Description of problem: SELinux is preventing fprintd (fprintd_t) "read write" system_dbusd_t. Version-Release number of selected component (if applicable): How reproducible: I don't know, I just get the messages from the selinux troubleshooter. Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: Samenvatting: SELinux is preventing fprintd (fprintd_t) "read write" system_dbusd_t. Gedetailleerde omschrijving: SELinux denied access requested by fprintd. It is not expected that this access is required by fprintd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Teogang toestaan: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additionele informatie: Bron context system_u:system_r:fprintd_t:s0-s0:c0.c1023 Doel context system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 Doel objecten socket [ tcp_socket ] Bron fprintd Bron pad /usr/libexec/fprintd Poort <Onbekend> Host host.domain.tld Bron RPM pakketten fprintd-0.1-9.git04fd09cfa.fc11 Doel RPM pakketten Gedragslijn RPM selinux-policy-3.6.12-39.fc11 SELinux aangezet True Gedragslijn type targeted MLS aangezet True Enforcing modus Enforcing Pluginnaam catchall Hostnaam host.domain.tld Platform Linux host.domain.tld 2.6.29.4-167.fc11.i586 #1 SMP Wed May 27 17:14:37 EDT 2009 i686 i686 Aantal waarschuwingen 21 Eerst gezien op za 13 jun 2009 21:41:32 CEST Laatst gezien op zo 14 jun 2009 16:56:43 CEST Locale ID f0ce0eec-e26a-4656-87c9-363308548a74 Regelnummers Onbewerkte audit boodschappen node=fedora11.asenjo.nx type=AVC msg=audit(1244991403.88:28461): avc: denied { read write } for pid=4224 comm="fprintd" path="socket:[8200]" dev=sockfs ino=8200 scontext=system_u:system_r:fprintd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tclass=tcp_socket node=fedora11.asenjo.nx type=SYSCALL msg=audit(1244991403.88:28461): arch=40000003 syscall=11 success=yes exit=0 a0=929ac20 a1=929fec8 a2=929a008 a3=929d358 items=0 ppid=4223 pid=4224 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="fprintd" exe="/usr/libexec/fprintd" subj=system_u:system_r:fprintd_t:s0-s0:c0.c1023 key=(null)
This is a leaked file descriptor in pam_nssldap, I believe
*** This bug has been marked as a duplicate of bug 505517 ***