Hash String generated from selinux-policy-3.6.32-24.fc12,file,gdm-session-wor,xdm_t,file_t,file,getattr audit2allow suggests:
\u0421\u0432\u043e\u0434\u043a\u0430: SELinux is preventing access to files with the label, file_t. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435: SELinux permission checks on files labeled file_t are being denied. file_t is the context the SELinux kernel gives to files that do not have a label. This indicates a serious labeling problem. No files on an SELinux box should ever be labeled file_t. If you have just added a new disk drive to the system you can relabel it using the restorecon command. Otherwise you should relabel the entire file system. \u0420\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430: You can execute the following command as root to relabel your computer system: "touch /.autorelabel; reboot" \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f: \u0418\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0435\u043a system_u:system_r:xdm_t:s0-s0:c0.c1023 \u0426\u0435\u043b\u0435\u0432\u043e\u0439 \u041a\u043e\u043d\u0442\u0435\u043a\u0441 system_u:object_r:file_t:s0 \u0426\u0435\u043b\u0435\u0432\u044b\u0435 \u041e\u0431\u044a\u0435\u043a\u0442\u044b /home/pal/.dmrc [ file ] \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a gdm-session-wor \u041f\u0443\u0442\u044c \u043a \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\Uffffffff/usr/libexec/gdm-session-worker \u041f\u043e\u0440\u0442 <\u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e> \u0423\u0437\u0435\u043b (removed) \u0418\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b gdm-2.28.0-9.fc12 \u0426\u0435\u043b\u0435\u0432\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b R RPM \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 selinux-policy-3.6.32-24.fc12 Selinux \u0430\u043a\u0442\u0438\u0432\u043d\u0430 True \u0422\u0438\u043f \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 targeted MLS \u0430\u043a\u0442\u0438\u0432\u043d\u0430 True \u041f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 Enforcing \u0418\u043c\u044f \u0434\u043e\u043f.\u043c\u043e\u0434\u0443\u043b\u044f file \u0418\u043c\u044f \u0445\u043e\u0441\u0442\u0430 (removed) \u041f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Linux localhost.localdomain 2.6.31.1-56.fc12.x86_64 #1 SMP Tue Sep 29 16:16:22 EDT 2009 x86_64 x86_64 \u0421\u0447\u0435\u0442\u0447\u0438\u043a \u0443\u0432\u0435\u0434\u043e\u043c\u043b 2 \u041f\u0435\u0440\u0432\u044b\u0439 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d \u041f\u043d\u0434 26 \u041e\u043a\u0442 2009 02:30:01 \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0437\u0430\u043c\u0435\u0447 \u041f\u043d\u0434 26 \u041e\u043a\u0442 2009 02:30:01 \u041b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 ID 19211fbc-b590-4b5c-8aca-e0e5a85de9e1 \u041d\u043e\u043c\u0435\u0440\u0430 \u0441\u0442\u0440\u043e\u043a \u0421\u044b\u0440\u044b\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f node=localhost.localdomain type=AVC msg=audit(1256517001.998:74027): avc: denied { getattr } for pid=1842 comm="gdm-session-wor" path="/home/pal/.dmrc" dev=md127p5 ino=1231 scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file node=localhost.localdomain type=SYSCALL msg=audit(1256517001.998:74027): arch=c000003e syscall=4 success=no exit=-13 a0=d3d1c0 a1=7fffd1912d30 a2=7fffd1912d30 a3=1 items=0 ppid=1814 pid=1842 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=2 comm="gdm-session-wor" exe="/usr/libexec/gdm-session-worker" subj=system_u:system_r:xdm_t:s0-s0:c0.c1023 key=(null)
The plugin described the problem. You need to relabel. file_t indicates you either have a badly mislaballed system or added a new disk without labelling. You can relabel using fixfiles restore or relabel at boot using touch /.autorelabel; reboot If you just added a new disk without labels you can run restorecon -R -v PATHTODISK
i've just installed f12 beta, and it said it relabeled home during install
Where did the file .dmrc come from. ls -lZ /home/pal/.dmrc What type of file system is /home/pal on? What happens when you execute restorecon -v /home/pal/.dmrc
(In reply to comment #4) > Where did the file .dmrc come from. dunno may be from selecting session type in gdm > ls -lZ /home/pal/.dmrc did it after your reply -rw-r--r--. pal pal system_u:object_r:xdm_home_t:s0 /home/pal/.dmrc > > What type of file system is /home/pal on? ext4 > > What happens when you execute restorecon -v /home/pal/.dmrc i guess its too late now and i didnt ran it myself i pressed button to restore contexts on few other alerts, but i didnt pressed it for this alert since this button replaces button for submitting bug
It seems to be labelled correctly now, so reopen if it happens again.
i made new user, used fast-user-switch, choose kde session in gdm and logged in to test after returning to my gnome i found another alert for his .dmrc, but again now its labelled correctly so, looks like it happens only once for new users
Was the .dmrc labeled file_t?
no, when i checked it already was xdm_home_t
ok, now i did some more checking i had home partition from previous fedora install and it had few users installer said it relabeled home, but now i checked homedir of yet another old user (which wasnt used after reinstall) and it's .dmrc still labeled file_t so it looks like installer bug now
*** Bug 537613 has been marked as a duplicate of this bug. ***