Zusammenfassung: SELinux is preventing /usr/bin/python "write" access. Detaillierte Beschreibung: [system-config-k hat einen toleranten Typ (kdumpgui_t). Dieser Zugriff wurde nicht verweigert.] SELinux denied access requested by system-config-k. It is not expected that this access is required by system-config-k and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Zugriff erlauben: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Zusätzliche Informationen: Quellkontext system_u:system_r:kdumpgui_t:s0-s0:c0.c1023 Zielkontext system_u:system_r:kdumpgui_t:s0-s0:c0.c1023 Zielobjekte None [ unix_dgram_socket ] Quelle system-config-k Quellen-Pfad /usr/bin/python Port <Unbekannt> Host (removed) Quellen-RPM-Pakete python-2.6.2-2.fc12 Ziel-RPM-Pakete RPM-Richtlinie selinux-policy-3.6.32-46.fc12 SELinux aktiviert True Richtlinienversion targeted Enforcing-Modus Enforcing Plugin-Name catchall Hostname (removed) Plattform Linux (removed) 2.6.31.6-144.fc12.x86_64 #1 SMP Fri Nov 20 18:32:50 EST 2009 x86_64 x86_64 Anzahl der Alarme 1 Zuerst gesehen Sa 21 Nov 2009 20:01:28 CET Zuletzt gesehen Sa 21 Nov 2009 20:01:28 CET Lokale ID bea6378b-5065-4f40-b517-22d93faa7701 Zeilennummern Raw-Audit-Meldungen node=(removed) type=AVC msg=audit(1258830088.244:239): avc: denied { write } for pid=21678 comm="system-config-k" scontext=system_u:system_r:kdumpgui_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kdumpgui_t:s0-s0:c0.c1023 tclass=unix_dgram_socket node=(removed) type=SYSCALL msg=audit(1258830088.244:239): arch=c000003e syscall=44 success=yes exit=4294967424 a0=3 a1=96d010 a2=88 a3=4000 items=0 ppid=21677 pid=21678 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="system-config-k" exe="/usr/bin/python" subj=system_u:system_r:kdumpgui_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-46.fc12,catchall,system-config-k,kdumpgui_t,kdumpgui_t,unix_dgram_socket,write audit2allow suggests: #============= kdumpgui_t ============== allow kdumpgui_t self:unix_dgram_socket write;
*** This bug has been marked as a duplicate of bug 539959 ***