The following was filed automatically by setroubleshoot: Summary: SELinux is preventing polkit-gnome-au "getsched" access on <Unknown>. Detailed Description: SELinux denied access requested by polkit-gnome-au. It is not expected that this access is required by polkit-gnome-au and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:policykit_auth_t:s0-s0:c0.c1023 Target Context system_u:system_r:policykit_auth_t:s0-s0:c0.c1023 Target Objects None [ process ] Source polkit-gnome-au Source Path /usr/libexec/polkit-gnome-authentication-agent-1 Port <Unknown> Host (removed) Source RPM Packages polkit-gnome-0.94-3.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.28-9.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.31-0.125.4.2.rc5.git2.fc12.x86_64 #1 SMP Tue Aug 11 21:00:45 EDT 2009 x86_64 x86_64 Alert Count 18 First Seen Mon 31 Aug 2009 10:02:12 AM CEST Last Seen Tue 01 Sep 2009 07:39:57 AM CEST Local ID 74bf49ec-0709-4c76-a847-c95523345d75 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1251783597.227:21): avc: denied { getsched } for pid=1512 comm="polkit-gnome-au" scontext=system_u:system_r:policykit_auth_t:s0-s0:c0.c1023 tcontext=system_u:system_r:policykit_auth_t:s0-s0:c0.c1023 tclass=process node=(removed) type=SYSCALL msg=audit(1251783597.227:21): arch=c000003e syscall=145 success=no exit=-13 a0=5e8 a1=7fb6ca804dd8 a2=d a3=1 items=0 ppid=1470 pid=1512 auid=4294967295 uid=42 gid=482 euid=42 suid=42 fsuid=42 egid=482 sgid=482 fsgid=482 tty=(none) ses=4294967295 comm="polkit-gnome-au" exe="/usr/libexec/polkit-gnome-authentication-agent-1" subj=system_u:system_r:policykit_auth_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= policykit_auth_t ============== allow policykit_auth_t self:process getsched;
Fixed in selinux-policy-3.6.30-1.fc12.noarch But you might need to fix the labeling on /usr/libexec restorecon -R -v /usr/libexec