The following was filed automatically by setroubleshoot: 요약: SELinux is preventing devkit-disks-da (devicekit_disk_t) "net_admin" devicekit_disk_t. 상세 설명: SELinux denied access requested by devkit-disks-da. It is not expected that this access is required by devkit-disks-da and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. 액세스 허용: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. 자세한 정보: 소스 문맥 system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 대상 문맥 system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 대상 객체 None [ capability ] 소스 devkit-disks-da 소스 경로 /usr/libexec/devkit-disks-daemon 포트 <알려지지 않음> 호스트 (removed) 소스 RPM 패키지 DeviceKit-disks-005-2.fc12 대상 RPM 패키지 정책 RPM selinux-policy-3.6.20-2.fc12 Selinux 활성화 True 정책 유형 targeted MLS 활성화 True 강제 모드 Enforcing 플러그인명 catchall 호스트명 (removed) 플랫폼 Linux (removed) 2.6.29.4-167.fc11.x86_64 #1 SMP Wed May 27 17:27:08 EDT 2009 x86_64 x86_64 통지 카운트 2 초기 화면 2009년 07월 05일 (일) 오전 08시 35분 58초 마지막 화면 2009년 07월 05일 (일) 오전 09시 10분 16초 로컬 ID 5e21fb11-dba3-4070-aebc-604a96acbd9d 줄 번호 원 감사 메세지 node=(removed) type=AVC msg=audit(1246752616.480:16): avc: denied { net_admin } for pid=1902 comm="devkit-disks-da" capability=12 scontext=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 tcontext=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 tclass=capability node=(removed) type=SYSCALL msg=audit(1246752616.480:16): arch=c000003e syscall=49 success=yes exit=0 a0=8 a1=2128150 a2=c a3=7fff39892840 items=0 ppid=1 pid=1902 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="devkit-disks-da" exe="/usr/libexec/devkit-disks-daemon" subj=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= devicekit_disk_t ============== allow devicekit_disk_t self:capability net_admin;
Fixed in selinux-policy-3.6.21-1.fc12