Description of problem: SELinux is preventing consoletype (consoletype_t) "read write" unconfined_t. Version-Release number of selected component (if applicable): initscripts-8.90-1.i586 How reproducible: always Steps to Reproduce: 1.open xterm, then su - 2.service avahi-daemon status 3. Actual results: avc Expected results: no avc Additional info: Summary: SELinux is preventing consoletype (consoletype_t) "read write" unconfined_t. Detailed Description: SELinux denied access requested by consoletype. It is not expected that this access is required by consoletype and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context unconfined_u:system_r:consoletype_t:s0 Target Context unconfined_u:unconfined_r:unconfined_t:s0 Target Objects socket [ unix_stream_socket ] Source consoletype Source Path /sbin/consoletype Port <Unknown> Host walnut Source RPM Packages initscripts-8.90-1 Target RPM Packages Policy RPM selinux-policy-3.6.8-3.fc11 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name walnut Platform Linux walnut 2.6.29-0.237.rc7.git4.fc11.i586 #1 SMP Wed Mar 11 18:55:21 EDT 2009 i686 i686 Alert Count 4 First Seen Sun 15 Mar 2009 06:04:58 PM CDT Last Seen Sun 15 Mar 2009 07:28:20 PM CDT Local ID 770a0691-71c5-4325-b75e-3f1b2da5b7b2 Line Numbers Raw Audit Messages node=walnut type=AVC msg=audit(1237163300.849:134): avc: denied { read write } for pid=3290 comm="consoletype" path="socket:[12796]" dev=sockfs ino=12796 scontext=unconfined_u:system_r:consoletype_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=walnut type=AVC msg=audit(1237163300.849:134): avc: denied { read write } for pid=3290 comm="consoletype" path="socket:[12810]" dev=sockfs ino=12810 scontext=unconfined_u:system_r:consoletype_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=unix_stream_socket node=walnut type=SYSCALL msg=audit(1237163300.849:134): arch=40000003 syscall=11 success=yes exit=0 a0=833c068 a1=8337ca0 a2=833bd80 a3=8337ca0 items=0 ppid=3289 pid=3290 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="consoletype" exe="/sbin/consoletype" subj=unconfined_u:system_r:consoletype_t:s0 key=(null)
This is being caused by the same leaked descriptor as your other bug report. Closing a dup. *** This bug has been marked as a duplicate of bug 490386 ***