SELinux enforcing: $ dbus-send --system --print-reply --dest=org.freedesktop.PolicyKit / org.freedesktop.PolicyKit.IsProcessAuthorized string:org.freedesktop.policykit.read uint32:$$ boolean:true Error org.freedesktop.DBus.Error.Spawn.ChildExited: Launch helper exited with unknown return code 1 Raw Audit Messages :host=harryh type=AVC msg=audit(1210325755.432:3447): avc: denied { search } for pid=5430 comm="polkitd" scontext=system_u:system_r:polkit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir host=harryh type=SYSCALL msg=audit(1210325755.432:3447): arch=c000003e syscall=2 success=no exit=-13 a0=328d536ef2 a1=0 a2=2224d10 a3=7fc3d9588780 items=0 ppid=5429 pid=5430 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="polkitd" exe="/usr/libexec/polkitd" subj=system_u:system_r:polkit_t:s0-s0:c0.c1023 key=(null) Raw Audit Messages :host=harryh type=AVC msg=audit(1210325755.400:3446): avc: denied { read } for pid=5430 comm="polkitd" path="inotify" dev=inotifyfs ino=1 scontext=system_u:system_r:polkit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:inotifyfs_t:s0 tclass=dir host=harryh type=SYSCALL msg=audit(1210325755.400:3446): arch=c000003e syscall=59 success=yes exit=0 a0=21a36a0 a1=21a3630 a2=21a3010 a3=328d767a70 items=0 ppid=5429 pid=5430 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="polkitd" exe="/usr/libexec/polkitd" subj=system_u:system_r:polkit_t:s0-s0:c0.c1023 key=(null) Raw Audit Messages :host=harryh type=AVC msg=audit(1210325755.432:3448): avc: denied { setgid } for pid=5430 comm="polkitd" capability=6 scontext=system_u:system_r:polkit_t:s0-s0:c0.c1023 tcontext=system_u:system_r:polkit_t:s0-s0:c0.c1023 tclass=capability host=harryh type=SYSCALL msg=audit(1210325755.432:3448): arch=c000003e syscall=116 success=no exit=-1 a0=1 a1=2225c00 a2=2224d10 a3=7fc3d9588780 items=0 ppid=5429 pid=5430 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="polkitd" exe="/usr/libexec/polkitd" subj=system_u:system_r:polkit_t:s0-s0:c0.c1023 key=(null)
SELinux is preventing polkitd (polkit_t) "search" to <Unknown> (sysctl_kernel_t). SELinux is preventing polkitd (polkit_t) "read" to inotify (inotifyfs_t). SELinux is preventing polkitd (polkit_t) "setgid" to <Unknown> (polkit_t).
-Fixed in selinux-policy-3.3.1-49.fc9