Description of problem: non-root user is denied ability to mount windows internal HDD. Version-Release number of selected component (if applicable): Fedora 9 x86_64 How reproducible: every time Steps to Reproduce: 1. Under Places, user selects windows media to mount 2. Dialog requests root password to continue. 3. User supplies correct password Actual results: setroubleshooter indicates avc denial for program /usr/libexec/polkit-resolve-exe-helper Expected results: windows media is mounted and made available for use. Additional info: Source Context: system_u:system_r:polkit_resolve_t:s0Target Context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023Target Objects: None [ process ]Source: polkit-resolve-Source Path: /usr/libexec/polkit-resolve-exe-helperPort: <Unknown>Host: minkSource RPM Packages: PolicyKit-0.8-2.fc9Target RPM Packages: Policy RPM: selinux-policy-3.3.1-62.fc9Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: EnforcingPlugin Name: catchallHost Name: minkPlatform: Linux mink 2.6.25.4-30.fc9.x86_64 #1 SMP Wed May 21 17:34:18 EDT 2008 x86_64 x86_64Alert Count: 3First Seen: Thu 12 Jun 2008 09:57:19 AM PDTLast Seen: Thu 12 Jun 2008 10:06:52 AM PDTLocal ID: 18896b9d-4ca5-4b10-af8d-c0de55f5ac09Line Numbers: Raw Audit Messages :host=mink type=AVC msg=audit(1213290412.723:885): avc: denied { ptrace } for pid=21836 comm="polkit-resolve-" scontext=system_u:system_r:polkit_resolve_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process host=mink type=SYSCALL msg=audit(1213290412.723:885): arch=c000003e syscall=89 success=no exit=-13 a0=7fff6e8b3410 a1=7fff6e8b3470 a2=fff a3=7fff6e8b3190 items=0 ppid=2114 pid=21836 auid=4294967295 uid=0 gid=68 euid=0 suid=0 fsuid=0 egid=68 sgid=68 fsgid=68 tty=(none) ses=4294967295 comm="polkit-resolve-" exe="/usr/libexec/polkit-resolve-exe-helper" subj=system_u:system_r:polkit_resolve_t:s0 key=(null)
Fixed in selinux-policy-3.3.1-64.fc9.noarch
Closing all bugs that have been in modified for over a month. Please reopen if the bug is not actually fixed.