Bug 518852 - SELinux denied access requested by polkit-resolve-
SELinux denied access requested by polkit-resolve-
Status: CLOSED DUPLICATE of bug 518851
Product: Fedora
Classification: Fedora
Component: polkit (Show other bugs)
11
i386 Linux
low Severity medium
: ---
: ---
Assigned To: David Zeuthen
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-08-23 11:29 EDT by faith
Modified: 2013-03-05 22:59 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-11-20 17:40:09 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description faith 2009-08-23 11:29:41 EDT
Description of problem:  SELinux denied access requested by polkit-resolve-


Version-Release number of selected component (if applicable):


How reproducible: not sure - didn't seem to keep me from doing anything at the time so I didn't stop to look at error immediately; have had so many seemingly unnotable errors, got to where I just click thru them, just trying to get my work done (!)


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Summary:

SELinux is preventing polkit-resolve- (polkit_resolve_t) "getattr" fs_t.

Detailed Description:

SELinux denied access requested by polkit-resolve-. It is not expected that this
access is required by polkit-resolve- and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:polkit_resolve_t:s0-s0:c0.c1023
Target Context                system_u:object_r:fs_t:s0
Target Objects                / [ filesystem ]
Source                        polkit-resolve-
Source Path                   <Unknown>
Port                          <Unknown>
Host                          localhost.localdomain
Source RPM Packages           
Target RPM Packages           filesystem-2.4.21-1.fc11
Policy RPM                    selinux-policy-3.6.12-62.fc11
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 2.6.29.5-191.fc11.i586
                              #1 SMP Tue Jun 16 23:11:39 EDT 2009 i686 i686
Alert Count                   5
First Seen                    Fri 24 Jul 2009 07:21:04 PM EDT
Last Seen                     Fri 24 Jul 2009 07:31:49 PM EDT
Local ID                      50b25e17-50c5-4137-9bd4-9bee175824e6
Line Numbers                  

Raw Audit Messages            

node=localhost.localdomain type=AVC msg=audit(1248478309.547:713): avc:  denied  { getattr } for  pid=15064 comm="polkit-resolve-" name="/" dev=dm-0 ino=2 scontext=system_u:system_r:polkit_resolve_t:s0-s0:c0.c1023 tcontext=system_u:object_r:fs_t:s0 tclass=filesystem
Comment 1 faith 2009-09-16 18:51:11 EDT
please advise if I should no longer worry about this - last seen 8/27 per SELinux troubleshooting reports, but having so much trouble with crashing and rebooting that I wonder if it could somehow still be preventing something.  thanks
Comment 2 Michal Schmidt 2009-11-20 17:40:09 EST

*** This bug has been marked as a duplicate of bug 518851 ***

Note You need to log in before you can comment on or make changes to this bug.