Description of problem: SELinux denied access requested by ck-get-x11-serv. It is not expected that this access is required by ck-get-x11-serv and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Version-Release number of selected component (if applicable): F11 beta Additional Information: Source Context: system_u:system_r:consolekit_t:s0-s0:c0.c1023Target Context: system_u:object_r:xdm_var_run_t:s0Target Objects: gdm [ dir ]Source: ck-get-x11-servSource Path: /usr/libexec/ck-get-x11-server-pidPort: <Unknown>Host: hawkSource RPM Packages: ConsoleKit-x11-0.3.0-7.fc11Target RPM Packages: Policy RPM: selinux-policy-3.6.12-4.fc11Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: EnforcingPlugin Name: catchallHost Name: hawkPlatform: Linux hawk 2.6.29.1-70.fc11.x86_64 #1 SMP Mon Apr 13 14:16:25 EDT 2009 x86_64 x86_64Alert Count: 11First Seen: Sat 18 Apr 2009 16:49:26 BSTLast Seen: Mon 20 Apr 2009 22:31:47 BSTLocal ID: 5367fe33-ea58-407d-8b49-7188a5f2d4ebLine Numbers: Raw Audit Messages :node=hawk type=AVC msg=audit(1240263107.836:14): avc: denied { search } for pid=2732 comm="ck-get-x11-serv" name="gdm" dev=sda7 ino=745140 scontext=system_u:system_r:consolekit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_run_t:s0 tclass=dir node=hawk type=SYSCALL msg=audit(1240263107.836:14): arch=c000003e syscall=21 success=no exit=-13 a0=7fffdf217fab a1=4 a2=0 a3=7fffdf2158a0 items=0 ppid=2727 pid=2732 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ck-get-x11-serv" exe="/usr/libexec/ck-get-x11-server-pid" subj=system_u:system_r:consolekit_t:s0-s0:c0.c1023 key=(null)
Fixed in selinux-policy-3.6.12-9.fc11