Summary: SELinux is preventing the /usr/bin/xauth from using potentially mislabeled files (xauth.XXXXWeMjga). Detailed Description: SELinux has denied xauth access to potentially mislabeled file(s) (xauth.XXXXWeMjga). This means that SELinux will not allow xauth to use these files. It is common for users to edit files in their home directory or tmp directories and then move (mv) them to system directories. The problem is that the files end up with the wrong file context which confined applications are not allowed to access. Allowing Access: If you want xauth to access this files, you need to relabel them using restorecon -v 'xauth.XXXXWeMjga'. You might want to relabel the entire directory using restorecon -R -v ''. Additional Information: Source Context unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_tmp_t:s0 Target Objects xauth.XXXXWeMjga [ file ] Source xauth Source Path /usr/bin/xauth Port <Unknown> Host (removed) Source RPM Packages xorg-x11-xauth-1.0.2-7.fc12 Target RPM Packages Policy RPM selinux-policy-3.6.32-37.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name home_tmp_bad_labels Host Name (removed) Platform Linux (removed) 2.6.31.1-56.fc12.i686 #1 SMP Tue Sep 29 16:32:02 EDT 2009 i686 i686 Alert Count 1 First Seen Thu 05 Nov 2009 00:36:53 GMT Last Seen Thu 05 Nov 2009 00:36:53 GMT Local ID 8efc1360-95b5-4a59-9f4d-a9b33a55f2ea Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1257381413.236:64): avc: denied { unlink } for pid=5610 comm="xauth" name="xauth.XXXXWeMjga" dev=sda2 ino=95911 scontext=unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1257381413.236:64): arch=40000003 syscall=10 success=no exit=-13 a0=829c008 a1=1 a2=0 a3=829c102 items=0 ppid=5609 pid=5610 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts3 ses=1 comm="xauth" exe="/usr/bin/xauth" subj=unconfined_u:unconfined_r:xauth_t:s0-s0:c0.c1023 key=(null) To reproduce : kde : systemsettings - time and date - select the Area London - tick set date and time automatically - click apply. Can't use ntp properly in kde because of this bug. Hash String generated from selinux-policy-3.6.32-37.fc12,home_tmp_bad_labels,xauth,xauth_t,user_tmp_t,file,unlink audit2allow suggests: #============= xauth_t ============== allow xauth_t user_tmp_t:file unlink;
*** This bug has been marked as a duplicate of bug 532748 ***