The following was filed automatically by setroubleshoot: Summary: SELinux is preventing devkit-disks-he "setuid" access on <Unknown>. Detailed Description: [devkit-disks-he has a permissive type (devicekit_disk_t). This access was not denied.] SELinux denied access requested by devkit-disks-he. It is not expected that this access is required by devkit-disks-he and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 Target Context system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 Target Objects None [ capability ] Source devkit-disks-he Source Path /usr/libexec/devkit-disks-helper-fstab-mounter Port <Unknown> Host (removed) Source RPM Packages DeviceKit-disks-006-1.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.30-2.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.31-0.204.rc9.fc12.i686 #1 SMP Sat Sep 5 21:01:10 EDT 2009 i686 athlon Alert Count 1 First Seen Sun 06 Sep 2009 03:36:36 PM CLT Last Seen Sun 06 Sep 2009 03:36:36 PM CLT Local ID 2ba1959a-9d7d-42cc-8a48-94920802e8ba Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1252265796.314:22): avc: denied { setuid } for pid=1762 comm="devkit-disks-he" capability=7 scontext=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 tcontext=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 tclass=capability node=(removed) type=SYSCALL msg=audit(1252265796.314:22): arch=40000003 syscall=213 success=yes exit=0 a0=1f4 a1=434ff4 a2=1f4 a3=1 items=0 ppid=1596 pid=1762 auid=4294967295 uid=500 gid=0 euid=500 suid=500 fsuid=500 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="devkit-disks-he" exe="/usr/libexec/devkit-disks-helper-fstab-mounter" subj=system_u:system_r:devicekit_disk_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= devicekit_disk_t ============== allow devicekit_disk_t self:capability setuid;
happened just after booting. things i did before restart that may have caused this: -added a fat32 partition of one of my hd's to fstab so that it would load automatically (forgot to create the mount point though, xD)
ok, sort of fixed, just removed the defauts option on the fstab, so that it wouldnt let execute things from my mounted fat32 drive... :D
Fixed in selinux-policy-3.6.30-5.fc12.noarch