The following was filed automatically by setroubleshoot: Summary: SELinux is preventing /lib/udev/udev-acl "getattr" access on /dev/.udev/db/\x2fdevices\x2fpci0000:00\x2f0000:00:1b.0\x2fsound\x2fcard0\x2fcontrolC0. Detailed Description: SELinux denied access requested by udev-acl.ck. It is not expected that this access is required by udev-acl.ck and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:consolekit_t:s0-s0:c0.c1023 Target Context system_u:object_r:udev_tbl_t:s0 Target Objects /dev/.udev/db/\x2fdevices\x2fpci0000:00\x2f0000:00 :1b.0\x2fsound\x2fcard0\x2fcontrolC0 [ file ] Source udev-acl.ck Source Path /lib/udev/udev-acl Port <Unknown> Host (removed) Source RPM Packages udev-145-7.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.31-3.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.30.5-32.fc11.i586 #1 SMP Mon Aug 17 16:21:07 EDT 2009 i686 i686 Alert Count 3 First Seen Tue 15 Sep 2009 19:09:31 BST Last Seen Tue 15 Sep 2009 21:59:20 BST Local ID 2fd51023-b134-46f1-91be-618aa773e3b4 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1253048360.158:313): avc: denied { getattr } for pid=26401 comm="udev-acl.ck" path="/dev/.udev/db/\x2fdevices\x2fpci0000:00\x2f0000:00:1b.0\x2fsound\x2fcard0\x2fcontrolC0" dev=tmpfs ino=7237 scontext=system_u:system_r:consolekit_t:s0-s0:c0.c1023 tcontext=system_u:object_r:udev_tbl_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1253048360.158:313): arch=40000003 syscall=196 success=no exit=-13 a0=bf9d3ebc a1=bf9d2a58 a2=792ff4 a3=9b7a60c items=0 ppid=1419 pid=26401 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="udev-acl.ck" exe="/lib/udev/udev-acl" subj=system_u:system_r:consolekit_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= consolekit_t ============== allow consolekit_t udev_tbl_t:file getattr;
Bug occurs some 3 hours after simply downloading and installing numerous updates - over 2,800 - relating to FC12.i686.
How is /lib/udev/udev-acl labeled? ls -lZ /lib/udev/udev-acl -rwxr-xr-x. root root system_u:object_r:udev_exec_t:s0 /lib/udev/udev-acl Consolekit is supposed to transition to udev_t which would allow this if the udev-acl has the right label on it
Following comment #1 the downloading of fc12.i686 has been a disaster. White screen of death appeared. As a result I have re-installed fc.11 and all works well. The bug referred to does not now appear or apply.
Mark if you update to Rawhide(F12), you have to be prepared for disasters. :^(
Thanks DW - as a newbie I am not quite sure what you are getting at. Is it because you favour Red Hat as opposed to Fedora or simply because FC12 is Alpha?
No I run rawhide everyday. Rawhide is a half cooked OS. So if you grab an OS during the development stage, you got to expect problems. After all we update it every day. I like all os's. RHEL is great for the enterprise. F10/F11 are great for most users. Rawhide is for the crazies. :^)
Many thanks for comment 6. When I had an "invitation" to upgrade I rather assumed it was fully cooked, as you put it. I shall wait a long time before I put my toe in that particular water.