gid=500 items=0 name=2 pid=3370
scontext=system_u:system_r:updpwd_t:s0 sgid=500
subj=system_u:system_r:updpwd_t:s0 suid=0 tclass=chr_file
tcontext=system_u:object_r:unconfined_devpts_t:s0 tty=(none) uid=0