Bug 500944 - SELinux prevented kde4-config from writing .kde.
Summary: SELinux prevented kde4-config from writing .kde.
Status: CLOSED DUPLICATE of bug 489093
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2009-05-15 03:55 UTC by Ralf Corsepius
Modified: 2009-05-15 12:52 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2009-05-15 12:52:33 UTC
Type: ---

Attachments (Terms of Use)
Output of sealert -l a4029e06-1fd4-4fc8-8da0-2fc9b1fdc6a9 (2.14 KB, application/octet-stream)
2009-05-15 03:57 UTC, Ralf Corsepius
no flags Details

Description Ralf Corsepius 2009-05-15 03:55:55 UTC
Description of problem:
Upon each reboot an selinux alert similar to this is being issued:
May 15 05:37:25 columbo setroubleshoot: SELinux prevented kde4-config from writing .kde. For complete SELinux messages. run sealert -l a4029e06-1fd4-4fc8-8da0-2fc9b1fdc6a9

Version-Release number of selected component (if applicable):

How reproducible:
Always, on one machine. On a different machine, with a very similar set up, I am not observing this.

Steps to Reproduce:
1. reboot
2. check /var/log/messages
Actual results:
SEalert being risen.

Expected results:
No SEalert.

Additional info:
If I understand correctly, something is trying to run kde4-config during or shortly after bootup as root.

AFAICT, kde4-config wants to write to ~/.kde, i.e. to /root/.kde or even /.kde (In the past, some broken kde apps did so). May-be, selinux is preventing it from doing so, may-be kde4-config segfaults. I am not sure.

Comment 1 Ralf Corsepius 2009-05-15 03:57:56 UTC
Created attachment 344072 [details]
Output of sealert -l a4029e06-1fd4-4fc8-8da0-2fc9b1fdc6a9

Comment 2 Ralf Corsepius 2009-05-15 04:04:32 UTC
Likely a duplicate of 

Comment 3 Ralf Corsepius 2009-05-15 04:07:17 UTC
Correction: My second FC11 test machine now also exposes this issue:

May 15 06:01:38 gunvald setroubleshoot: SELinux prevented kde4-config from writing .kde. For complete SELinux messages. run sealert -l 3f6e9b13-5223-43b6-babe-35a5af18da11

Comment 4 Ralf Corsepius 2009-05-15 05:52:19 UTC
A bewildering observation:

My machines have /home and / on separate logical volumes.

On one of these, when moving /home down in fstab, this sealert goes away, on the other one, this doesn't help:

--- fstab.bak	2009-05-15 07:35:13.000000000 +0200
+++ fstab	2009-05-15 07:35:07.000000000 +0200
@@ -1,5 +1,4 @@
 /dev/VolGroup00/LogVol03 /                       ext3    defaults        1 1
-/dev/VolGroup00/LogVol02 /home                   ext3    defaults        1 1
 UUID=c40d2593-81fc-4f0b-8b81-e1d0bbeb4ceb /boot                   ext3    defaults        1 2
 tmpfs                   /dev/shm                tmpfs   defaults        0 0
 devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
@@ -7,3 +6,4 @@
 proc                    /proc                   proc    defaults        0 0
 /dev/VolGroup00/LogVol01 swap                    swap    defaults        0 0
 /dev/VolGroup00/LogVol00 /opt/fedora/10          ext3    defaults,noauto 0 0
+/dev/VolGroup00/LogVol02 /home                   ext3    defaults        1 1

Comment 5 Ben Levenson 2009-05-15 12:26:47 UTC
copying than

reproduced with the following RPMs:

Comment 6 Rex Dieter 2009-05-15 12:52:33 UTC
Yes, this is the same symptoms of the other bug, duping.

*** This bug has been marked as a duplicate of bug 489093 ***

Note You need to log in before you can comment on or make changes to this bug.