Bug 477926 - TID error
TID error
Status: CLOSED INSUFFICIENT_DATA
Product: Fedora
Classification: Fedora
Component: PackageKit (Show other bugs)
10
All Linux
low Severity medium
: ---
: ---
Assigned To: Richard Hughes
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-12-25 12:22 EST by Evan
Modified: 2009-02-16 10:56 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-02-16 10:56:31 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Evan 2008-12-25 12:22:42 EST
Description of problem:Unable to install any items including system updates. This was a fresh install of Fedora 10 I386


Version-Release number of selected component (if applicable):


How reproducible:I've tried a number of different items and site to install with the same results. This includes updating the system.


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:failed to get a TID: A security policy in place prevents this sender from sending this message to this recipient, see message bus configuration file (rejected message had interface "org.freedesktop.PackageKit.Transaction" member "SetLocale" error name "(unset)" destination "org.freedesktop.PackageKit") (0)
Comment 1 Evan 2008-12-27 03:00:11 EST
Summary:

SELinux is preventing updatedb (locate_t) "getattr" to /home/Ev/.gnome2
(unlabeled_t).

Detailed Description:

SELinux denied access requested by updatedb. It is not expected that this access
is required by updatedb and this access may signal an intrusion attempt. It is
also possible that the specific version or configuration of the application is
causing it to require additional access.

Allowing Access:

Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for /home/Ev/.gnome2,

restorecon -v '/home/Ev/.gnome2'

If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:locate_t:s0-s0:c0.c1023
Target Context                system_u:object_r:unlabeled_t:s0
Target Objects                /home/Ev/.gnome2 [ dir ]
Source                        updatedb
Source Path                   /usr/bin/updatedb
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           mlocate-0.21.1-1
Target RPM Packages           
Policy RPM                    selinux-policy-3.5.13-18.fc10
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall_file
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.27.5-117.fc10.i686
                              #1 SMP Tue Nov 18 12:19:59 EST 2008 i686 athlon
Alert Count                   17
First Seen                    Wed 10 Dec 2008 04:04:11 AM EST
Last Seen                     Fri 26 Dec 2008 04:02:10 AM EST
Local ID                      df95fb27-5dca-4237-9bd9-42d4b3f68e4a
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1230282130.335:438): avc:  denied  { getattr } for  pid=20367 comm="updatedb" path="/home/Ev/.gnome2" dev=dm-3 ino=22528009 scontext=system_u:system_r:locate_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir

node=localhost.localdomain type=SYSCALL msg=audit(1230282130.335:438): arch=40000003 syscall=196 success=no exit=-13 a0=857f595 a1=bfa6f9c8 a2=579ff4 a3=857f595 items=0 ppid=20361 pid=20367 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=61 comm="updatedb" exe="/usr/bin/updatedb" subj=system_u:system_r:locate_t:s0-s0:c0.c1023 key=(null)
Comment 2 Evan 2009-01-04 23:43:10 EST
failed to get a TID: A security policy in place prevents this sender from sending this message to this recipient, see message bus configuration file (rejected message had interface "org.freedesktop.PackageKit.Transaction" member "SetLocale" error name "(unset)" destination "org.freedesktop.PackageKit") (0)
Comment 3 Richard Hughes 2009-01-14 08:35:23 EST
Evan, as root do "yum update PackageKit" and then reboot when complete. Does this fix things?

Note You need to log in before you can comment on or make changes to this bug.