Description of problem: The following messages appears by disabling/enabling firewall on system-config-firewall. type=AVC msg=audit(1210163156.386:110): avc: denied { read write } for pid=71 01 comm="iptables" path="socket:[39235]" dev=sockfs ino=39235 scontext=unconfine d_u:system_r:iptables_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0 :c0.c1023 tclass=unix_stream_socket type=SYSCALL msg=audit(1210163156.386:110): arch=c000003e syscall=59 success=yes exit=0 a0=1e2fea0 a1=1ded460 a2=1de9be0 a3=7fffeaa0fe20 items=0 ppid=7091 pid=7 101 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4 comm="iptables" exe="/sbin/iptables" subj=unconfined_u:system_r:iptables_t :s0 key=(null) Version-Release number of selected component (if applicable): selinux-policy-3.3.1-42.fc9.noarch How reproducible: always Steps to Reproduce: 1.run system-config-firewall on Enforcing mode 2.press Enable/Disable button
You can safely ignore this. Nalin, do you think this could be consolehelper leaking a file descriptor? Akira how do you have authentication setup? ldap? NIS? Local Password?
Only local password is setting up here.
Fixed in selinux-policy-3.3.1-47.fc10.src.rpm