Summary: SELinux is preventing /usr/bin/kdm "read" access on .dmrc. Detailed Description: SELinux denied access requested by kdm. It is not expected that this access is required by kdm and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Additional Information: Source Context system_u:system_r:xdm_t:s0-s0:c0.c1023 Target Context system_u:object_r:default_t:s0 Target Objects .dmrc [ file ] Source kdm Source Path /usr/bin/kdm Port <Unknown> Host (removed) Source RPM Packages kdm-4.3.2-1.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.32-24.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name (removed) Platform Linux (removed) 2.6.31.1-56.fc12.x86_64 #1 SMP Tue Sep 29 16:16:22 EDT 2009 x86_64 x86_64 Alert Count 2 First Seen Tue 13 Oct 2009 09:31:32 AM BST Last Seen Tue 13 Oct 2009 09:31:40 AM BST Local ID 42f95668-7057-44d7-9489-f4abcdf95895 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1255422700.891:16): avc: denied { read } for pid=1398 comm="kdm" name=".dmrc" dev=sda8 ino=131205 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1255422700.891:16): arch=c000003e syscall=2 success=no exit=-13 a0=41f547 a1=800 a2=0 a3=4000 items=0 ppid=1316 pid=1398 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="kdm" exe="/usr/bin/kdm" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-24.fc12,catchall,kdm,xdm_t,default_t,file,read audit2allow suggests: #============= xdm_t ============== allow xdm_t default_t:file read;
kdm created a directory under /.kde which is wrong. The labels in this directory are wrong, and this is denied access. Probably not blocking you from logging in.
This bug appears to have been reported against 'rawhide' during the Fedora 12 development cycle. Changing version to '12'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
this is likely an artifact of bug #498809 (or similar, init'ing kde4 runtime in kdm context). I'll mark this fixed (please re-open if there's evidence to the contrary this this is still a problem).