Description of problem: SELinux denied access requested by consoletype. It is not expected that this access is required by consoletype and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Source Context unconfined_u:system_r:consoletype_t:s0 Target Context unconfined_u:unconfined_r:unconfined_t:s0 Target Objects socket [ unix_stream_socket ] Source consoletype Source Path /sbin/consoletype Port <Unknown> Host localhost.localdomain Source RPM Packages initscripts-8.89-1 Target RPM Packages Policy RPM selinux-policy-3.6.5-3.fc11 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.29-0.118.rc5.fc11.x86_64 #1 SMP Fri Feb 13 19:14:27 EST 2009 x86_64 x86_64 Alert Count 2 First Seen 2009년 02월 15일 (일) 오전 09시 36분 31초 Last Seen 2009년 02월 15일 (일) 오후 06시 59분 18초 Local ID 58ebaa2c-dda6-4939-8864-ec385e6ea17c Line Numbers Raw Audit Messages node=localhost.localdomain type=AVC msg=audit(1234691958.358:124): avc: denied { read write } for pid=15337 comm="consoletype" path="socket:[114893]" dev=sockfs ino=114893 scontext=unconfined_u:system_r:consoletype_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=localhost.localdomain type=SYSCALL msg=audit(1234691958.358:124): arch=c000003e syscall=59 success=yes exit=0 a0=943fe0 a1=944040 a2=943bb0 a3=38c536da70 items=0 ppid=15336 pid=15337 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="consoletype" exe="/sbin/consoletype" subj=unconfined_u:system_r:consoletype_t:s0 key=(null) Version-Release number of selected component (if applicable): 3.6.5-3.fc11 How reproducible: Steps to Reproduce: 1. launch system-config-date 2. Clock Setting 3. Actual results: Expected results: Additional info: $ ls -Z /sbin/consoletype -rwxr-xr-x root root system_u:object_r:consoletype_exec_t:s0 /sbin/consoletype
Are you using a Konsole terminal?
(In reply to comment #1) > Are you using a Konsole terminal? No, I use gnome-terminal.
Do you know how you caused this to happen? Were you updating packages?
# grep avc /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Fixed in selinux-policy-3.6.12-3.fc11.noarch