Bug 500944 - SELinux prevented kde4-config from writing .kde.
Summary: SELinux prevented kde4-config from writing .kde.
Keywords:
Status: CLOSED DUPLICATE of bug 489093
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-05-15 03:55 UTC by Ralf Corsepius
Modified: 2009-05-15 12:52 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-05-15 12:52:33 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
Output of sealert -l a4029e06-1fd4-4fc8-8da0-2fc9b1fdc6a9 (2.14 KB, application/octet-stream)
2009-05-15 03:57 UTC, Ralf Corsepius 		no flags Details
View All

Description Ralf Corsepius 2009-05-15 03:55:55 UTC 
Description of problem:
Upon each reboot an selinux alert similar to this is being issued:
...
May 15 05:37:25 columbo setroubleshoot: SELinux prevented kde4-config from writing .kde. For complete SELinux messages. run sealert -l a4029e06-1fd4-4fc8-8da0-2fc9b1fdc6a9
...


Version-Release number of selected component (if applicable):
selinux-policy-targeted-3.6.12-34.fc11.noarch
selinux-policy-3.6.12-34.fc11.noarch


How reproducible:
Always, on one machine. On a different machine, with a very similar set up, I am not observing this.

Steps to Reproduce:
1. reboot
2. check /var/log/messages
  
Actual results:
SEalert being risen.

Expected results:
No SEalert.

Additional info:
If I understand correctly, something is trying to run kde4-config during or shortly after bootup as root.

AFAICT, kde4-config wants to write to ~/.kde, i.e. to /root/.kde or even /.kde (In the past, some broken kde apps did so). May-be, selinux is preventing it from doing so, may-be kde4-config segfaults. I am not sure.
Comment 1 Ralf Corsepius 2009-05-15 03:57:56 UTC 
Created attachment 344072 [details]
Output of sealert -l a4029e06-1fd4-4fc8-8da0-2fc9b1fdc6a9
Comment 2 Ralf Corsepius 2009-05-15 04:04:32 UTC 
Likely a duplicate of 
https://bugzilla.redhat.com/show_bug.cgi?id=489093
Comment 3 Ralf Corsepius 2009-05-15 04:07:17 UTC 
Correction: My second FC11 test machine now also exposes this issue:

May 15 06:01:38 gunvald setroubleshoot: SELinux prevented kde4-config from writing .kde. For complete SELinux messages. run sealert -l 3f6e9b13-5223-43b6-babe-35a5af18da11
Comment 4 Ralf Corsepius 2009-05-15 05:52:19 UTC 
A bewildering observation:

My machines have /home and / on separate logical volumes.

On one of these, when moving /home down in fstab, this sealert goes away, on the other one, this doesn't help:

--- fstab.bak	2009-05-15 07:35:13.000000000 +0200
+++ fstab	2009-05-15 07:35:07.000000000 +0200
@@ -1,5 +1,4 @@
 /dev/VolGroup00/LogVol03 /                       ext3    defaults        1 1
-/dev/VolGroup00/LogVol02 /home                   ext3    defaults        1 1
 UUID=c40d2593-81fc-4f0b-8b81-e1d0bbeb4ceb /boot                   ext3    defaults        1 2
 tmpfs                   /dev/shm                tmpfs   defaults        0 0
 devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
@@ -7,3 +6,4 @@
 proc                    /proc                   proc    defaults        0 0
 /dev/VolGroup00/LogVol01 swap                    swap    defaults        0 0
 /dev/VolGroup00/LogVol00 /opt/fedora/10          ext3    defaults,noauto 0 0
+/dev/VolGroup00/LogVol02 /home                   ext3    defaults        1 1
Comment 5 Ben Levenson 2009-05-15 12:26:47 UTC 
copying than

reproduced with the following RPMs:
selinux-policy-targeted-3.6.12-34.fc11.noarch
selinux-policy-3.6.12-34.fc11.noarch
kdelibs-4.2.2-12.fc11.x86_64
Comment 6 Rex Dieter 2009-05-15 12:52:33 UTC 
Yes, this is the same symptoms of the other bug, duping.

*** This bug has been marked as a duplicate of bug 489093 ***
Note You need to log in before you can comment on or make changes to this bug.