Description of problem: SELinux denied access requested by devkit-power-da. It is not expected that this access is required by devkit-power-da and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: Source Context system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 Target Context system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 Target Objects None [ capability ] Source devkit-power-da Source Path /usr/libexec/devkit-power-daemon Port <Unknown> Host eeepc Source RPM Packages DeviceKit-power-006-3.fc11 Target RPM Packages Policy RPM selinux-policy-3.6.8-3.fc11 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name eeepc Platform Linux eeepc 2.6.29-0.258.rc8.git2.fc11.i586 #1 SMP Mon Mar 16 20:53:59 EDT 2009 i686 i686 Alert Count 1 First Seen Mon 23 Mar 2009 10:40:24 AM CET Last Seen Mon 23 Mar 2009 10:40:24 AM CET Local ID 83f0c517-3c11-4a5f-818f-366b9cce2008 Line Numbers Raw Audit Messages node=eeepc type=AVC msg=audit(1237801224.9:23): avc: denied { sys_nice } for pid=2680 comm="devkit-power-da" capability=23 scontext=system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 tcontext=system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 tclass=capability node=eeepc type=SYSCALL msg=audit(1237801224.9:23): arch=40000003 syscall=3 success=yes exit=211 a0=9 a1=bff73c3c a2=1000 a3=9624b88 items=0 ppid=1 pid=2680 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="devkit-power-da" exe="/usr/libexec/devkit-power-daemon" subj=system_u:system_r:devicekit_power_t:s0-s0:c0.c1023 key=(null)
You can add these rules for now using # grep avc /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp