Description of problem: SELinux is preventing polkitd (polkit_t) "setuid" to <Unknown> (polkit_t). Source Context: system_u:system_r:polkit_t:s0-s0:c0.c1023Target Context: system_u:system_r:polkit_t:s0-s0:c0.c1023Target Objects: None [ capability ]Source: polkitdSource Path: /usr/libexec/polkitdPort: <Unknown>Host: compnew.djbron.comSource RPM Packages: PolicyKit-0.9-2.fc10Target RPM Packages: Policy RPM: selinux-policy-3.5.1-4.fc10Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: EnforcingPlugin Name: catchallHost Name: compnew.djbron.comPlatform: Linux compnew.djbron.com 2.6.27-0.166.rc0.git8.fc10.i686 #1 SMP Mon Jul 21 20:51:26 EDT 2008 i686 i686Alert Count: 3First Seen: Sun 21 Sep 2008 01:14:20 PM CESTLast Seen: Sun 21 Sep 2008 03:15:16 PM CESTLocal ID: ec31262e-3146-4662-afb6-258d3dd53ebfLine Numbers: Raw Audit Messages :host=compnew.djbron.com type=AVC msg=audit(1222002916.876:44): avc: denied { setuid } for pid=4286 comm="polkitd" capability=7 scontext=system_u:system_r:polkit_t:s0-s0:c0.c1023 tcontext=system_u:system_r:polkit_t:s0-s0:c0.c1023 tclass=capability host=compnew.djbron.com type=SYSCALL msg=audit(1222002916.876:44): arch=40000003 syscall=213 success=no exit=-1 a0=57 a1=40 a2=6cd934 a3=bffd8d60 items=0 ppid=4285 pid=4286 auid=4294967295 uid=0 gid=87 euid=0 suid=0 fsuid=0 egid=87 sgid=87 fsgid=87 tty=(none) ses=4294967295 comm="polkitd" exe="/usr/libexec/polkitd" subj=system_u:system_r:polkit_t:s0-s0:c0.c1023 key=(null) Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Attempt to run Services Service Management 2. 3. Actual results: Expected results: Additional info:
Fixed in selinux-policy-3.5.8-4.fc10.noarch