The following was filed automatically by setroubleshoot: Summary: SELinux is preventing the kdm from using potentially mislabeled files (/home/steve/.Xauthority). Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux has denied kdm access to potentially mislabeled file(s) (/home/steve/.Xauthority). This means that SELinux will not allow kdm to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access: If you want kdm to access this files, you need to relabel them using restorecon -v '/home/steve/.Xauthority'. You might want to relabel the entire directory using restorecon -R -v '/home/steve'. Additional Information: Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:xauth_home_t:s0 Target Objects /home/steve/.Xauthority [ file ] Source kdm Source Path /usr/bin/kdm Port <Unknown> Host (removed) Source RPM Packages kdm-4.3.0-11.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.28-8.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name home_tmp_bad_labels Host Name (removed) Platform Linux (removed) 2.6.31-0.180.rc7.git4.fc12.i686 #1 SMP Wed Aug 26 16:30:44 EDT 2009 i686 athlon Alert Count 2 First Seen Sat 29 Aug 2009 03:17:46 PM BST Last Seen Sat 29 Aug 2009 03:44:19 PM BST Local ID 5d428b66-8fcc-4e4c-9605-333390842051 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1251557059.757:20083): avc: denied { getattr } for pid=1984 comm="kdm" path="/home/steve/.Xauthority" dev=dm-0 ino=21417 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:xauth_home_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1251557059.757:20083): arch=40000003 syscall=197 success=yes exit=0 a0=7 a1=bff6cd20 a2=541ff4 a3=8fee8d8 items=0 ppid=1944 pid=1984 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=2 comm="kdm" exe="/usr/bin/kdm" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= xdm_t ============== allow xdm_t xauth_home_t:file getattr;
*** This bug has been marked as a duplicate of bug 521449 ***