The following was filed automatically by setroubleshoot: Summary: SELinux is preventing the kdm from using potentially mislabeled files (/root). Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux has denied kdm access to potentially mislabeled file(s) (/root). This means that SELinux will not allow kdm to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access: If you want kdm to access this files, you need to relabel them using restorecon -v '/root'. You might want to relabel the entire directory using restorecon -R -v '/root'. Additional Information: Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context system_u:object_r:admin_home_t:s0 Target Objects /root [ dir ] Source kdm Source Path /usr/bin/kdm Port <Unknown> Host (removed) Source RPM Packages kdm-4.3.1-1.fc12 Target RPM Packages filesystem-2.4.30-2.fc12 Policy RPM selinux-policy-3.6.30-2.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name home_tmp_bad_labels Host Name (removed) Platform Linux (removed) 2.6.31-0.199.rc8.git2.fc12.i686 #1 SMP Wed Sep 2 21:10:11 EDT 2009 i686 athlon Alert Count 149 First Seen Mon 24 Aug 2009 06:30:06 AM BST Last Seen Sat 05 Sep 2009 11:56:22 PM BST Local ID 5adb73d8-d69a-451e-8a23-a712a60f45c8 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1252191382.525:18): avc: denied { write } for pid=1336 comm="kdm" name="root" dev=dm-0 ino=261 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1252191382.525:18): avc: denied { remove_name } for pid=1336 comm="kdm" name=".Xauthority-c" dev=dm-0 ino=8663 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1252191382.525:18): avc: denied { unlink } for pid=1336 comm="kdm" name=".Xauthority-c" dev=dm-0 ino=8663 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xauth_home_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1252191382.525:18): arch=40000003 syscall=10 success=yes exit=0 a0=bfce618b a1=0 a2=da6bb8 a3=1 items=0 ppid=1245 pid=1336 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="kdm" exe="/usr/bin/kdm" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= xdm_t ============== allow xdm_t admin_home_t:dir { write remove_name }; allow xdm_t xauth_home_t:file unlink;
You are logging into a X Windows system as root, this is not supported in SELinux. Can't fix. It is not a good idea to login as root via X Windows.
*** Bug 521448 has been marked as a duplicate of this bug. ***
*** Bug 521447 has been marked as a duplicate of this bug. ***
*** Bug 521446 has been marked as a duplicate of this bug. ***
*** Bug 521445 has been marked as a duplicate of this bug. ***
*** Bug 521444 has been marked as a duplicate of this bug. ***
*** Bug 521443 has been marked as a duplicate of this bug. ***
*** Bug 521442 has been marked as a duplicate of this bug. ***