Bug 442130 - SELinux is preventing polkit-resolve- (hald_t) "getattr" to <Unknown> (hald_t).
SELinux is preventing polkit-resolve- (hald_t) "getattr" to <Unknown> (hald_t).
Status: CLOSED DUPLICATE of bug 442074
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks: F9Blocker
  Show dependency treegraph
 
Reported: 2008-04-11 18:25 EDT by petrosyan
Modified: 2008-04-11 23:12 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-04-11 23:12:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description petrosyan 2008-04-11 18:25:27 EDT
Summary:

SELinux is preventing polkit-resolve- (hald_t) "getattr" to <Unknown> (hald_t).

Detailed Description:

SELinux denied access requested by polkit-resolve-. It is not expected that this
access is required by polkit-resolve- and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:hald_t:s0
Target Context                system_u:system_r:hald_t:s0
Target Objects                None [ process ]
Source                        polkit-resolve-
Source Path                   /usr/libexec/polkit-resolve-exe-helper
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           PolicyKit-0.8-0.git20080404.3.fc9
Target RPM Packages           
Policy RPM                    selinux-policy-3.3.1-33.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain
                              2.6.25-0.218.rc8.git7.fc9.x86_64 #1 SMP Wed Apr 9
                              19:55:19 EDT 2008 x86_64 x86_64
Alert Count                   2
First Seen                    Fri 11 Apr 2008 06:07:20 PM EDT
Last Seen                     Fri 11 Apr 2008 06:08:54 PM EDT
Local ID                      79da3f26-34b7-4c97-850d-2bad02293d38
Line Numbers                  

Raw Audit Messages            

host=localhost.localdomain type=AVC msg=audit(1207951734.605:32): avc:  denied 
{ getattr } for  pid=4134 comm="polkit-resolve-"
scontext=system_u:system_r:hald_t:s0 tcontext=system_u:system_r:hald_t:s0
tclass=process

host=localhost.localdomain type=SYSCALL msg=audit(1207951734.605:32):
arch=c000003e syscall=0 success=no exit=-13 a0=4 a1=16c82a0 a2=fff a3=0 items=0
ppid=2138 pid=4134 auid=4294967295 uid=0 gid=68 euid=0 suid=0 fsuid=0 egid=68
sgid=68 fsgid=68 tty=(none) ses=4294967295 comm="polkit-resolve-"
exe="/usr/libexec/polkit-resolve-exe-helper" subj=system_u:system_r:hald_t:s0
key=(null)
Comment 1 David Zeuthen 2008-04-11 18:39:06 EDT
Please file SELinux bugs against SELinux; dwalsh is the only one who can fix this.
Comment 2 petrosyan 2008-04-11 23:12:25 EDT

*** This bug has been marked as a duplicate of 442074 ***

Note You need to log in before you can comment on or make changes to this bug.