Red Hat Bugzilla – Bug 473356
SELinux is preventing nm-system-setti (NetworkManager_t) "read" to ./PolicyKit (polkit_var_run_t).
Last modified: 2008-12-07 02:42:55 EST
Created attachment 324926 [details]
Description of problem:
This one's more for completeness sake, as I see there's no bug against this summary but it is 1 of 3 recurring- the other 2 being Bug 469529 and Bug 469528. My count for the 3:
Bug 469529 105 (last @ Fri 28 Nov 2008 10:01:47 NZDT)
Bug 469528 72 (last @ Fri 28 Nov 2008 09:42:58 NZDT)
Bug "this" 48 (last @ Fri 28 Nov 2008 09:42:58 NZDT)
Version-Release number of selected component (if applicable):
Steps to Reproduce:
[readlegal@morgansmachine ~]$ rpm -q selinux-policy
Do you know what it is trying to read in that directory?
ls -lZ /var/run/PolicyKit
Hmm, this is a little weird - I've noticed over the last couple of days this doesn't occur on the other account I use on this machine, here's the output you asked for from the account that doesn't trigger the rash of selinux alerts above:
[morgan@morgansmachine ~]$ ls -lZ /var/run/PolicyKit
Just install custom policy, since we are not likely to update policy on F8 again.
You can allow this for now.
# audit2allow -M mypol -l -i /var/log/audit/audit.log
# semodule -i mypol.pp
Will fix your problem.
Problem is fixed in F9 and F10.
No problem - thanks