The following was filed automatically by setroubleshoot: Summary: SELinux is preventing /usr/libexec/polkit-1/polkitd "search" access on /root. Detailed Description: SELinux denied access requested by polkitd. It is not expected that this access is required by polkitd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:policykit_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_home_dir_t:s0 Target Objects /root [ dir ] Source polkitd Source Path /usr/libexec/polkit-1/polkitd Port <Unknown> Host (removed) Source RPM Packages polkit-0.95-0.git20090913.2.fc12 Target RPM Packages filesystem-2.4.30-2.fc12 Policy RPM selinux-policy-3.6.32-6.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux games1.wolff.to 2.6.31-23.fc12.i686.PAE #1 SMP Wed Sep 16 15:53:47 EDT 2009 i686 i686 Alert Count 2 First Seen Sat 19 Sep 2009 10:31:57 AM CDT Last Seen Sat 19 Sep 2009 11:39:03 AM CDT Local ID 49ea7bb5-6e73-429f-9e99-38935fa1e36a Line Numbers Raw Audit Messages node=games1.wolff.to type=AVC msg=audit(1253378343.997:12): avc: denied { search } for pid=1787 comm="polkitd" name="root" dev=dm-1 ino=89938 scontext=system_u:system_r:policykit_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir node=games1.wolff.to type=SYSCALL msg=audit(1253378343.997:12): arch=40000003 syscall=5 success=no exit=-13 a0=8747ce0 a1=8000 a2=0 a3=8747d08 items=0 ppid=1786 pid=1787 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="polkitd" exe="/usr/libexec/polkit-1/polkitd" subj=system_u:system_r:policykit_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= policykit_t ============== allow policykit_t user_home_dir_t:dir search;
This will be fixed by an update to libsemanage libsemanage-2.0.38-2 genhomedircon restorecon -R -v /root This should happen automatically the next time libsemanage and selinux-policy get updated.
*** Bug 524412 has been marked as a duplicate of this bug. ***